Trojaner-Board - ständiger Systemabsturz Win 7 home premium, 32 Bit

hoffe das ist nun so richtig (und nützlich) :

Code:

OTL logfile created on: 7/2/2012 11:29:11 AM - Run 1

OTL by OldTimer - Version 3.2.53.1     Folder = C:\Users\Sandra\Downloads

 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy

 

3.36 Gb Total Physical Memory | 2.46 Gb Available Physical Memory | 73.01% Memory free

6.73 Gb Paging File | 5.37 Gb Available in Paging File | 79.80% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files

Drive C: | 151.00 Gb Total Space | 75.39 Gb Free Space | 49.93% Space Free | Partition Type: NTFS

Drive D: | 294.66 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: NTFS

 

Computer Name: SANDRA-NOTEBOOK | User Name: Sandra | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012/07/02 10:31:59 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Sandra\Downloads\OTL.exe

PRC - [2012/06/03 19:15:21 | 003,905,920 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

PRC - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

PRC - [2012/05/03 18:37:50 | 020,221,792 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~1\AD-AWA~1\AdAware.exe

PRC - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

PRC - [2011/10/21 11:09:36 | 000,198,032 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe

PRC - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

PRC - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

PRC - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

PRC - [2011/07/10 10:34:50 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe

PRC - [2011/06/24 06:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2011/05/11 20:30:00 | 004,999,976 | ---- | M] (Synaptics Incorporated) -- C:\Program Files\Synaptics\Scrybe\scrybe.exe

PRC - [2011/05/11 20:30:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe

PRC - [2011/04/30 03:51:36 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe

PRC - [2011/02/25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2011/01/21 19:05:02 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\System32\nlssrv32.exe

PRC - [2011/01/10 15:22:55 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

PRC - [2010/11/20 14:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) -- C:\Windows\System32\FsUsbExService.Exe

PRC - [2010/05/06 08:44:44 | 001,749,504 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe

PRC - [2010/04/16 18:56:44 | 000,644,384 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

PRC - [2010/04/07 15:40:06 | 000,843,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe

PRC - [2010/02/10 16:29:52 | 000,719,360 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe

PRC - [2010/01/19 04:34:48 | 002,201,192 | ---- | M] (SEC) -- C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe

PRC - [2010/01/14 22:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

PRC - [2009/12/31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager\ouc.exe

PRC - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () -- C:\Windows\System32\Rezip.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012/07/01 21:37:35 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll

MOD - [2012/07/01 21:37:35 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll

MOD - [2011/10/11 22:00:31 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL

MOD - [2011/10/11 22:00:31 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll

MOD - [2011/03/31 19:31:02 | 000,066,856 | ---- | M] () -- C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll

MOD - [2006/08/12 05:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012/06/17 19:26:19 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012/05/03 18:37:54 | 001,226,096 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)

SRV - [2012/02/29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2011/12/19 13:20:06 | 003,289,032 | ---- | M] (GFI Software) [Auto | Stopped] -- C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)

SRV - [2011/12/15 19:29:42 | 000,014,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)

SRV - [2011/10/01 09:30:42 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)

SRV - [2011/10/01 09:30:36 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)

SRV - [2011/08/12 01:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)

SRV - [2011/07/10 10:34:50 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011/05/11 20:30:00 | 001,300,264 | ---- | M] (Synaptics, Inc.) [Auto | Running] -- C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe -- (ScrybeUpdater)

SRV - [2011/04/30 03:51:36 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2011/02/23 21:50:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)

SRV - [2011/01/21 19:05:02 | 000,064,512 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\System32\nlssrv32.exe -- (nlsX86cc)

SRV - [2010/07/04 20:07:40 | 000,238,952 | ---- | M] (Teruten) [Auto | Running] -- C:\Windows\System32\FsUsbExService.Exe -- (FsUsbExService)

SRV - [2010/04/16 18:56:44 | 000,644,384 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)

SRV - [2009/07/14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009/07/14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)

SRV - [2009/03/05 11:54:50 | 000,311,296 | ---- | M] () [Auto | Running] -- C:\Windows\System32\Rezip.exe -- (Rezip)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - [2011/12/19 12:44:24 | 000,223,864 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\SbFw.sys -- (SbFw)

DRV - [2011/12/19 12:44:24 | 000,093,816 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbhips.sys -- (sbhips)

DRV - [2011/12/19 12:44:24 | 000,072,312 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sbwtis.sys -- (sbwtis)

DRV - [2011/12/15 19:29:42 | 000,026,624 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901.sys -- (tap0901)

DRV - [2011/11/29 06:59:52 | 000,077,816 | ---- | M] (GFI Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\sbapifs.sys -- (sbapifs)

DRV - [2011/10/26 14:23:40 | 000,101,112 | ---- | M] (GFI Software) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\SBREDrv.sys -- (SBRE)

DRV - [2011/10/01 09:30:42 | 000,019,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftvollh.sys -- (Sftvol)

DRV - [2011/10/01 09:30:40 | 000,021,864 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\Sftredirlh.sys -- (Sftredir)

DRV - [2011/10/01 09:30:38 | 000,194,408 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftplaylh.sys -- (Sftplay)

DRV - [2011/10/01 09:30:36 | 000,579,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Sftfslh.sys -- (Sftfs)

DRV - [2011/09/29 12:16:18 | 000,094,584 | ---- | M] (GFI Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCLMP)

DRV - [2011/09/29 12:16:18 | 000,094,584 | ---- | M] (GFI Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\SbFwIm.sys -- (SBFWIMCL)

DRV - [2011/07/22 18:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS -- (SASDIFSV)

DRV - [2011/07/12 23:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)

DRV - [2011/07/10 10:34:50 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2011/07/10 10:34:50 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2010/11/20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010/11/20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010/09/15 03:03:09 | 000,015,656 | ---- | M] (Windows (R) 2003 DDK 3790 provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rtport.sys -- (rtport)

DRV - [2010/06/17 15:27:02 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010/06/14 10:32:54 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)

DRV - [2010/05/12 12:14:58 | 000,121,576 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)

DRV - [2010/05/12 12:14:58 | 000,098,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)

DRV - [2010/05/12 12:14:56 | 000,096,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)

DRV - [2010/05/12 12:14:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)

DRV - [2010/05/12 12:14:54 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)

DRV - [2010/02/27 02:31:22 | 000,132,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Impcd.sys -- (Impcd)

DRV - [2010/02/11 04:17:24 | 009,936,584 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2009/11/12 22:14:30 | 000,066,664 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2009/10/21 17:16:08 | 000,198,656 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbnet.sys -- (ewusbnet)

DRV - [2009/10/12 15:22:56 | 000,101,120 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbdev.sys -- (hwusbdev)

DRV - [2009/09/28 11:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)

DRV - [2009/09/10 15:31:48 | 000,102,912 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ewusbmdm.sys -- (hwdatacard)

DRV - [2009/07/14 01:54:16 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb8023.sys -- (USB_RNDIS)

DRV - [2008/12/08 17:21:18 | 000,110,080 | ---- | M] (ZTE Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnet.sys -- (ZTEusbnet)

DRV - [2008/12/08 17:21:18 | 000,105,344 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)

DRV - [2008/12/08 17:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\zteusbvoice.sys -- (ZTEusbvoice)

DRV - [2008/12/08 17:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)

DRV - [2008/12/08 17:21:18 | 000,104,960 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)

DRV - [2008/12/08 17:21:18 | 000,007,680 | R--- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter.sys -- (massfilter)

DRV - [2008/10/09 13:50:08 | 000,022,528 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Unknown] -- C:\Windows\System32\drivers\BMLoad.sys -- (BMLoad)

DRV - [2008/10/09 13:50:04 | 000,018,816 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Stopped] -- C:\windows\System32\drivers\tcpipBM.sys -- (tcpipBM)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.ask.com/?l=dis&o=1586&gct=hp

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\URLSearchHook: {ff88a983-649d-4207-9336-9b999280b436} - No CLSID value found

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3031778

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\SearchScopes\{C0B6FD25-BB4E-4108-921C-0848B2E7E369}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=DVS2&o=1586&src=crm&q={searchTerms}&locale=&apn_ptnrs=^AAA&apn_dtid=^YYYYYY^YY^AT&apn_uid=f1d5defc-1291-40c9-b34e-5aa4abd1dbdd&apn_sauid=533F215B-BFAA-4D44-8C83-9860CE93F962

IE - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultengine: "Ask.com"

FF - prefs.js..browser.search.defaultenginename: "Ask.com"

FF - prefs.js..browser.search.order.1: "Ask.com"

FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.at/"

FF - prefs.js..extensions.enabledItems: youtube2mp3@mondayx.de:1.2.3

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26

FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.4

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9

 

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found

FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll File not found

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKCU\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf:  File not found

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/17 19:26:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/24 19:36:21 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2011/11/13 19:15:23 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/06/17 19:26:20 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012/05/24 19:36:21 | 000,000,000 | ---D | M]

 

[2011/03/08 22:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Extensions

[2011/03/08 22:03:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}

[2012/06/29 14:50:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\Profiles\t2xu63eu.default\extensions

[2011/04/04 22:25:55 | 000,000,000 | ---D | M] (GamePlayLabs Plugin) -- C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\Profiles\t2xu63eu.default\extensions\plugin2@gameplaylabs.com

[2011/09/03 12:29:40 | 000,000,000 | ---D | M] (YouTube to MP3) -- C:\Users\Sandra\AppData\Roaming\mozilla\Firefox\Profiles\t2xu63eu.default\extensions\youtube2mp3@mondayx.de

[2012/06/01 17:53:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions

[2012/06/29 14:50:52 | 000,743,305 | ---- | M] () (No name found) -- C:\USERS\SANDRA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T2XU63EU.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI

[2012/06/17 19:26:20 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2011/05/04 04:52:23 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

[2011/06/30 20:30:14 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

[2012/06/17 19:26:16 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012/06/17 19:26:16 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2012/06/17 19:26:16 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2012/06/17 19:26:16 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2012/06/17 19:26:16 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2012/06/17 19:26:16 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009/06/10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.

O3 - HKU\S-1-5-21-1824515743-1129300623-418782207-1000\..\Toolbar\WebBrowser: (no name) - {FF88A983-649D-4207-9336-9B999280B436} - No CLSID value found.

O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited)

O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)

O4 - HKU\S-1-5-21-1824515743-1129300623-418782207-1000..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)

O4 - HKU\S-1-5-21-1824515743-1129300623-418782207-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()

O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.0.0.138

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1A7D2EF4-E976-4A68-8C63-6E36A173B396}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26CFA158-2B9B-40ED-B46C-D8EB42B90917}: NameServer = 213.162.69.170 213.162.69.169

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{547D5E76-2509-49C9-A093-F2268C116CB8}: DhcpNameServer = 195.34.133.21 212.186.211.21

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81E2AD3D-BB31-4066-9E11-C5D237E2E862}: DhcpNameServer = 212.91.97.3 212.91.97.4

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BEF0FCF6-5A11-4CEC-86E6-56CA61880306}: DhcpNameServer = 10.0.0.138

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - Winlogon\Notify\!SASWinLogon: DllName - (C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL) - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL (SUPERAntiSpyware.com)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009/06/10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O33 - MountPoints2\{2d2da28b-a951-11e1-b494-001bb1166a05}\Shell - "" = AutoRun

O33 - MountPoints2\{2d2da28b-a951-11e1-b494-001bb1166a05}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{2d2da29d-a951-11e1-b494-001bb1166a05}\Shell - "" = AutoRun

O33 - MountPoints2\{2d2da29d-a951-11e1-b494-001bb1166a05}\Shell\AutoRun\command - "" = F:\AutoRun.exe

O33 - MountPoints2\{50f77daf-c1ab-11e0-9326-001bb1166a05}\Shell - "" = AutoRun

O33 - MountPoints2\{50f77daf-c1ab-11e0-9326-001bb1166a05}\Shell\AutoRun\command - "" = F:\setup_vmc_lite.exe /checkApplicationPresence

O33 - MountPoints2\F\Shell - "" = AutoRun

O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk - C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe - (Broadcom Corporation.)

MsConfig - StartUpReg: APSDaemon - hkey= - key= -  File not found

MsConfig - StartUpReg: AutoStartNPSAgent - hkey= - key= - C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe (Samsung Electronics Co., Ltd.)

MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

MsConfig - StartUpReg: Facebook Update - hkey= - key= - C:\Users\Sandra\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

MsConfig - StartUpReg: FlashPlayerUpdate - hkey= - key= -  File not found

MsConfig - StartUpReg: HW_OPENEYE_OUC_T-Mobile Internet Manager - hkey= - key= - C:\Program Files\T-Mobile\T-Mobile Internet Manager\UpdateDog\ouc.exe (Huawei Technologies Co., Ltd.)

MsConfig - StartUpReg: iTunesHelper - hkey= - key= -  File not found

MsConfig - StartUpReg: NortonOnlineBackup - hkey= - key= -  File not found

MsConfig - StartUpReg: NvCplDaemon - hkey= - key= -  File not found

MsConfig - StartUpReg: PDVD8LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)

MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)

MsConfig - StartUpReg: RemoteControl8 - hkey= - key= - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)

MsConfig - StartUpReg: SynTPEnh - hkey= - key= -  File not found

MsConfig - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: UpdateLBPShortCut - hkey= - key= - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: UpdateP2GoShortCut - hkey= - key= - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: UpdatePDRShortCut - hkey= - key= - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: UpdatePPShortCut - hkey= - key= - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

MsConfig - StartUpReg: WinampAgent - hkey= - key= - C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)

 

SafeBootMin: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)

SafeBootMin: Ad-Aware Service - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: mcmscsvc - Service

SafeBootMin: MCODS - Service

SafeBootMin: NTDS -  File not found

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SBAMSvc - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet: !SASCORE - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE (SUPERAntiSpyware.com)

SafeBootNet: Ad-Aware Service - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe (Lavasoft Limited)

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: mcmscsvc - Service

SafeBootNet: MCODS - Service

SafeBootNet: Messenger - Service

SafeBootNet: MpfService - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: NTDS -  File not found

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SBAMSvc - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe (GFI Software)

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WinDefend - C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: MSVideo8 - C:\windows\System32\vfwwdm32.dll (Microsoft Corporation)

Drivers32: vidc.cvid - C:\windows\System32\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012/06/29 14:52:00 | 000,000,000 | ---D | C] -- C:\Program Files\ESET

[2012/06/17 20:12:27 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Malwarebytes

[2012/06/17 20:11:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012/06/17 20:11:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012/06/17 20:11:39 | 000,022,344 | ---- | C] (Malwarebytes Corporation) -- C:\windows\System32\drivers\mbam.sys

[2012/06/17 20:11:39 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware

[2012/06/17 19:45:40 | 000,000,000 | ---D | C] -- C:\windows\System32\AppLogs

[2012/06/17 00:39:07 | 000,000,000 | ---D | C] -- C:\88a3095b5aeba41de7

[2012/06/16 22:45:09 | 000,000,000 | ---D | C] -- C:\windows\pss

[2012/06/04 21:09:10 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Local\adaware

[2012/06/04 21:09:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection

[2012/06/04 21:09:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus

[2012/06/04 21:08:42 | 000,093,816 | ---- | C] (GFI Software) -- C:\windows\System32\drivers\sbhips.sys

[2012/06/04 21:08:32 | 000,223,864 | ---- | C] (GFI Software) -- C:\windows\System32\drivers\SbFw.sys

[2012/06/04 21:08:32 | 000,094,584 | ---- | C] (GFI Software) -- C:\windows\System32\drivers\SbFwIm.sys

[2012/06/04 21:08:31 | 000,000,000 | ---D | C] -- C:\windows\System32\drivers\VDD

[2012/06/04 21:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft

[2012/06/04 21:08:30 | 000,000,000 | ---D | C] -- C:\Program Files\Ad-Aware Antivirus

[2012/06/04 20:53:49 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Ad-Aware Antivirus

[2012/06/03 14:47:04 | 000,000,000 | ---D | C] -- C:\ProgramData\435E

[2012/06/03 11:30:45 | 000,000,000 | ---D | C] -- C:\Users\Sandra\AppData\Roaming\Foxit Software

[2012/06/03 11:30:27 | 000,000,000 | ---D | C] -- C:\Program Files\Foxit Software

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012/07/02 10:17:10 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/07/02 10:17:10 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/07/02 10:16:08 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat

[2012/07/01 21:37:29 | 000,000,330 | ---- | M] () -- C:\windows\tasks\DriverScanner.job

[2012/07/01 21:36:11 | 3611,873,280 | -HS- | M] () -- C:\hiberfil.sys

[2012/06/30 11:08:39 | 000,654,844 | ---- | M] () -- C:\windows\System32\perfh007.dat

[2012/06/30 11:08:39 | 000,616,686 | ---- | M] () -- C:\windows\System32\perfh009.dat

[2012/06/30 11:08:39 | 000,130,426 | ---- | M] () -- C:\windows\System32\perfc007.dat

[2012/06/30 11:08:39 | 000,106,808 | ---- | M] () -- C:\windows\System32\perfc009.dat

[2012/06/29 16:44:46 | 000,279,392 | ---- | M] () -- C:\Users\Sandra\Desktop\lipplan_oberlaa.jpg

[2012/06/27 22:39:18 | 000,127,059 | ---- | M] () -- C:\Users\Sandra\Desktop\AntiSpyWare Quarantine.jpg

[2012/06/26 17:34:32 | 000,042,237 | ---- | M] () -- C:\Users\Sandra\Desktop\MAG ELF - Servicestelle.pdf

[2012/06/25 09:11:19 | 000,048,775 | ---- | M] () -- C:\Users\Sandra\Desktop\2012 06 25 Fehlermeldung Serververbindung.jpg

[2012/06/25 08:49:14 | 000,071,559 | ---- | M] () -- C:\Users\Sandra\Desktop\AR 041 LLC (2012-020,022,024).pdf

[2012/06/25 08:48:51 | 000,066,406 | ---- | M] () -- C:\Users\Sandra\Desktop\LS 029 LLC (2012-020,022,024).pdf

[2012/06/24 10:09:31 | 000,001,650 | ---- | M] () -- C:\Users\Sandra\Desktop\Docs (server001.ledworx.local) - Verknüpfung.lnk

[2012/06/18 21:25:59 | 000,018,391 | ---- | M] () -- C:\Users\Sandra\Desktop\Beach-quiz.odt

[2012/06/17 20:11:42 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/17 10:25:47 | 003,659,288 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT

[2012/06/11 07:28:59 | 000,001,738 | ---- | M] () -- C:\windows\System32\EmailAVConfig.xml

[2012/06/07 23:00:51 | 000,001,188 | ---- | M] () -- C:\windows\System32\ServiceConfig.xml

[1 C:\windows\System32\*.tmp files -> C:\windows\System32\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012/06/29 16:44:42 | 000,279,392 | ---- | C] () -- C:\Users\Sandra\Desktop\lipplan_oberlaa.jpg

[2012/06/27 22:39:17 | 000,127,059 | ---- | C] () -- C:\Users\Sandra\Desktop\AntiSpyWare Quarantine.jpg

[2012/06/26 17:34:32 | 000,042,237 | ---- | C] () -- C:\Users\Sandra\Desktop\MAG ELF - Servicestelle.pdf

[2012/06/25 09:11:19 | 000,048,775 | ---- | C] () -- C:\Users\Sandra\Desktop\2012 06 25 Fehlermeldung Serververbindung.jpg

[2012/06/25 08:49:14 | 000,071,559 | ---- | C] () -- C:\Users\Sandra\Desktop\AR 041 LLC (2012-020,022,024).pdf

[2012/06/25 08:48:48 | 000,066,406 | ---- | C] () -- C:\Users\Sandra\Desktop\LS 029 LLC (2012-020,022,024).pdf

[2012/06/18 21:21:24 | 000,018,391 | ---- | C] () -- C:\Users\Sandra\Desktop\Beach-quiz.odt

[2012/06/17 20:11:42 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012/06/11 07:28:59 | 000,001,738 | ---- | C] () -- C:\windows\System32\EmailAVConfig.xml

[2012/06/07 23:00:51 | 000,001,188 | ---- | C] () -- C:\windows\System32\ServiceConfig.xml

[2011/10/09 23:27:25 | 000,003,347 | ---- | C] () -- C:\Users\Sandra\.recently-used.xbel

[2011/08/27 12:54:48 | 000,044,544 | ---- | C] () -- C:\windows\System32\Gif89.dll

[2011/04/10 23:25:01 | 000,003,584 | ---- | C] () -- C:\Users\Sandra\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2011/04/10 22:54:51 | 000,000,088 | RHS- | C] () -- C:\ProgramData\F3426455BD.sys

[2011/04/10 22:54:50 | 000,002,984 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys

[2011/03/20 23:08:04 | 000,110,592 | ---- | C] () -- C:\windows\System32\FsUsbExDevice.Dll

[2011/03/20 23:08:04 | 000,036,608 | ---- | C] () -- C:\windows\System32\FsUsbExDisk.Sys

[2011/02/23 12:02:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2011/02/23 11:34:59 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe

[2010/07/06 01:46:17 | 000,654,844 | ---- | C] () -- C:\windows\System32\perfh007.dat

[2010/07/06 01:46:17 | 000,295,922 | ---- | C] () -- C:\windows\System32\perfi007.dat

[2010/07/06 01:46:17 | 000,130,426 | ---- | C] () -- C:\windows\System32\perfc007.dat

[2010/07/06 01:46:17 | 000,038,104 | ---- | C] () -- C:\windows\System32\perfd007.dat

[2010/07/05 10:02:50 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe

[2010/07/05 09:29:15 | 000,001,670 | ---- | C] () -- C:\windows\HotFixList.ini

[2010/07/05 09:16:47 | 000,311,296 | ---- | C] () -- C:\windows\System32\Rezip.exe

[2010/07/05 09:15:48 | 000,006,656 | ---- | C] () -- C:\windows\System32\bcmwlrc.dll

 
 ========== LOP Check ==========

 

[2012/06/17 19:48:37 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Ad-Aware Antivirus

[2012/04/12 10:36:17 | 000,000,000 | ---D | M] -- C:\Users\Gast\AppData\Roaming\Synaptics

[2012/06/29 14:52:33 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Ad-Aware Antivirus

[2011/09/21 20:08:06 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011/07/08 23:54:35 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\DVDVideoSoftIEHelpers

[2012/06/12 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Foxit Software

[2011/10/09 23:27:25 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\gtk-2.0

[2011/10/16 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\mp3DirectCut

[2011/11/13 21:28:14 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\MusicNet

[2011/07/09 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\OpenCandy

[2012/02/28 22:55:40 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\OpenOffice.org

[2011/03/20 23:26:40 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\PDF Writer

[2011/03/20 23:07:56 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Samsung

[2012/06/25 23:45:06 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\SoftGrid Client

[2011/09/11 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Synaptics

[2012/05/29 07:47:49 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\T-Mobile

[2012/05/29 07:49:30 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager

[2011/03/08 22:03:20 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Thunderbird

[2011/04/10 22:36:10 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\TP

[2011/08/27 13:01:23 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\TuneUp Software

[2011/07/09 10:57:42 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Uniblue

[2012/06/16 22:23:41 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\uTorrent

[2011/08/08 12:48:08 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Vodafone

[2012/07/01 21:37:29 | 000,000,330 | ---- | M] () -- C:\windows\Tasks\DriverScanner.job

[2012/05/13 17:59:06 | 000,032,632 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012/06/29 14:52:33 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Ad-Aware Antivirus

[2011/11/13 19:52:15 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Adobe

[2011/07/27 21:36:51 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Apple Computer

[2011/04/24 03:48:29 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Avira

[2011/09/21 20:08:06 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2011/04/10 22:54:51 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Corel

[2011/05/26 18:37:58 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\CyberLink

[2011/07/08 23:54:35 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\DVDVideoSoftIEHelpers

[2012/06/12 22:35:50 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Foxit Software

[2011/02/23 12:03:55 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Google

[2011/10/09 23:27:25 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\gtk-2.0

[2011/02/23 11:58:53 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Identities

[2011/02/23 21:41:33 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Macromedia

[2012/06/17 20:12:27 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Malwarebytes

[2010/07/06 01:36:15 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Media Center Programs

[2012/02/08 15:20:01 | 000,000,000 | --SD | M] -- C:\Users\Sandra\AppData\Roaming\Microsoft

[2011/02/23 12:06:47 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Mozilla

[2011/10/16 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\mp3DirectCut

[2011/11/13 21:28:14 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\MusicNet

[2011/07/09 10:56:00 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\OpenCandy

[2012/02/28 22:55:40 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\OpenOffice.org

[2011/03/20 23:26:40 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\PDF Writer

[2011/03/20 23:07:56 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Samsung

[2012/05/24 19:32:08 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Skype

[2011/07/14 00:06:15 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\skypePM

[2012/06/25 23:45:06 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\SoftGrid Client

[2011/10/11 22:00:26 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\SUPERAntiSpyware.com

[2011/09/11 22:05:45 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Synaptics

[2012/05/29 07:47:49 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\T-Mobile

[2012/05/29 07:49:30 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager

[2011/03/08 22:03:20 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Thunderbird

[2011/04/10 22:36:10 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\TP

[2011/08/27 13:01:23 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\TuneUp Software

[2011/07/09 10:57:42 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Uniblue

[2012/06/16 22:23:41 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\uTorrent

[2012/03/11 20:00:30 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\vlc

[2011/08/08 12:48:08 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Vodafone

[2012/03/11 20:26:25 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\Winamp

[2012/01/01 19:22:58 | 000,000,000 | ---D | M] -- C:\Users\Sandra\AppData\Roaming\WinRAR

 
 < %APPDATA%\*.exe /s >

[2011/09/21 20:03:44 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\Sandra\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe

[2011/06/07 20:58:20 | 005,845,432 | ---- | M] (Uniblue Systems Ltd                                         ) -- C:\Users\Sandra\AppData\Roaming\OpenCandy\OpenCandy_AAB76C1FF91040E0A0828965171E77B0\driverscanner (9).exe

[2011/07/09 10:56:05 | 000,416,160 | ---- | M] () -- C:\Users\Sandra\AppData\Roaming\OpenCandy\OpenCandy_AAB76C1FF91040E0A0828965171E77B0\LatestDLMgr.exe

[2010/01/07 14:35:18 | 001,007,616 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager\LiveUpdate.exe

[2009/12/31 14:13:52 | 000,110,592 | ---- | M] (Huawei Technologies Co., Ltd.) -- C:\Users\Sandra\AppData\Roaming\T-Mobile Internet Manager\ouc.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys

[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[2009/07/14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys

[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[2009/07/14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2007/05/17 14:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll

 
 < MD5 for: IASTOR.SYS  >

[2010/04/27 09:47:34 | 000,435,736 | ---- | M] (Intel Corporation) MD5=EB3A2C773E202CED30595BBFAD24FEBF -- C:\Windows\System32\drivers\iaStor.sys

[2010/04/27 09:47:34 | 000,435,736 | ---- | M] (Intel Corporation) MD5=EB3A2C773E202CED30595BBFAD24FEBF -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_f694c1cdcd94f044\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys

[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys

[2011/03/11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys

[2011/03/11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys

[2011/03/11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys

[2009/07/14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys

[2010/11/20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

[2011/03/11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll

[2010/11/20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

[2009/07/14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys

[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys

[2011/03/11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys

[2011/03/11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys

[2011/03/11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys

[2011/03/11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys

[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys

[2010/11/20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

[2009/07/14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009/07/14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll

[2010/11/20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009/07/14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

[2010/11/20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll

[2010/11/20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010/11/20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\System32\wininit.exe

[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012/04/04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009/10/28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009/10/28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe

[2010/11/20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2009/07/14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2009/07/14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[1 C:\windows\system32\*.tmp files -> C:\windows\system32\*.tmp -> ]

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 164 bytes -> C:\Users\Sandra\Documents\T-Mobile Vertragskündigung.docx.jpeg:3or4kl4x13tuuug3Byamue2s4b

@Alternate Data Stream - 164 bytes -> C:\Users\Sandra\Documents\sig sandfa.jpg:3or4kl4x13tuuug3Byamue2s4b
 

< End of report >

Vielen herzlichen Dank für die Bemühungen!!!:knuddel:

Frage,

da ist ein zweites log betitelt mit "Extras.txt" auch aufgegangen. Soll ich das auch hierher kopieren?

Puhh, das wird echt kompliziert. Hoffe dies ist das richtige:

Code:

13:28:32.0663 6012        TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08

13:28:32.0942 6012        ============================================================

13:28:32.0942 6012        Current date / time: 2012/07/03 13:28:32.0942

13:28:32.0942 6012        SystemInfo:

13:28:32.0942 6012        

13:28:32.0942 6012        OS Version: 6.1.7601 ServicePack: 1.0

13:28:32.0942 6012        Product type: Workstation

13:28:32.0942 6012        ComputerName: SANDRA-NOTEBOOK

13:28:32.0942 6012        UserName: Sandra

13:28:32.0942 6012        Windows directory: C:\windows

13:28:32.0942 6012        System windows directory: C:\windows

13:28:32.0942 6012        Processor architecture: Intel x86

13:28:32.0942 6012        Number of processors: 4

13:28:32.0942 6012        Page size: 0x1000

13:28:32.0942 6012        Boot type: Normal boot

13:28:32.0942 6012        ============================================================

13:28:33.0610 6012        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

13:28:33.0613 6012        ============================================================

13:28:33.0613 6012        \Device\Harddisk0\DR0:

13:28:33.0613 6012        MBR partitions:

13:28:33.0613 6012        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x2800800, BlocksNum 0x32000

13:28:33.0613 6012        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2832800, BlocksNum 0x12E00000

13:28:33.0629 6012        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15633000, BlocksNum 0x24D52800

13:28:33.0629 6012        ============================================================

13:28:33.0660 6012        C: <-> \Device\Harddisk0\DR0\Partition1

13:28:33.0744 6012        D: <-> \Device\Harddisk0\DR0\Partition2

13:28:33.0744 6012        ============================================================

13:28:33.0744 6012        Initialize success

13:28:33.0744 6012        ============================================================

13:29:26.0587 0716        ============================================================

13:29:26.0587 0716        Scan started

13:29:26.0587 0716        Mode: Manual; SigCheck; TDLFS; 

13:29:26.0587 0716        ============================================================

13:29:27.0237 0716        !SASCORE        (c0393eb99a6c72c6bef9bfc4a72b33a6) C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

13:29:27.0278 0716        !SASCORE - ok

13:29:27.0510 0716        1394ohci        (1b133875b8aa8ac48969bd3458afe9f5) C:\windows\system32\drivers\1394ohci.sys

13:29:27.0577 0716        1394ohci - ok

13:29:27.0646 0716        ACPI            (cea80c80bed809aa0da6febc04733349) C:\windows\system32\drivers\ACPI.sys

13:29:27.0662 0716        ACPI - ok

13:29:27.0703 0716        AcpiPmi         (1efbc664abff416d1d07db115dcb264f) C:\windows\system32\drivers\acpipmi.sys

13:29:27.0791 0716        AcpiPmi - ok

13:29:27.0950 0716        Ad-Aware Service (09e61047b0cef21559cfcedf4f14d216) C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

13:29:27.0980 0716        Ad-Aware Service - ok

13:29:28.0075 0716        adp94xx         (21e785ebd7dc90a06391141aac7892fb) C:\windows\system32\DRIVERS\adp94xx.sys

13:29:28.0097 0716        adp94xx - ok

13:29:28.0118 0716        adpahci         (0c676bc278d5b59ff5abd57bbe9123f2) C:\windows\system32\DRIVERS\adpahci.sys

13:29:28.0136 0716        adpahci - ok

13:29:28.0147 0716        adpu320         (7c7b5ee4b7b822ec85321fe23a27db33) C:\windows\system32\DRIVERS\adpu320.sys

13:29:28.0162 0716        adpu320 - ok

13:29:28.0194 0716        AeLookupSvc     (8b5eefeec1e6d1a72a06c526628ad161) C:\windows\System32\aelupsvc.dll

13:29:28.0252 0716        AeLookupSvc - ok

13:29:28.0334 0716        AFD             (9ebbba55060f786f0fcaa3893bfa2806) C:\windows\system32\drivers\afd.sys

13:29:28.0384 0716        AFD - ok

13:29:28.0438 0716        agp440          (507812c3054c21cef746b6ee3d04dd6e) C:\windows\system32\drivers\agp440.sys

13:29:28.0450 0716        agp440 - ok

13:29:28.0504 0716        aic78xx         (8b30250d573a8f6b4bd23195160d8707) C:\windows\system32\DRIVERS\djsvs.sys

13:29:28.0517 0716        aic78xx - ok

13:29:28.0581 0716        ALG             (18a54e132947cd98fea9accc57f98f13) C:\windows\System32\alg.exe

13:29:28.0648 0716        ALG - ok

13:29:28.0688 0716        aliide          (0d40bcf52ea90fc7df2aeab6503dea44) C:\windows\system32\drivers\aliide.sys

13:29:28.0700 0716        aliide - ok

13:29:28.0738 0716        amdagp          (3c6600a0696e90a463771c7422e23ab5) C:\windows\system32\drivers\amdagp.sys

13:29:28.0750 0716        amdagp - ok

13:29:28.0782 0716        amdide          (cd5914170297126b6266860198d1d4f0) C:\windows\system32\drivers\amdide.sys

13:29:28.0794 0716        amdide - ok

13:29:28.0830 0716        AmdK8           (00dda200d71bac534bf56a9db5dfd666) C:\windows\system32\DRIVERS\amdk8.sys

13:29:28.0885 0716        AmdK8 - ok

13:29:28.0909 0716        AmdPPM          (3cbf30f5370fda40dd3e87df38ea53b6) C:\windows\system32\DRIVERS\amdppm.sys

13:29:28.0948 0716        AmdPPM - ok

13:29:28.0994 0716        amdsata         (d320bf87125326f996d4904fe24300fc) C:\windows\system32\drivers\amdsata.sys

13:29:29.0007 0716        amdsata - ok

13:29:29.0035 0716        amdsbs          (ea43af0c423ff267355f74e7a53bdaba) C:\windows\system32\DRIVERS\amdsbs.sys

13:29:29.0050 0716        amdsbs - ok

13:29:29.0061 0716        amdxata         (46387fb17b086d16dea267d5be23a2f2) C:\windows\system32\drivers\amdxata.sys

13:29:29.0072 0716        amdxata - ok

13:29:29.0120 0716        androidusb      (dd8d9c597af7cd2f6b70a3d6a4a1acea) C:\windows\system32\Drivers\ssadadb.sys

13:29:29.0173 0716        androidusb - ok

13:29:29.0306 0716        AntiVirSchedulerService (c27d46b06d340293670450fce9dfb166) C:\Program Files\Avira\AntiVir Desktop\sched.exe

13:29:29.0316 0716        AntiVirSchedulerService - ok

13:29:29.0356 0716        AntiVirService  (72d90e56563165984224493069c69ed4) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

13:29:29.0367 0716        AntiVirService - ok

13:29:29.0420 0716        AppID           (aea177f783e20150ace5383ee368da19) C:\windows\system32\drivers\appid.sys

13:29:29.0534 0716        AppID - ok

13:29:29.0584 0716        AppIDSvc        (62a9c86cb6085e20db4823e4e97826f5) C:\windows\System32\appidsvc.dll

13:29:29.0646 0716        AppIDSvc - ok

13:29:29.0698 0716        Appinfo         (fb1959012294d6ad43e5304df65e3c26) C:\windows\System32\appinfo.dll

13:29:29.0747 0716        Appinfo - ok

13:29:29.0785 0716        arc             (2932004f49677bd84dbc72edb754ffb3) C:\windows\system32\DRIVERS\arc.sys

13:29:29.0798 0716        arc - ok

13:29:29.0815 0716        arcsas          (5d6f36c46fd283ae1b57bd2e9feb0bc7) C:\windows\system32\DRIVERS\arcsas.sys

13:29:29.0828 0716        arcsas - ok

13:29:29.0864 0716        AsyncMac        (add2ade1c2b285ab8378d2daaf991481) C:\windows\system32\DRIVERS\asyncmac.sys

13:29:29.0971 0716        AsyncMac - ok

13:29:30.0026 0716        atapi           (338c86357871c167a96ab976519bf59e) C:\windows\system32\drivers\atapi.sys

13:29:30.0038 0716        atapi - ok

13:29:30.0119 0716        AudioEndpointBuilder (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll

13:29:30.0168 0716        AudioEndpointBuilder - ok

13:29:30.0173 0716        Audiosrv        (ce3b4e731638d2ef62fcb419be0d39f0) C:\windows\System32\Audiosrv.dll

13:29:30.0207 0716        Audiosrv - ok

13:29:30.0243 0716        avgntflt        (1e4114685de1ffa9675e09c6a1fb3f4b) C:\windows\system32\DRIVERS\avgntflt.sys

13:29:30.0254 0716        avgntflt - ok

13:29:30.0300 0716        avipbb          (0f78d3dae6dedd99ae54c9491c62adf2) C:\windows\system32\DRIVERS\avipbb.sys

13:29:30.0313 0716        avipbb - ok

13:29:30.0360 0716        AxInstSV        (6e30d02aac9cac84f421622e3a2f6178) C:\windows\System32\AxInstSV.dll

13:29:30.0434 0716        AxInstSV - ok

13:29:30.0527 0716        b06bdrv         (1a231abec60fd316ec54c66715543cec) C:\windows\system32\DRIVERS\bxvbdx.sys

13:29:30.0586 0716        b06bdrv - ok

13:29:30.0641 0716        b57nd60x        (bd8869eb9cde6bbe4508d869929869ee) C:\windows\system32\DRIVERS\b57nd60x.sys

13:29:30.0680 0716        b57nd60x - ok

13:29:30.0931 0716        BCM43XX         (55bbdde1cbd3fa79ea88baaa051d9735) C:\windows\system32\DRIVERS\bcmwl6.sys

13:29:30.0986 0716        BCM43XX - ok

13:29:31.0152 0716        BDESVC          (ee1e9c3bb8228ae423dd38db69128e71) C:\windows\System32\bdesvc.dll

13:29:31.0218 0716        BDESVC - ok

13:29:31.0294 0716        Beep            (505506526a9d467307b3c393dedaf858) C:\windows\system32\drivers\Beep.sys

13:29:31.0345 0716        Beep - ok

13:29:31.0416 0716        BFE             (1e2bac209d184bb851e1a187d8a29136) C:\windows\System32\bfe.dll

13:29:31.0469 0716        BFE - ok

13:29:31.0549 0716        BITS            (e585445d5021971fae10393f0f1c3961) C:\windows\System32\qmgr.dll

13:29:31.0602 0716        BITS - ok

13:29:31.0652 0716        blbdrive        (2287078ed48fcfc477b05b20cf38f36f) C:\windows\system32\DRIVERS\blbdrive.sys

13:29:31.0683 0716        blbdrive - ok

13:29:31.0739 0716        BMLoad          (d002033c1a37f6af51b5f0ba6d0211bc) C:\windows\system32\drivers\BMLoad.sys

13:29:31.0757 0716        BMLoad ( UnsignedFile.Multi.Generic ) - warning

13:29:31.0757 0716        BMLoad - detected UnsignedFile.Multi.Generic (1)

13:29:31.0800 0716        bowser          (8f2da3028d5fcbd1a060a3de64cd6506) C:\windows\system32\DRIVERS\bowser.sys

13:29:31.0844 0716        bowser - ok

13:29:31.0861 0716        BrFiltLo        (9f9acc7f7ccde8a15c282d3f88b43309) C:\windows\system32\DRIVERS\BrFiltLo.sys

13:29:31.0944 0716        BrFiltLo - ok

13:29:31.0966 0716        BrFiltUp        (56801ad62213a41f6497f96dee83755a) C:\windows\system32\DRIVERS\BrFiltUp.sys

13:29:32.0006 0716        BrFiltUp - ok

13:29:32.0063 0716        Browser         (6e11f33d14d020f58d5e02e4d67dfa19) C:\windows\System32\browser.dll

13:29:32.0105 0716        Browser - ok

13:29:32.0142 0716        Brserid         (845b8ce732e67f3b4133164868c666ea) C:\windows\System32\Drivers\Brserid.sys

13:29:32.0202 0716        Brserid - ok

13:29:32.0219 0716        BrSerWdm        (203f0b1e73adadbbb7b7b1fabd901f6b) C:\windows\System32\Drivers\BrSerWdm.sys

13:29:32.0251 0716        BrSerWdm - ok

13:29:32.0283 0716        BrUsbMdm        (bd456606156ba17e60a04e18016ae54b) C:\windows\System32\Drivers\BrUsbMdm.sys

13:29:32.0317 0716        BrUsbMdm - ok

13:29:32.0335 0716        BrUsbSer        (af72ed54503f717a43268b3cc5faec2e) C:\windows\System32\Drivers\BrUsbSer.sys

13:29:32.0372 0716        BrUsbSer - ok

13:29:32.0426 0716        BthEnum         (2865a5c8e98c70c605f417908cebb3a4) C:\windows\system32\drivers\BthEnum.sys

13:29:32.0485 0716        BthEnum - ok

13:29:32.0500 0716        BTHMODEM        (ed3df7c56ce0084eb2034432fc56565a) C:\windows\system32\DRIVERS\bthmodem.sys

13:29:32.0538 0716        BTHMODEM - ok

13:29:32.0572 0716        BthPan          (ad1872e5829e8a2c3b5b4b641c3eab0e) C:\windows\system32\DRIVERS\bthpan.sys

13:29:32.0608 0716        BthPan - ok

13:29:32.0663 0716        BTHPORT         (c2fbf6d271d9a94d839c416bf186ead9) C:\windows\System32\Drivers\BTHport.sys

13:29:32.0711 0716        BTHPORT - ok

13:29:32.0770 0716        bthserv         (1df19c96eef6c29d1c3e1a8678e07190) C:\windows\system32\bthserv.dll

13:29:32.0824 0716        bthserv - ok

13:29:32.0864 0716        BTHUSB          (c81e9413a25a439f436b1d4b6a0cf9e9) C:\windows\System32\Drivers\BTHUSB.sys

13:29:32.0890 0716        BTHUSB - ok

13:29:32.0945 0716        btwampfl        (ad1aa3b85f1b9125e31935df98266b37) C:\windows\system32\drivers\btwampfl.sys

13:29:32.0961 0716        btwampfl - ok

13:29:33.0001 0716        btwaudio        (d146b5897a47500444bfa1f2cb2e3173) C:\windows\system32\drivers\btwaudio.sys

13:29:33.0013 0716        btwaudio - ok

13:29:33.0082 0716        btwavdt         (1f9cd885f1c548be93962ccabdb632e4) C:\windows\system32\DRIVERS\btwavdt.sys

13:29:33.0095 0716        btwavdt - ok

13:29:33.0254 0716        btwdins         (765c410d031b9d55bfe09fe3f233262a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

13:29:33.0272 0716        btwdins - ok

13:29:33.0307 0716        btwl2cap        (de53089f0678cb5f0afeb867acb0fb05) C:\windows\system32\DRIVERS\btwl2cap.sys

13:29:33.0317 0716        btwl2cap - ok

13:29:33.0348 0716        btwrchid        (a2d6c7b7b62a6c42dcb01204a6bd6fc2) C:\windows\system32\DRIVERS\btwrchid.sys

13:29:33.0358 0716        btwrchid - ok

13:29:33.0407 0716        cdfs            (77ea11b065e0a8ab902d78145ca51e10) C:\windows\system32\DRIVERS\cdfs.sys

13:29:33.0454 0716        cdfs - ok

13:29:33.0505 0716        cdrom           (be167ed0fdb9c1fa1133953c18d5a6c9) C:\windows\system32\DRIVERS\cdrom.sys

13:29:33.0533 0716        cdrom - ok

13:29:33.0573 0716        CertPropSvc     (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll

13:29:33.0621 0716        CertPropSvc - ok

13:29:33.0660 0716        circlass        (3fe3fe94a34df6fb06e6418d0f6a0060) C:\windows\system32\DRIVERS\circlass.sys

13:29:33.0695 0716        circlass - ok

13:29:33.0757 0716        CLFS            (635181e0e9bbf16871bf5380d71db02d) C:\windows\system32\CLFS.sys

13:29:33.0772 0716        CLFS - ok

13:29:33.0859 0716        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:29:33.0871 0716        clr_optimization_v2.0.50727_32 - ok

13:29:33.0964 0716        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:29:33.0989 0716        clr_optimization_v4.0.30319_32 - ok

13:29:34.0012 0716        CmBatt          (dea805815e587dad1dd2c502220b5616) C:\windows\system32\DRIVERS\CmBatt.sys

13:29:34.0042 0716        CmBatt - ok

13:29:34.0071 0716        cmdide          (c537b1db64d495b9b4717b4d6d9edbf2) C:\windows\system32\drivers\cmdide.sys

13:29:34.0083 0716        cmdide - ok

13:29:34.0168 0716        CNG             (6427525d76f61d0c519b008d3680e8e7) C:\windows\system32\Drivers\cng.sys

13:29:34.0190 0716        CNG - ok

13:29:34.0239 0716        Compbatt        (a6023d3823c37043986713f118a89bee) C:\windows\system32\DRIVERS\compbatt.sys

13:29:34.0250 0716        Compbatt - ok

13:29:34.0318 0716        CompositeBus    (cbe8c58a8579cfe5fccf809e6f114e89) C:\windows\system32\drivers\CompositeBus.sys

13:29:34.0347 0716        CompositeBus - ok

13:29:34.0360 0716        COMSysApp - ok

13:29:34.0378 0716        crcdisk         (2c4ebcfc84a9b44f209dff6c6e6c61d1) C:\windows\system32\DRIVERS\crcdisk.sys

13:29:34.0390 0716        crcdisk - ok

13:29:34.0437 0716        CryptSvc        (06e771aa596b8761107ab57e99f128d7) C:\windows\system32\cryptsvc.dll

13:29:34.0493 0716        CryptSvc - ok

13:29:34.0678 0716        cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE

13:29:34.0703 0716        cvhsvc - ok

13:29:34.0791 0716        DcomLaunch      (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll

13:29:34.0830 0716        DcomLaunch - ok

13:29:34.0883 0716        defragsvc       (8d6e10a2d9a5eed59562d9b82cf804e1) C:\windows\System32\defragsvc.dll

13:29:34.0934 0716        defragsvc - ok

13:29:35.0004 0716        DfsC            (f024449c97ec1e464aaffda18593db88) C:\windows\system32\Drivers\dfsc.sys

13:29:35.0033 0716        DfsC - ok

13:29:35.0100 0716        Dhcp            (e9e01eb683c132f7fa27cd607b8a2b63) C:\windows\system32\dhcpcore.dll

13:29:35.0153 0716        Dhcp - ok

13:29:35.0185 0716        discache        (1a050b0274bfb3890703d490f330c0da) C:\windows\system32\drivers\discache.sys

13:29:35.0228 0716        discache - ok

13:29:35.0261 0716        Disk            (565003f326f99802e68ca78f2a68e9ff) C:\windows\system32\DRIVERS\disk.sys

13:29:35.0273 0716        Disk - ok

13:29:35.0320 0716        Dnscache        (33ef4861f19a0736b11314aad9ae28d0) C:\windows\System32\dnsrslvr.dll

13:29:35.0368 0716        Dnscache - ok

13:29:35.0422 0716        dot3svc         (366ba8fb4b7bb7435e3b9eacb3843f67) C:\windows\System32\dot3svc.dll

13:29:35.0468 0716        dot3svc - ok

13:29:35.0512 0716        DPS             (8ec04ca86f1d68da9e11952eb85973d6) C:\windows\system32\dps.dll

13:29:35.0572 0716        DPS - ok

13:29:35.0612 0716        drmkaud         (b918e7c5f9bf77202f89e1a9539f2eb4) C:\windows\system32\drivers\drmkaud.sys

13:29:35.0650 0716        drmkaud - ok

13:29:35.0833 0716        DXGKrnl         (23f5d28378a160352ba8f817bd8c71cb) C:\windows\System32\drivers\dxgkrnl.sys

13:29:35.0889 0716        DXGKrnl - ok

13:29:35.0920 0716        EapHost         (8600142fa91c1b96367d3300ad0f3f3a) C:\windows\System32\eapsvc.dll

13:29:35.0970 0716        EapHost - ok

13:29:36.0229 0716        ebdrv           (024e1b5cac09731e4d868e64dbfb4ab0) C:\windows\system32\DRIVERS\evbdx.sys

13:29:36.0311 0716        ebdrv - ok

13:29:36.0457 0716        EFS             (81951f51e318aecc2d68559e47485cc4) C:\windows\System32\lsass.exe

13:29:36.0509 0716        EFS - ok

13:29:36.0609 0716        ehRecvr         (a8c362018efc87beb013ee28f29c0863) C:\windows\ehome\ehRecvr.exe

13:29:36.0665 0716        ehRecvr - ok

13:29:36.0702 0716        ehSched         (d389bff34f80caede417bf9d1507996a) C:\windows\ehome\ehsched.exe

13:29:36.0727 0716        ehSched - ok

13:29:36.0853 0716        elxstor         (0ed67910c8c326796faa00b2bf6d9d3c) C:\windows\system32\DRIVERS\elxstor.sys

13:29:36.0875 0716        elxstor - ok

13:29:36.0914 0716        ErrDev          (8fc3208352dd3912c94367a206ab3f11) C:\windows\system32\drivers\errdev.sys

13:29:36.0946 0716        ErrDev - ok

13:29:37.0009 0716        EventSystem     (f6916efc29d9953d5d0df06882ae8e16) C:\windows\system32\es.dll

13:29:37.0060 0716        EventSystem - ok

13:29:37.0131 0716        ewusbnet        (7c18a6c99f4119d361a5ca028e788648) C:\windows\system32\DRIVERS\ewusbnet.sys

13:29:37.0174 0716        ewusbnet - ok

13:29:37.0205 0716        exfat           (2dc9108d74081149cc8b651d3a26207f) C:\windows\system32\drivers\exfat.sys

13:29:37.0260 0716        exfat - ok

13:29:37.0288 0716        fastfat         (7e0ab74553476622fb6ae36f73d97d35) C:\windows\system32\drivers\fastfat.sys

13:29:37.0320 0716        fastfat - ok

13:29:37.0414 0716        Fax             (967ea5b213e9984cbe270205df37755b) C:\windows\system32\fxssvc.exe

13:29:37.0470 0716        Fax - ok

13:29:37.0526 0716        fdc             (e817a017f82df2a1f8cfdbda29388b29) C:\windows\system32\DRIVERS\fdc.sys

13:29:37.0557 0716        fdc - ok

13:29:37.0591 0716        fdPHost         (f3222c893bd2f5821a0179e5c71e88fb) C:\windows\system32\fdPHost.dll

13:29:37.0636 0716        fdPHost - ok

13:29:37.0658 0716        FDResPub        (7dbe8cbfe79efbdeb98c9fb08d3a9a5b) C:\windows\system32\fdrespub.dll

13:29:37.0706 0716        FDResPub - ok

13:29:37.0739 0716        FileInfo        (6cf00369c97f3cf563be99be983d13d8) C:\windows\system32\drivers\fileinfo.sys

13:29:37.0751 0716        FileInfo - ok

13:29:37.0755 0716        Filetrace       (42c51dc94c91da21cb9196eb64c45db9) C:\windows\system32\drivers\filetrace.sys

13:29:37.0798 0716        Filetrace - ok

13:29:37.0834 0716        flpydisk        (87907aa70cb3c56600f1c2fb8841579b) C:\windows\system32\DRIVERS\flpydisk.sys

13:29:37.0865 0716        flpydisk - ok

13:29:37.0902 0716        FltMgr          (7520ec808e0c35e0ee6f841294316653) C:\windows\system32\drivers\fltmgr.sys

13:29:37.0916 0716        FltMgr - ok

13:29:38.0019 0716        FontCache       (b3a5ec6b6b6673db7e87c2bcdbddc074) C:\windows\system32\FntCache.dll

13:29:38.0077 0716        FontCache - ok

13:29:38.0149 0716        FontCache3.0.0.0 (e56f39f6b7fda0ac77a79b0fd3de1a2f) C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

13:29:38.0159 0716        FontCache3.0.0.0 - ok

13:29:38.0205 0716        FsDepends       (1a16b57943853e598cff37fe2b8cbf1d) C:\windows\system32\drivers\FsDepends.sys

13:29:38.0218 0716        FsDepends - ok

13:29:38.0258 0716        fssfltr         (b74b0578fd1d3f897e95f2a2b69ea051) C:\windows\system32\DRIVERS\fssfltr.sys

13:29:38.0269 0716        fssfltr - ok

13:29:38.0450 0716        fsssvc          (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files\Windows Live\Family Safety\fsssvc.exe

13:29:38.0474 0716        fsssvc - ok

13:29:38.0548 0716        FsUsbExDisk     (cbe5f69a5e5b918225f420ba748f3742) C:\windows\system32\FsUsbExDisk.SYS

13:29:38.0570 0716        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning

13:29:38.0570 0716        FsUsbExDisk - detected UnsignedFile.Multi.Generic (1)

13:29:38.0643 0716        FsUsbExService  (96633419f4a1e37acb89b45ebccfe001) C:\windows\system32\FsUsbExService.Exe

13:29:38.0655 0716        FsUsbExService - ok

13:29:38.0681 0716        Fs_Rec          (7dae5ebcc80e45d3253f4923dc424d05) C:\windows\system32\drivers\Fs_Rec.sys

13:29:38.0692 0716        Fs_Rec - ok

13:29:38.0751 0716        fvevol          (8a73e79089b282100b9393b644cb853b) C:\windows\system32\DRIVERS\fvevol.sys

13:29:38.0768 0716        fvevol - ok

13:29:38.0806 0716        gagp30kx        (65ee0c7a58b65e74ae05637418153938) C:\windows\system32\DRIVERS\gagp30kx.sys

13:29:38.0819 0716        gagp30kx - ok

13:29:38.0892 0716        gpsvc           (e897eaf5ed6ba41e081060c9b447a673) C:\windows\System32\gpsvc.dll

13:29:38.0945 0716        gpsvc - ok

13:29:38.0980 0716        hcw85cir        (c44e3c2bab6837db337ddee7544736db) C:\windows\system32\drivers\hcw85cir.sys

13:29:39.0032 0716        hcw85cir - ok

13:29:39.0113 0716        HdAudAddService (a5ef29d5315111c80a5c1abad14c8972) C:\windows\system32\drivers\HdAudio.sys

13:29:39.0145 0716        HdAudAddService - ok

13:29:39.0188 0716        HDAudBus        (9036377b8a6c15dc2eec53e489d159b5) C:\windows\system32\drivers\HDAudBus.sys

13:29:39.0219 0716        HDAudBus - ok

13:29:39.0252 0716        HidBatt         (1d58a7f3e11a9731d0eaaaa8405acc36) C:\windows\system32\DRIVERS\HidBatt.sys

13:29:39.0287 0716        HidBatt - ok

13:29:39.0310 0716        HidBth          (89448f40e6df260c206a193a4683ba78) C:\windows\system32\DRIVERS\hidbth.sys

13:29:39.0338 0716        HidBth - ok

13:29:39.0364 0716        HidIr           (cf50b4cf4a4f229b9f3c08351f99ca5e) C:\windows\system32\DRIVERS\hidir.sys

13:29:39.0395 0716        HidIr - ok

13:29:39.0437 0716        hidserv         (2bc6f6a1992b3a77f5f41432ca6b3b6b) C:\windows\system32\hidserv.dll

13:29:39.0485 0716        hidserv - ok

13:29:39.0524 0716        HidUsb          (10c19f8290891af023eaec0832e1eb4d) C:\windows\system32\DRIVERS\hidusb.sys

13:29:39.0557 0716        HidUsb - ok

13:29:39.0587 0716        hkmsvc          (196b4e3f4cccc24af836ce58facbb699) C:\windows\system32\kmsvc.dll

13:29:39.0616 0716        hkmsvc - ok

13:29:39.0669 0716        HomeGroupListener (6658f4404de03d75fe3ba09f7aba6a30) C:\windows\system32\ListSvc.dll

13:29:39.0714 0716        HomeGroupListener - ok

13:29:39.0767 0716        HomeGroupProvider (dbc02d918fff1cad628acbe0c0eaa8e8) C:\windows\system32\provsvc.dll

13:29:39.0813 0716        HomeGroupProvider - ok

13:29:39.0848 0716        HpSAMD          (295fdc419039090eb8b49ffdbb374549) C:\windows\system32\drivers\HpSAMD.sys

13:29:39.0861 0716        HpSAMD - ok

13:29:39.0939 0716        HTTP            (871917b07a141bff43d76d8844d48106) C:\windows\system32\drivers\HTTP.sys

13:29:39.0971 0716        HTTP - ok

13:29:40.0022 0716        hwdatacard      (988c0a49f09d75d3341cb419141793c1) C:\windows\system32\DRIVERS\ewusbmdm.sys

13:29:40.0074 0716        hwdatacard - ok

13:29:40.0114 0716        hwpolicy        (0c4e035c7f105f1299258c90886c64c5) C:\windows\system32\drivers\hwpolicy.sys

13:29:40.0125 0716        hwpolicy - ok

13:29:40.0169 0716        hwusbdev        (a259d3619aa23d4562581067f85e2006) C:\windows\system32\DRIVERS\ewusbdev.sys

13:29:40.0214 0716        hwusbdev - ok

13:29:40.0270 0716        i8042prt        (f151f0bdc47f4a28b1b20a0818ea36d6) C:\windows\system32\drivers\i8042prt.sys

13:29:40.0285 0716        i8042prt - ok

13:29:40.0344 0716        iaStor          (eb3a2c773e202ced30595bbfad24febf) C:\windows\system32\DRIVERS\iaStor.sys

13:29:40.0362 0716        iaStor - ok

13:29:40.0423 0716        iaStorV         (5cd5f9a5444e6cdcb0ac89bd62d8b76e) C:\windows\system32\drivers\iaStorV.sys

13:29:40.0441 0716        iaStorV - ok

13:29:40.0582 0716        idsvc           (c521d7eb6497bb1af6afa89e322fb43c) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

13:29:40.0610 0716        idsvc - ok

13:29:40.0981 0716        igfx            (ad626f6964f4d364d226c39e06872dd3) C:\windows\system32\DRIVERS\igdkmd32.sys

13:29:41.0070 0716        igfx - ok

13:29:41.0244 0716        iirsp           (4173ff5708f3236cf25195fecd742915) C:\windows\system32\DRIVERS\iirsp.sys

13:29:41.0257 0716        iirsp - ok

13:29:41.0349 0716        IKEEXT          (f95622f161474511b8d80d6b093aa610) C:\windows\System32\ikeext.dll

13:29:41.0399 0716        IKEEXT - ok

13:29:41.0463 0716        Impcd           (e3c36ac5ae87ec970ae8ea2a93d59ae1) C:\windows\system32\DRIVERS\Impcd.sys

13:29:41.0517 0716        Impcd - ok

13:29:41.0782 0716        IntcAzAudAddService (f4427e5df32cde359b2e2e5512d18001) C:\windows\system32\drivers\RTKVHDA.sys

13:29:41.0856 0716        IntcAzAudAddService - ok

13:29:42.0039 0716        intelide        (a0f12f2c9ba6c72f3987ce780e77c130) C:\windows\system32\drivers\intelide.sys

13:29:42.0050 0716        intelide - ok

13:29:42.0114 0716        intelppm        (3b514d27bfc4accb4037bc6685f766e0) C:\windows\system32\DRIVERS\intelppm.sys

13:29:42.0141 0716        intelppm - ok

13:29:42.0184 0716        IPBusEnum       (acb364b9075a45c0736e5c47be5cae19) C:\windows\system32\ipbusenum.dll

13:29:42.0217 0716        IPBusEnum - ok

13:29:42.0236 0716        IpFilterDriver  (709d1761d3b19a932ff0238ea6d50200) C:\windows\system32\DRIVERS\ipfltdrv.sys

13:29:42.0280 0716        IpFilterDriver - ok

13:29:42.0361 0716        iphlpsvc        (4d65a07b795d6674312f879d09aa7663) C:\windows\System32\iphlpsvc.dll

13:29:42.0408 0716        iphlpsvc - ok

13:29:42.0438 0716        IPMIDRV         (4bd7134618c1d2a27466a099062547bf) C:\windows\system32\drivers\IPMIDrv.sys

13:29:42.0469 0716        IPMIDRV - ok

13:29:42.0504 0716        IPNAT           (a5fa468d67abcdaa36264e463a7bb0cd) C:\windows\system32\drivers\ipnat.sys

13:29:42.0537 0716        IPNAT - ok

13:29:42.0554 0716        IRENUM          (42996cff20a3084a56017b7902307e9f) C:\windows\system32\drivers\irenum.sys

13:29:42.0616 0716        IRENUM - ok

13:29:42.0665 0716        isapnp          (1f32bb6b38f62f7df1a7ab7292638a35) C:\windows\system32\drivers\isapnp.sys

13:29:42.0678 0716        isapnp - ok

13:29:42.0730 0716        iScsiPrt        (cb7a9abb12b8415bce5d74994c7ba3ae) C:\windows\system32\drivers\msiscsi.sys

13:29:42.0746 0716        iScsiPrt - ok

13:29:42.0769 0716        kbdclass        (adef52ca1aeae82b50df86b56413107e) C:\windows\system32\drivers\kbdclass.sys

13:29:42.0781 0716        kbdclass - ok

13:29:42.0819 0716        kbdhid          (9e3ced91863e6ee98c24794d05e27a71) C:\windows\system32\drivers\kbdhid.sys

13:29:42.0852 0716        kbdhid - ok

13:29:42.0889 0716        KeyIso          (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe

13:29:42.0902 0716        KeyIso - ok

13:29:42.0927 0716        KSecDD          (f4647bb23db9038a7536cf6b68f4207f) C:\windows\system32\Drivers\ksecdd.sys

13:29:42.0939 0716        KSecDD - ok

13:29:42.0979 0716        KSecPkg         (e73cae53bbb72ba26918492c6b4c229d) C:\windows\system32\Drivers\ksecpkg.sys

13:29:42.0992 0716        KSecPkg - ok

13:29:43.0034 0716        KtmRm           (89a7b9cc98d0d80c6f31b91c0a310fcd) C:\windows\system32\msdtckrm.dll

13:29:43.0081 0716        KtmRm - ok

13:29:43.0140 0716        LanmanServer    (d64af876d53eca3668bb97b51b4e70ab) C:\windows\system32\srvsvc.dll

13:29:43.0183 0716        LanmanServer - ok

13:29:43.0221 0716        LanmanWorkstation (58405e4f68ba8e4057c6e914f326aba2) C:\windows\System32\wkssvc.dll

13:29:43.0264 0716        LanmanWorkstation - ok

13:29:43.0316 0716        lltdio          (f7611ec07349979da9b0ae1f18ccc7a6) C:\windows\system32\DRIVERS\lltdio.sys

13:29:43.0368 0716        lltdio - ok

13:29:43.0409 0716        lltdsvc         (5700673e13a2117fa3b9020c852c01e2) C:\windows\System32\lltdsvc.dll

13:29:43.0454 0716        lltdsvc - ok

13:29:43.0496 0716        lmhosts         (55ca01ba19d0006c8f2639b6c045e08b) C:\windows\System32\lmhsvc.dll

13:29:43.0543 0716        lmhosts - ok

13:29:43.0571 0716        LSI_FC          (eb119a53ccf2acc000ac71b065b78fef) C:\windows\system32\DRIVERS\lsi_fc.sys

13:29:43.0584 0716        LSI_FC - ok

13:29:43.0600 0716        LSI_SAS         (8ade1c877256a22e49b75d1cc9161f9c) C:\windows\system32\DRIVERS\lsi_sas.sys

13:29:43.0612 0716        LSI_SAS - ok

13:29:43.0636 0716        LSI_SAS2        (dc9dc3d3daa0e276fd2ec262e38b11e9) C:\windows\system32\DRIVERS\lsi_sas2.sys

13:29:43.0648 0716        LSI_SAS2 - ok

13:29:43.0657 0716        LSI_SCSI        (0a036c7d7cab643a7f07135ac47e0524) C:\windows\system32\DRIVERS\lsi_scsi.sys

13:29:43.0670 0716        LSI_SCSI - ok

13:29:43.0695 0716        luafv           (6703e366cc18d3b6e534f5cf7df39cee) C:\windows\system32\drivers\luafv.sys

13:29:43.0743 0716        luafv - ok

13:29:43.0801 0716        massfilter      (f0435fe3c1ec2659d2bbf073ca0752ee) C:\windows\system32\DRIVERS\massfilter.sys

13:29:43.0848 0716        massfilter - ok

13:29:43.0898 0716        Mcx2Svc         (bfb9ee8ee977efe85d1a3105abef6dd1) C:\windows\system32\Mcx2Svc.dll

13:29:43.0914 0716        Mcx2Svc - ok

13:29:43.0944 0716        megasas         (0fff5b045293002ab38eb1fd1fc2fb74) C:\windows\system32\DRIVERS\megasas.sys

13:29:43.0956 0716        megasas - ok

13:29:44.0010 0716        MegaSR          (dcbab2920c75f390caf1d29f675d03d6) C:\windows\system32\DRIVERS\MegaSR.sys

13:29:44.0026 0716        MegaSR - ok

13:29:44.0050 0716        MMCSS           (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll

13:29:44.0103 0716        MMCSS - ok

13:29:44.0127 0716        Modem           (f001861e5700ee84e2d4e52c712f4964) C:\windows\system32\drivers\modem.sys

13:29:44.0177 0716        Modem - ok

13:29:44.0218 0716        monitor         (79d10964de86b292320e9dfe02282a23) C:\windows\system32\DRIVERS\monitor.sys

13:29:44.0254 0716        monitor - ok

13:29:44.0292 0716        mouclass        (fb18cc1d4c2e716b6b903b0ac0cc0609) C:\windows\system32\DRIVERS\mouclass.sys

13:29:44.0304 0716        mouclass - ok

13:29:44.0341 0716        mouhid          (2c388d2cd01c9042596cf3c8f3c7b24d) C:\windows\system32\DRIVERS\mouhid.sys

13:29:44.0355 0716        mouhid - ok

13:29:44.0402 0716        mountmgr        (fc8771f45ecccfd89684e38842539b9b) C:\windows\system32\drivers\mountmgr.sys

13:29:44.0414 0716        mountmgr - ok

13:29:44.0531 0716        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

13:29:44.0544 0716        MozillaMaintenance - ok

13:29:44.0588 0716        mpio            (2d699fb6e89ce0d8da14ecc03b3edfe0) C:\windows\system32\drivers\mpio.sys

13:29:44.0602 0716        mpio - ok

13:29:44.0632 0716        mpsdrv          (ad2723a7b53dd1aacae6ad8c0bfbf4d0) C:\windows\system32\drivers\mpsdrv.sys

13:29:44.0679 0716        mpsdrv - ok

13:29:44.0744 0716        MpsSvc          (9835584e999d25004e1ee8e5f3e3b881) C:\windows\system32\mpssvc.dll

13:29:44.0798 0716        MpsSvc - ok

13:29:44.0835 0716        MRxDAV          (ceb46ab7c01c9f825f8cc6babc18166a) C:\windows\system32\drivers\mrxdav.sys

13:29:44.0875 0716        MRxDAV - ok

13:29:44.0932 0716        mrxsmb          (5d16c921e3671636c0eba3bbaac5fd25) C:\windows\system32\DRIVERS\mrxsmb.sys

13:29:44.0982 0716        mrxsmb - ok

13:29:45.0033 0716        mrxsmb10        (6d17a4791aca19328c685d256349fefc) C:\windows\system32\DRIVERS\mrxsmb10.sys

13:29:45.0060 0716        mrxsmb10 - ok

13:29:45.0086 0716        mrxsmb20        (b81f204d146000be76651a50670a5e9e) C:\windows\system32\DRIVERS\mrxsmb20.sys

13:29:45.0111 0716        mrxsmb20 - ok

13:29:45.0139 0716        msahci          (012c5f4e9349e711e11e0f19a8589f0a) C:\windows\system32\drivers\msahci.sys

13:29:45.0150 0716        msahci - ok

13:29:45.0196 0716        msdsm           (55055f8ad8be27a64c831322a780a228) C:\windows\system32\drivers\msdsm.sys

13:29:45.0210 0716        msdsm - ok

13:29:45.0241 0716        MSDTC           (e1bce74a3bd9902b72599c0192a07e27) C:\windows\System32\msdtc.exe

13:29:45.0271 0716        MSDTC - ok

13:29:45.0318 0716        Msfs            (daefb28e3af5a76abcc2c3078c07327f) C:\windows\system32\drivers\Msfs.sys

13:29:45.0364 0716        Msfs - ok

13:29:45.0386 0716        mshidkmdf       (3e1e5767043c5af9367f0056295e9f84) C:\windows\System32\drivers\mshidkmdf.sys

13:29:45.0433 0716        mshidkmdf - ok

13:29:45.0465 0716        msisadrv        (0a4e5757ae09fa9622e3158cc1aef114) C:\windows\system32\drivers\msisadrv.sys

13:29:45.0476 0716        msisadrv - ok

13:29:45.0535 0716        MSiSCSI         (90f7d9e6b6f27e1a707d4a297f077828) C:\windows\system32\iscsiexe.dll

13:29:45.0584 0716        MSiSCSI - ok

13:29:45.0587 0716        msiserver - ok

13:29:45.0634 0716        MSKSSRV         (8c0860d6366aaffb6c5bb9df9448e631) C:\windows\system32\drivers\MSKSSRV.sys

13:29:45.0676 0716        MSKSSRV - ok

13:29:45.0696 0716        MSPCLOCK        (3ea8b949f963562cedbb549eac0c11ce) C:\windows\system32\drivers\MSPCLOCK.sys

13:29:45.0739 0716        MSPCLOCK - ok

13:29:45.0757 0716        MSPQM           (f456e973590d663b1073e9c463b40932) C:\windows\system32\drivers\MSPQM.sys

13:29:45.0787 0716        MSPQM - ok

13:29:45.0818 0716        MsRPC           (0e008fc4819d238c51d7c93e7b41e560) C:\windows\system32\drivers\MsRPC.sys

13:29:45.0832 0716        MsRPC - ok

13:29:45.0876 0716        mssmbios        (fc6b9ff600cc585ea38b12589bd4e246) C:\windows\system32\drivers\mssmbios.sys

13:29:45.0888 0716        mssmbios - ok

13:29:45.0910 0716        MSTEE           (b42c6b921f61a6e55159b8be6cd54a36) C:\windows\system32\drivers\MSTEE.sys

13:29:45.0940 0716        MSTEE - ok

13:29:45.0961 0716        MTConfig        (33599130f44e1f34631cea241de8ac84) C:\windows\system32\DRIVERS\MTConfig.sys

13:29:45.0997 0716        MTConfig - ok

13:29:46.0022 0716        Mup             (159fad02f64e6381758c990f753bcc80) C:\windows\system32\Drivers\mup.sys

13:29:46.0034 0716        Mup - ok

13:29:46.0091 0716        napagent        (61d57a5d7c6d9afe10e77dae6e1b445e) C:\windows\system32\qagentRT.dll

13:29:46.0140 0716        napagent - ok

13:29:46.0214 0716        NativeWifiP     (26384429fcd85d83746f63e798ab1480) C:\windows\system32\DRIVERS\nwifi.sys

13:29:46.0234 0716        NativeWifiP - ok

13:29:46.0328 0716        NDIS            (e7c54812a2aaf43316eb6930c1ffa108) C:\windows\system32\drivers\ndis.sys

13:29:46.0351 0716        NDIS - ok

13:29:46.0391 0716        NdisCap         (0e1787aa6c9191d3d319e8bafe86f80c) C:\windows\system32\DRIVERS\ndiscap.sys

13:29:46.0432 0716        NdisCap - ok

13:29:46.0461 0716        NdisTapi        (e4a8aec125a2e43a9e32afeea7c9c888) C:\windows\system32\DRIVERS\ndistapi.sys

13:29:46.0506 0716        NdisTapi - ok

13:29:46.0551 0716        Ndisuio         (d8a65dafb3eb41cbb622745676fcd072) C:\windows\system32\DRIVERS\ndisuio.sys

13:29:46.0601 0716        Ndisuio - ok

13:29:46.0638 0716        NdisWan         (38fbe267e7e6983311179230facb1017) C:\windows\system32\DRIVERS\ndiswan.sys

13:29:46.0688 0716        NdisWan - ok

13:29:46.0727 0716        NDProxy         (a4bdc541e69674fbff1a8ff00be913f2) C:\windows\system32\drivers\NDProxy.sys

13:29:46.0774 0716        NDProxy - ok

13:29:46.0823 0716        NetBIOS         (80b275b1ce3b0e79909db7b39af74d51) C:\windows\system32\DRIVERS\netbios.sys

13:29:46.0870 0716        NetBIOS - ok

13:29:46.0921 0716        NetBT           (280122ddcf04b378edd1ad54d71c1e54) C:\windows\system32\DRIVERS\netbt.sys

13:29:46.0967 0716        NetBT - ok

13:29:46.0999 0716        Netlogon        (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe

13:29:47.0013 0716        Netlogon - ok

13:29:47.0084 0716        Netman          (7cccfca7510684768da22092d1fa4db2) C:\windows\System32\netman.dll

13:29:47.0131 0716        Netman - ok

13:29:47.0157 0716        netprofm        (8c338238c16777a802d6a9211eb2ba50) C:\windows\System32\netprofm.dll

13:29:47.0204 0716        netprofm - ok

13:29:47.0291 0716        NetTcpPortSharing (f476ec40033cdb91efbe73eb99b8362d) C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:29:47.0302 0716        NetTcpPortSharing - ok

13:29:47.0348 0716        nfrd960         (1d85c4b390b0ee09c7a46b91efb2c097) C:\windows\system32\DRIVERS\nfrd960.sys

13:29:47.0361 0716        nfrd960 - ok

13:29:47.0409 0716        NlaSvc          (912084381d30d8b89ec4e293053f4710) C:\windows\System32\nlasvc.dll

13:29:47.0456 0716        NlaSvc - ok

13:29:47.0562 0716        nlsX86cc        (40f7172bc27a2e4197962aa0758c62d4) C:\windows\system32\nlssrv32.exe

13:29:47.0584 0716        nlsX86cc ( UnsignedFile.Multi.Generic ) - warning

13:29:47.0584 0716        nlsX86cc - detected UnsignedFile.Multi.Generic (1)

13:29:47.0608 0716        Npfs            (1db262a9f8c087e8153d89bef3d2235f) C:\windows\system32\drivers\Npfs.sys

13:29:47.0652 0716        Npfs - ok

13:29:47.0683 0716        nsi             (ba387e955e890c8a88306d9b8d06bf17) C:\windows\system32\nsisvc.dll

13:29:47.0714 0716        nsi - ok

13:29:47.0742 0716        nsiproxy        (e9a0a4d07e53d8fea2bb8387a3293c58) C:\windows\system32\drivers\nsiproxy.sys

13:29:47.0791 0716        nsiproxy - ok

13:29:47.0908 0716        Ntfs            (81189c3d7763838e55c397759d49007a) C:\windows\system32\drivers\Ntfs.sys

13:29:47.0939 0716        Ntfs - ok

13:29:47.0962 0716        Null            (f9756a98d69098dca8945d62858a812c) C:\windows\system32\drivers\Null.sys

13:29:47.0992 0716        Null - ok

13:29:48.0054 0716        NVHDA           (8571011b62ce0207fa1dc95d88308f1d) C:\windows\system32\drivers\nvhda32v.sys

13:29:48.0066 0716        NVHDA - ok

13:29:48.0797 0716        nvlddmkm        (f0280a7b9c6483ba7aaa42c0866f1c4a) C:\windows\system32\DRIVERS\nvlddmkm.sys

13:29:49.0091 0716        nvlddmkm - ok

13:29:49.0290 0716        nvraid          (b3e25ee28883877076e0e1ff877d02e0) C:\windows\system32\drivers\nvraid.sys

13:29:49.0303 0716        nvraid - ok

13:29:49.0346 0716        nvstor          (4380e59a170d88c4f1022eff6719a8a4) C:\windows\system32\drivers\nvstor.sys

13:29:49.0360 0716        nvstor - ok

13:29:49.0423 0716        nvsvc           (805d826a6f2521a020f65f87103d8a32) C:\windows\system32\nvvsvc.exe

13:29:49.0438 0716        nvsvc - ok

13:29:49.0488 0716        nv_agp          (5a0983915f02bae73267cc2a041f717d) C:\windows\system32\drivers\nv_agp.sys

13:29:49.0501 0716        nv_agp - ok

13:29:49.0552 0716        ohci1394        (08a70a1f2cdde9bb49b885cb817a66eb) C:\windows\system32\drivers\ohci1394.sys

13:29:49.0588 0716        ohci1394 - ok

13:29:49.0723 0716        OpenVPNService  (ec322186d8fce3d632f3f597d67747dd) C:\Program Files\OpenVPN\bin\openvpnserv.exe

13:29:49.0742 0716        OpenVPNService ( UnsignedFile.Multi.Generic ) - warning

13:29:49.0742 0716        OpenVPNService - detected UnsignedFile.Multi.Generic (1)

13:29:49.0821 0716        ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

13:29:49.0832 0716        ose - ok

13:29:50.0219 0716        osppsvc         (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

13:29:50.0310 0716        osppsvc - ok

13:29:50.0460 0716        p2pimsvc        (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll

13:29:50.0507 0716        p2pimsvc - ok

13:29:50.0563 0716        p2psvc          (59c3ddd501e39e006dac31bf55150d91) C:\windows\system32\p2psvc.dll

13:29:50.0580 0716        p2psvc - ok

13:29:50.0641 0716        Parport         (2ea877ed5dd9713c5ac74e8ea7348d14) C:\windows\system32\DRIVERS\parport.sys

13:29:50.0667 0716        Parport - ok

13:29:50.0702 0716        partmgr         (3f34a1b4c5f6475f320c275e63afce9b) C:\windows\system32\drivers\partmgr.sys

13:29:50.0713 0716        partmgr - ok

13:29:50.0723 0716        Parvdm          (eb0a59f29c19b86479d36b35983daadc) C:\windows\system32\DRIVERS\parvdm.sys

13:29:50.0737 0716        Parvdm - ok

13:29:50.0775 0716        PcaSvc          (358ab7956d3160000726574083dfc8a6) C:\windows\System32\pcasvc.dll

13:29:50.0794 0716        PcaSvc - ok

13:29:50.0842 0716        pci             (673e55c3498eb970088e812ea820aa8f) C:\windows\system32\drivers\pci.sys

13:29:50.0856 0716        pci - ok

13:29:50.0873 0716        pciide          (afe86f419014db4e5593f69ffe26ce0a) C:\windows\system32\drivers\pciide.sys

13:29:50.0884 0716        pciide - ok

13:29:50.0921 0716        pcmcia          (f396431b31693e71e8a80687ef523506) C:\windows\system32\DRIVERS\pcmcia.sys

13:29:50.0936 0716        pcmcia - ok

13:29:50.0955 0716        pcw             (250f6b43d2b613172035c6747aeeb19f) C:\windows\system32\drivers\pcw.sys

13:29:50.0966 0716        pcw - ok

13:29:51.0027 0716        PEAUTH          (9e0104ba49f4e6973749a02bf41344ed) C:\windows\system32\drivers\peauth.sys

13:29:51.0093 0716        PEAUTH - ok

13:29:51.0239 0716        pla             (414bba67a3ded1d28437eb66aeb8a720) C:\windows\system32\pla.dll

13:29:51.0292 0716        pla - ok

13:29:51.0454 0716        PlugPlay        (ec7bc28d207da09e79b3e9faf8b232ca) C:\windows\system32\umpnpmgr.dll

13:29:51.0514 0716        PlugPlay - ok

13:29:51.0537 0716        PNRPAutoReg     (63ff8572611249931eb16bb8eed6afc8) C:\windows\system32\pnrpauto.dll

13:29:51.0570 0716        PNRPAutoReg - ok

13:29:51.0615 0716        PNRPsvc         (82a8521ddc60710c3d3d3e7325209bec) C:\windows\system32\pnrpsvc.dll

13:29:51.0632 0716        PNRPsvc - ok

13:29:51.0694 0716        PolicyAgent     (53946b69ba0836bd95b03759530c81ec) C:\windows\System32\ipsecsvc.dll

13:29:51.0728 0716        PolicyAgent - ok

13:29:51.0771 0716        Power           (f87d30e72e03d579a5199ccb3831d6ea) C:\windows\system32\umpo.dll

13:29:51.0802 0716        Power - ok

13:29:51.0885 0716        PptpMiniport    (631e3e205ad6d86f2aed6a4a8e69f2db) C:\windows\system32\DRIVERS\raspptp.sys

13:29:51.0917 0716        PptpMiniport - ok

13:29:51.0930 0716        Processor       (85b1e3a0c7585bc4aae6899ec6fcf011) C:\windows\system32\DRIVERS\processr.sys

13:29:51.0943 0716        Processor - ok

13:29:51.0971 0716        ProfSvc         (cadefac453040e370a1bdff3973be00d) C:\windows\system32\profsvc.dll

13:29:52.0021 0716        ProfSvc - ok

13:29:52.0043 0716        ProtectedStorage (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe

13:29:52.0057 0716        ProtectedStorage - ok

13:29:52.0109 0716        Psched          (6270ccae2a86de6d146529fe55b3246a) C:\windows\system32\DRIVERS\pacer.sys

13:29:52.0154 0716        Psched - ok

13:29:52.0287 0716        ql2300          (ab95ecf1f6659a60ddc166d8315b0751) C:\windows\system32\DRIVERS\ql2300.sys

13:29:52.0327 0716        ql2300 - ok

13:29:52.0478 0716        ql40xx          (b4dd51dd25182244b86737dc51af2270) C:\windows\system32\DRIVERS\ql40xx.sys

13:29:52.0492 0716        ql40xx - ok

13:29:52.0531 0716        QWAVE           (31ac809e7707eb580b2bdb760390765a) C:\windows\system32\qwave.dll

13:29:52.0564 0716        QWAVE - ok

13:29:52.0586 0716        QWAVEdrv        (584078ca1b95ca72df2a27c336f9719d) C:\windows\system32\drivers\qwavedrv.sys

13:29:52.0624 0716        QWAVEdrv - ok

13:29:52.0644 0716        RasAcd          (30a81b53c766d0133bb86d234e5556ab) C:\windows\system32\DRIVERS\rasacd.sys

13:29:52.0687 0716        RasAcd - ok

13:29:52.0717 0716        RasAgileVpn     (57ec4aef73660166074d8f7f31c0d4fd) C:\windows\system32\DRIVERS\AgileVpn.sys

13:29:52.0760 0716        RasAgileVpn - ok

13:29:52.0802 0716        RasAuto         (a60f1839849c0c00739787fd5ec03f13) C:\windows\System32\rasauto.dll

13:29:52.0835 0716        RasAuto - ok

13:29:52.0884 0716        Rasl2tp         (d9f91eafec2815365cbe6d167e4e332a) C:\windows\system32\DRIVERS\rasl2tp.sys

13:29:52.0926 0716        Rasl2tp - ok

13:29:52.0976 0716        RasMan          (cb9e04dc05eacf5b9a36ca276d475006) C:\windows\System32\rasmans.dll

13:29:53.0008 0716        RasMan - ok

13:29:53.0049 0716        RasPppoe        (0fe8b15916307a6ac12bfb6a63e45507) C:\windows\system32\DRIVERS\raspppoe.sys

13:29:53.0101 0716        RasPppoe - ok

13:29:53.0133 0716        RasSstp         (44101f495a83ea6401d886e7fd70096b) C:\windows\system32\DRIVERS\rassstp.sys

13:29:53.0177 0716        RasSstp - ok

13:29:53.0233 0716        rdbss           (d528bc58a489409ba40334ebf96a311b) C:\windows\system32\DRIVERS\rdbss.sys

13:29:53.0263 0716        rdbss - ok

13:29:53.0282 0716        rdpbus          (0d8f05481cb76e70e1da06ee9f0da9df) C:\windows\system32\DRIVERS\rdpbus.sys

13:29:53.0309 0716        rdpbus - ok

13:29:53.0350 0716        RDPCDD          (23dae03f29d253ae74c44f99e515f9a1) C:\windows\system32\DRIVERS\RDPCDD.sys

13:29:53.0392 0716        RDPCDD - ok

13:29:53.0431 0716        RDPENCDD        (5a53ca1598dd4156d44196d200c94b8a) C:\windows\system32\drivers\rdpencdd.sys

13:29:53.0479 0716        RDPENCDD - ok

13:29:53.0497 0716        RDPREFMP        (44b0a53cd4f27d50ed461dae0c0b4e1f) C:\windows\system32\drivers\rdprefmp.sys

13:29:53.0540 0716        RDPREFMP - ok

13:29:53.0593 0716        RDPWD           (f031683e6d1fea157abb2ff260b51e61) C:\windows\system32\drivers\RDPWD.sys

13:29:53.0641 0716        RDPWD - ok

13:29:53.0686 0716        rdyboost        (518395321dc96fe2c9f0e96ac743b656) C:\windows\system32\drivers\rdyboost.sys

13:29:53.0700 0716        rdyboost - ok

13:29:53.0742 0716        RemoteAccess    (7b5e1419717fac363a31cc302895217a) C:\windows\System32\mprdim.dll

13:29:53.0785 0716        RemoteAccess - ok

13:29:53.0827 0716        RemoteRegistry  (cb9a8683f4ef2bf99e123d79950d7935) C:\windows\system32\regsvc.dll

13:29:53.0877 0716        RemoteRegistry - ok

13:29:53.0950 0716        Rezip           (f85ae59a52885f4b09aadafb23001a3b) C:\windows\SYSTEM32\Rezip.exe

13:29:53.0980 0716        Rezip ( UnsignedFile.Multi.Generic ) - warning

13:29:53.0980 0716        Rezip - detected UnsignedFile.Multi.Generic (1)

13:29:54.0041 0716        RFCOMM          (cb928d9e6daf51879dd6ba8d02f01321) C:\windows\system32\DRIVERS\rfcomm.sys

13:29:54.0058 0716        RFCOMM - ok

13:29:54.0219 0716        RichVideo       (7ccaebcab6fc1ed0206c07e083e79207) C:\Program Files\CyberLink\Shared files\RichVideo.exe

13:29:54.0231 0716        RichVideo - ok

13:29:54.0260 0716        RpcEptMapper    (78d072f35bc45d9e4e1b61895c152234) C:\windows\System32\RpcEpMap.dll

13:29:54.0308 0716        RpcEptMapper - ok

13:29:54.0354 0716        RpcLocator      (94d36c0e44677dd26981d2bfeef2a29d) C:\windows\system32\locator.exe

13:29:54.0380 0716        RpcLocator - ok

13:29:54.0444 0716        RpcSs           (7660f01d3b38aca1747e397d21d790af) C:\windows\system32\rpcss.dll

13:29:54.0477 0716        RpcSs - ok

13:29:54.0518 0716        rspndr          (032b0d36ad92b582d869879f5af5b928) C:\windows\system32\DRIVERS\rspndr.sys

13:29:54.0563 0716        rspndr - ok

13:29:54.0605 0716        RTL8167         (7dfd48e24479b68b258d8770121155a0) C:\windows\system32\DRIVERS\Rt86win7.sys

13:29:54.0635 0716        RTL8167 - ok

13:29:54.0698 0716        rtport          (41ce6b172542a9a227e34a45881e1d2a) C:\windows\system32\drivers\rtport.sys

13:29:54.0708 0716        rtport - ok

13:29:54.0733 0716        SABI            (6e5fbb7cbaec47038b945d5e9b144a64) C:\windows\system32\Drivers\SABI.sys

13:29:54.0777 0716        SABI - ok

13:29:54.0799 0716        SamSs           (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe

13:29:54.0812 0716        SamSs - ok

13:29:54.0905 0716        SASDIFSV        (39763504067962108505bff25f024345) C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS

13:29:54.0915 0716        SASDIFSV - ok

13:29:54.0937 0716        SASKUTIL        (77b9fc20084b48408ad3e87570eb4a85) C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS

13:29:54.0948 0716        SASKUTIL - ok

13:29:55.0226 0716        SBAMSvc         (bce943896289a91ad75cc5652620b1c6) C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

13:29:55.0296 0716        SBAMSvc - ok

13:29:55.0471 0716        sbapifs         (3fff8cda4d2f29ca06f1557e85163c30) C:\windows\system32\DRIVERS\sbapifs.sys

13:29:55.0482 0716        sbapifs - ok

13:29:55.0566 0716        SbFw            (bcf3ba30c1cfa2942cf26c31384b37c7) C:\windows\system32\drivers\SbFw.sys

13:29:55.0581 0716        SbFw - ok

13:29:55.0634 0716        SBFWIMCL        (1dcad90cc9c0ddc7d060fd97854f8518) C:\windows\system32\DRIVERS\sbfwim.sys

13:29:55.0645 0716        SBFWIMCL - ok

13:29:55.0648 0716        SBFWIMCLMP      (1dcad90cc9c0ddc7d060fd97854f8518) C:\windows\system32\DRIVERS\SBFWIM.sys

13:29:55.0660 0716        SBFWIMCLMP - ok

13:29:55.0699 0716        sbhips          (1afd7178ab9c4fce2d332da7aa474fa6) C:\windows\system32\drivers\sbhips.sys

13:29:55.0710 0716        sbhips - ok

13:29:55.0759 0716        sbp2port        (05d860da1040f111503ac416ccef2bca) C:\windows\system32\drivers\sbp2port.sys

13:29:55.0772 0716        sbp2port - ok

13:29:55.0807 0716        SBRE            (1fd538c4feb36b793d2121f20bbdc16f) C:\windows\system32\drivers\SBREdrv.sys

13:29:55.0819 0716        SBRE - ok

13:29:55.0876 0716        sbwtis          (9bdf801a6c78e3f1e6fa1c5ca90baa8a) C:\windows\system32\DRIVERS\sbwtis.sys

13:29:55.0887 0716        sbwtis - ok

13:29:55.0918 0716        SCardSvr        (8fc518ffe9519c2631d37515a68009c4) C:\windows\System32\SCardSvr.dll

13:29:55.0966 0716        SCardSvr - ok

13:29:55.0994 0716        scfilter        (0693b5ec673e34dc147e195779a4dcf6) C:\windows\system32\DRIVERS\scfilter.sys

13:29:56.0022 0716        scfilter - ok

13:29:56.0119 0716        Schedule        (a04bb13f8a72f8b6e8b4071723e4e336) C:\windows\system32\schedsvc.dll

13:29:56.0178 0716        Schedule - ok

13:29:56.0213 0716        SCPolicySvc     (319c6b309773d063541d01df8ac6f55f) C:\windows\System32\certprop.dll

13:29:56.0240 0716        SCPolicySvc - ok

13:29:56.0462 0716        ScrybeUpdater   (b60e9769655ddee8368e3abb6668e076) C:\Program Files\Synaptics\Scrybe\Service\ScrybeUpdater.exe

13:29:56.0492 0716        ScrybeUpdater - ok

13:29:56.0631 0716        SDRSVC          (08236c4bce5edd0a0318a438af28e0f7) C:\windows\System32\SDRSVC.dll

13:29:56.0671 0716        SDRSVC - ok

13:29:56.0745 0716        secdrv          (90a3935d05b494a5a39d37e71f09a677) C:\windows\system32\drivers\secdrv.sys

13:29:56.0791 0716        secdrv - ok

13:29:56.0822 0716        seclogon        (a59b3a4442c52060cc7a85293aa3546f) C:\windows\system32\seclogon.dll

13:29:56.0856 0716        seclogon - ok

13:29:56.0877 0716        SENS            (dcb7fcdcc97f87360f75d77425b81737) C:\windows\System32\sens.dll

13:29:56.0928 0716        SENS - ok

13:29:56.0960 0716        SensrSvc        (50087fe1ee447009c9cc2997b90de53f) C:\windows\system32\sensrsvc.dll

13:29:56.0981 0716        SensrSvc - ok

13:29:57.0025 0716        Serenum         (9ad8b8b515e3df6acd4212ef465de2d1) C:\windows\system32\DRIVERS\serenum.sys

13:29:57.0051 0716        Serenum - ok

13:29:57.0096 0716        Serial          (5fb7fcea0490d821f26f39cc5ea3d1e2) C:\windows\system32\DRIVERS\serial.sys

13:29:57.0125 0716        Serial - ok

13:29:57.0176 0716        sermouse        (79bffb520327ff916a582dfea17aa813) C:\windows\system32\DRIVERS\sermouse.sys

13:29:57.0212 0716        sermouse - ok

13:29:57.0263 0716        SessionEnv      (4ae380f39a0032eab7dd953030b26d28) C:\windows\system32\sessenv.dll

13:29:57.0293 0716        SessionEnv - ok

13:29:57.0336 0716        sffdisk         (9f976e1eb233df46fce808d9dea3eb9c) C:\windows\system32\drivers\sffdisk.sys

13:29:57.0352 0716        sffdisk - ok

13:29:57.0367 0716        sffp_mmc        (932a68ee27833cfd57c1639d375f2731) C:\windows\system32\drivers\sffp_mmc.sys

13:29:57.0402 0716        sffp_mmc - ok

13:29:57.0427 0716        sffp_sd         (6d4ccaedc018f1cf52866bbbaa235982) C:\windows\system32\drivers\sffp_sd.sys

13:29:57.0456 0716        sffp_sd - ok

13:29:57.0484 0716        sfloppy         (db96666cc8312ebc45032f30b007a547) C:\windows\system32\DRIVERS\sfloppy.sys

13:29:57.0511 0716        sfloppy - ok

13:29:57.0592 0716        Sftfs           (d9b734638dd8dba9d59aad3189cd0fad) C:\windows\system32\DRIVERS\Sftfslh.sys

13:29:57.0615 0716        Sftfs - ok

13:29:57.0759 0716        sftlist         (cb73bc422c07fb611f194da18d1e7f36) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

13:29:57.0776 0716        sftlist - ok

13:29:57.0853 0716        Sftplay         (2f61bd46c0bff4eb36e1e359ca17bfc5) C:\windows\system32\DRIVERS\Sftplaylh.sys

13:29:57.0866 0716        Sftplay - ok

13:29:57.0920 0716        Sftredir        (518bac0179f94304f422696b47c0ec12) C:\windows\system32\DRIVERS\Sftredirlh.sys

13:29:57.0929 0716        Sftredir - ok

13:29:57.0965 0716        Sftvol          (747325236d88b3f05ffd27ff9ec711c5) C:\windows\system32\DRIVERS\Sftvollh.sys

13:29:57.0974 0716        Sftvol - ok

13:29:58.0041 0716        sftvsa          (a5812f0281ca5081bf696626f9bf324d) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

13:29:58.0053 0716        sftvsa - ok

13:29:58.0099 0716        SharedAccess    (d1a079a0de2ea524513b6930c24527a2) C:\windows\System32\ipnathlp.dll

13:29:58.0155 0716        SharedAccess - ok

13:29:58.0214 0716        ShellHWDetection (414da952a35bf5d50192e28263b40577) C:\windows\System32\shsvcs.dll

13:29:58.0270 0716        ShellHWDetection - ok

13:29:58.0306 0716        sisagp          (2565cac0dc9fe0371bdce60832582b2e) C:\windows\system32\drivers\sisagp.sys

13:29:58.0318 0716        sisagp - ok

13:29:58.0366 0716        SiSRaid2        (a9f0486851becb6dda1d89d381e71055) C:\windows\system32\DRIVERS\SiSRaid2.sys

13:29:58.0378 0716        SiSRaid2 - ok

13:29:58.0399 0716        SiSRaid4        (3727097b55738e2f554972c3be5bc1aa) C:\windows\system32\DRIVERS\sisraid4.sys

13:29:58.0412 0716        SiSRaid4 - ok

13:29:58.0496 0716        SkypeUpdate     (6128e98eaaed364ed1a32708d2fd22cb) C:\Program Files\Skype\Updater\Updater.exe

13:29:58.0506 0716        SkypeUpdate - ok

13:29:58.0522 0716        Smb             (3e21c083b8a01cb70ba1f09303010fce) C:\windows\system32\DRIVERS\smb.sys

13:29:58.0554 0716        Smb - ok

13:29:58.0603 0716        SNMPTRAP        (6a984831644eca1a33ffeae4126f4f37) C:\windows\System32\snmptrap.exe

13:29:58.0616 0716        SNMPTRAP - ok

13:29:58.0643 0716        spldr           (95cf1ae7527fb70f7816563cbc09d942) C:\windows\system32\drivers\spldr.sys

13:29:58.0654 0716        spldr - ok

13:29:58.0719 0716        Spooler         (866a43013535dc8587c258e43579c764) C:\windows\System32\spoolsv.exe

13:29:58.0772 0716        Spooler - ok

13:29:59.0021 0716        sppsvc          (cf87a1de791347e75b98885214ced2b8) C:\windows\system32\sppsvc.exe

13:29:59.0085 0716        sppsvc - ok

13:29:59.0214 0716        sppuinotify     (b0180b20b065d89232a78a40fe56eaa6) C:\windows\system32\sppuinotify.dll

13:29:59.0264 0716        sppuinotify - ok

13:29:59.0359 0716        srv             (e4c2764065d66ea1d2d3ebc28fe99c46) C:\windows\system32\DRIVERS\srv.sys

13:29:59.0414 0716        srv - ok

13:29:59.0438 0716        srv2            (03f0545bd8d4c77fa0ae1ceedfcc71ab) C:\windows\system32\DRIVERS\srv2.sys

13:29:59.0475 0716        srv2 - ok

13:29:59.0508 0716        srvnet          (be6bd660caa6f291ae06a718a4fa8abc) C:\windows\system32\DRIVERS\srvnet.sys

13:29:59.0544 0716        srvnet - ok

13:29:59.0594 0716        ssadbus         (406776fe3c2b66796bac1a7afb9ac8a1) C:\windows\system32\DRIVERS\ssadbus.sys

13:29:59.0646 0716        ssadbus - ok

13:29:59.0673 0716        ssadmdfl        (b19532d015a5d295e2aa34bb521202cf) C:\windows\system32\DRIVERS\ssadmdfl.sys

13:29:59.0709 0716        ssadmdfl - ok

13:29:59.0743 0716        ssadmdm         (2aebf9108e6f435458b9499c27394da4) C:\windows\system32\DRIVERS\ssadmdm.sys

13:29:59.0771 0716        ssadmdm - ok

13:29:59.0825 0716        ssadserd        (28f893c9b4e98dee5ae3c24db56b1b11) C:\windows\system32\DRIVERS\ssadserd.sys

13:29:59.0848 0716        ssadserd - ok

13:29:59.0886 0716        SSDPSRV         (d887c9fd02ac9fa880f6e5027a43e118) C:\windows\System32\ssdpsrv.dll

13:29:59.0934 0716        SSDPSRV - ok

13:29:59.0979 0716        ssmdrv          (a36ee93698802cd899f98bfd553d8185) C:\windows\system32\DRIVERS\ssmdrv.sys

13:29:59.0987 0716        ssmdrv - ok

13:30:00.0002 0716        SstpSvc         (d318f23be45d5e3a107469eb64815b50) C:\windows\system32\sstpsvc.dll

13:30:00.0032 0716        SstpSvc - ok

13:30:00.0064 0716        stexstor        (db32d325c192b801df274bfd12a7e72b) C:\windows\system32\DRIVERS\stexstor.sys

13:30:00.0076 0716        stexstor - ok

13:30:00.0158 0716        StiSvc          (e1fb3706030fb4578a0d72c2fc3689e4) C:\windows\System32\wiaservc.dll

13:30:00.0181 0716        StiSvc - ok

13:30:00.0219 0716        swenum          (e58c78a848add9610a4db6d214af5224) C:\windows\system32\drivers\swenum.sys

13:30:00.0230 0716        swenum - ok

13:30:00.0282 0716        swprv           (a28bd92df340e57b024ba433165d34d7) C:\windows\System32\swprv.dll

13:30:00.0317 0716        swprv - ok

13:30:00.0482 0716        SynTP           (2185cc5be9922562108cf87f42e4bbaf) C:\windows\system32\DRIVERS\SynTP.sys

13:30:00.0520 0716        SynTP - ok

13:30:00.0743 0716        SysMain         (36650d618ca34c9d357dfd3d89b2c56f) C:\windows\system32\sysmain.dll

13:30:00.0796 0716        SysMain - ok

13:30:00.0836 0716        TabletInputService (763fecdc3d30c815fe72dd57936c6cd1) C:\windows\System32\TabSvc.dll

13:30:00.0869 0716        TabletInputService - ok

13:30:00.0954 0716        tap0901         (8cf6e2ae1707d82e904ecca68cef8b87) C:\windows\system32\DRIVERS\tap0901.sys

13:30:00.0972 0716        tap0901 - ok

13:30:01.0026 0716        TapiSrv         (613bf4820361543956909043a265c6ac) C:\windows\System32\tapisrv.dll

13:30:01.0076 0716        TapiSrv - ok

13:30:01.0102 0716        TBS             (b799d9fdb26111737f58288d8dc172d9) C:\windows\System32\tbssvc.dll

13:30:01.0154 0716        TBS - ok

13:30:01.0299 0716        Tcpip           (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\drivers\tcpip.sys

13:30:01.0331 0716        Tcpip - ok

13:30:01.0358 0716        TCPIP6          (7fa2e0f8b072bd04b77b421480b6cc22) C:\windows\system32\DRIVERS\tcpip.sys

13:30:01.0390 0716        TCPIP6 - ok

13:30:01.0427 0716        tcpipBM         (dcfeb82ca988598ceb8f83148616038e) C:\windows\system32\drivers\tcpipBM.sys

13:30:01.0445 0716        tcpipBM ( UnsignedFile.Multi.Generic ) - warning

13:30:01.0445 0716        tcpipBM - detected UnsignedFile.Multi.Generic (1)

13:30:01.0485 0716        tcpipreg        (cca24162e055c3714ce5a88b100c64ed) C:\windows\system32\drivers\tcpipreg.sys

13:30:01.0527 0716        tcpipreg - ok

13:30:01.0565 0716        TDPIPE          (1cb91b2bd8f6dd367dfc2ef26fd751b2) C:\windows\system32\drivers\tdpipe.sys

13:30:01.0611 0716        TDPIPE - ok

13:30:01.0634 0716        TDTCP           (2c2c5afe7ee4f620d69c23c0617651a8) C:\windows\system32\drivers\tdtcp.sys

13:30:01.0659 0716        TDTCP - ok

13:30:01.0695 0716        tdx             (b459575348c20e8121d6039da063c704) C:\windows\system32\DRIVERS\tdx.sys

13:30:01.0740 0716        tdx - ok

13:30:01.0772 0716        TermDD          (04dbf4b01ea4bf25a9a3e84affac9b20) C:\windows\system32\drivers\termdd.sys

13:30:01.0784 0716        TermDD - ok

13:30:01.0861 0716        TermService     (382c804c92811be57829d8e550a900e2) C:\windows\System32\termsrv.dll

13:30:01.0896 0716        TermService - ok

13:30:01.0926 0716        Themes          (42fb6afd6b79d9fe07381609172e7ca4) C:\windows\system32\themeservice.dll

13:30:01.0958 0716        Themes - ok

13:30:01.0992 0716        THREADORDER     (146b6f43a673379a3c670e86d89be5ea) C:\windows\system32\mmcss.dll

13:30:02.0023 0716        THREADORDER - ok

13:30:02.0043 0716        TrkWks          (4792c0378db99a9bc2ae2de6cfff0c3a) C:\windows\System32\trkwks.dll

13:30:02.0096 0716        TrkWks - ok

13:30:02.0167 0716        TrustedInstaller (2c49b175aee1d4364b91b531417fe583) C:\windows\servicing\TrustedInstaller.exe

13:30:02.0212 0716        TrustedInstaller - ok

13:30:02.0243 0716        tssecsrv        (254bb140eee3c59d6114c1a86b636877) C:\windows\system32\DRIVERS\tssecsrv.sys

13:30:02.0293 0716        tssecsrv - ok

13:30:02.0346 0716        TsUsbFlt        (fd1d6c73e6333be727cbcc6054247654) C:\windows\system32\drivers\tsusbflt.sys

13:30:02.0370 0716        TsUsbFlt - ok

13:30:02.0429 0716        tunnel          (b2fa25d9b17a68bb93d58b0556e8c90d) C:\windows\system32\DRIVERS\tunnel.sys

13:30:02.0480 0716        tunnel - ok

13:30:02.0518 0716        uagp35          (750fbcb269f4d7dd2e420c56b795db6d) C:\windows\system32\DRIVERS\uagp35.sys

13:30:02.0530 0716        uagp35 - ok

13:30:02.0582 0716        udfs            (ee43346c7e4b5e63e54f927babbb32ff) C:\windows\system32\DRIVERS\udfs.sys

13:30:02.0613 0716        udfs - ok

13:30:02.0651 0716        UI0Detect       (8344fd4fce927880aa1aa7681d4927e5) C:\windows\system32\UI0Detect.exe

13:30:02.0680 0716        UI0Detect - ok

13:30:02.0718 0716        uliagpkx        (44e8048ace47befbfdc2e9be4cbc8880) C:\windows\system32\drivers\uliagpkx.sys

13:30:02.0731 0716        uliagpkx - ok

13:30:02.0773 0716        umbus           (d295bed4b898f0fd999fcfa9b32b071b) C:\windows\system32\drivers\umbus.sys

13:30:02.0788 0716        umbus - ok

13:30:02.0817 0716        UmPass          (7550ad0c6998ba1cb4843e920ee0feac) C:\windows\system32\DRIVERS\umpass.sys

13:30:02.0849 0716        UmPass - ok

13:30:02.0900 0716        upnphost        (833fbb672460efce8011d262175fad33) C:\windows\System32\upnphost.dll

13:30:02.0948 0716        upnphost - ok

13:30:02.0970 0716        usbccgp         (bd9c55d7023c5de374507acc7a14e2ac) C:\windows\system32\DRIVERS\usbccgp.sys

13:30:03.0018 0716        usbccgp - ok

13:30:03.0070 0716        usbcir          (04ec7cec62ec3b6d9354eee93327fc82) C:\windows\system32\drivers\usbcir.sys

13:30:03.0106 0716        usbcir - ok

13:30:03.0135 0716        usbehci         (f92de757e4b7ce9c07c5e65423f3ae3b) C:\windows\system32\drivers\usbehci.sys

13:30:03.0148 0716        usbehci - ok

13:30:03.0212 0716        usbhub          (8dc94aec6a7e644a06135ae7506dc2e9) C:\windows\system32\DRIVERS\usbhub.sys

13:30:03.0229 0716        usbhub - ok

13:30:03.0270 0716        usbohci         (e185d44fac515a18d9deddc23c2cdf44) C:\windows\system32\drivers\usbohci.sys

13:30:03.0303 0716        usbohci - ok

13:30:03.0341 0716        usbprint        (797d862fe0875e75c7cc4c1ad7b30252) C:\windows\system32\DRIVERS\usbprint.sys

13:30:03.0356 0716        usbprint - ok

13:30:03.0385 0716        usbscan         (576096ccbc07e7c4ea4f5e6686d6888f) C:\windows\system32\DRIVERS\usbscan.sys

13:30:03.0418 0716        usbscan - ok

13:30:03.0465 0716        usbser          (31181de6190b39fc8007dffd1a48ffd6) C:\windows\system32\drivers\usbser.sys

13:30:03.0521 0716        usbser - ok

13:30:03.0547 0716        USBSTOR         (f991ab9cc6b908db552166768176896a) C:\windows\system32\DRIVERS\USBSTOR.SYS

13:30:03.0600 0716        USBSTOR - ok

13:30:03.0615 0716        usbuhci         (68df884cf41cdada664beb01daf67e3d) C:\windows\system32\drivers\usbuhci.sys

13:30:03.0641 0716        usbuhci - ok

13:30:03.0700 0716        usbvideo        (45f4e7bf43db40a6c6b4d92c76cbc3f2) C:\windows\System32\Drivers\usbvideo.sys

13:30:03.0718 0716        usbvideo - ok

13:30:03.0759 0716        USB_RNDIS       (b71da871254d96d0349639d03e4c1cc1) C:\windows\system32\DRIVERS\usb8023.sys

13:30:03.0789 0716        USB_RNDIS - ok

13:30:03.0819 0716        UxSms           (081e6e1c91aec36758902a9f727cd23c) C:\windows\System32\uxsms.dll

13:30:03.0848 0716        UxSms - ok

13:30:03.0874 0716        VaultSvc        (81951f51e318aecc2d68559e47485cc4) C:\windows\system32\lsass.exe

13:30:03.0888 0716        VaultSvc - ok

13:30:03.0931 0716        vdrvroot        (a059c4c3edb09e07d21a8e5c0aabd3cb) C:\windows\system32\drivers\vdrvroot.sys

13:30:03.0943 0716        vdrvroot - ok

13:30:04.0004 0716        vds             (c3cd30495687c2a2f66a65ca6fd89be9) C:\windows\System32\vds.exe

13:30:04.0041 0716        vds - ok

13:30:04.0084 0716        vga             (17c408214ea61696cec9c66e388b14f3) C:\windows\system32\DRIVERS\vgapnp.sys

13:30:04.0100 0716        vga - ok

13:30:04.0133 0716        VgaSave         (8e38096ad5c8570a6f1570a61e251561) C:\windows\System32\drivers\vga.sys

13:30:04.0177 0716        VgaSave - ok

13:30:04.0221 0716        vhdmp           (5461686cca2fda57b024547733ab42e3) C:\windows\system32\drivers\vhdmp.sys

13:30:04.0235 0716        vhdmp - ok

13:30:04.0289 0716        viaagp          (c829317a37b4bea8f39735d4b076e923) C:\windows\system32\drivers\viaagp.sys

13:30:04.0302 0716        viaagp - ok

13:30:04.0331 0716        ViaC7           (e02f079a6aa107f06b16549c6e5c7b74) C:\windows\system32\DRIVERS\viac7.sys

13:30:04.0359 0716        ViaC7 - ok

13:30:04.0379 0716        viaide          (e43574f6a56a0ee11809b48c09e4fd3c) C:\windows\system32\drivers\viaide.sys

13:30:04.0391 0716        viaide - ok

13:30:04.0433 0716        volmgr          (4c63e00f2f4b5f86ab48a58cd990f212) C:\windows\system32\drivers\volmgr.sys

13:30:04.0445 0716        volmgr - ok

13:30:04.0478 0716        volmgrx         (b5bb72067ddddbbfb04b2f89ff8c3c87) C:\windows\system32\drivers\volmgrx.sys

13:30:04.0494 0716        volmgrx - ok

13:30:04.0553 0716        volsnap         (f497f67932c6fa693d7de2780631cfe7) C:\windows\system32\drivers\volsnap.sys

13:30:04.0568 0716        volsnap - ok

13:30:04.0626 0716        vsmraid         (9dfa0cc2f8855a04816729651175b631) C:\windows\system32\DRIVERS\vsmraid.sys

13:30:04.0641 0716        vsmraid - ok

13:30:04.0752 0716        VSS             (209a3b1901b83aeb8527ed211cce9e4c) C:\windows\system32\vssvc.exe

13:30:04.0805 0716        VSS - ok

13:30:04.0830 0716        vwifibus        (90567b1e658001e79d7c8bbd3dde5aa6) C:\windows\system32\DRIVERS\vwifibus.sys

13:30:04.0865 0716        vwifibus - ok

13:30:04.0908 0716        vwififlt        (7090d3436eeb4e7da3373090a23448f7) C:\windows\system32\DRIVERS\vwififlt.sys

13:30:04.0939 0716        vwififlt - ok

13:30:04.0988 0716        W32Time         (55187fd710e27d5095d10a472c8baf1c) C:\windows\system32\w32time.dll

13:30:05.0044 0716        W32Time - ok

13:30:05.0070 0716        WacomPen        (de3721e89c653aa281428c8a69745d90) C:\windows\system32\DRIVERS\wacompen.sys

13:30:05.0098 0716        WacomPen - ok

13:30:05.0149 0716        WANARP          (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys

13:30:05.0195 0716        WANARP - ok

13:30:05.0198 0716        Wanarpv6        (3c3c78515f5ab448b022bdf5b8ffdd2e) C:\windows\system32\DRIVERS\wanarp.sys

13:30:05.0226 0716        Wanarpv6 - ok

13:30:05.0375 0716        WatAdminSvc     (353a04c273ec58475d8633e75ccd5604) C:\windows\system32\Wat\WatAdminSvc.exe

13:30:05.0418 0716        WatAdminSvc - ok

13:30:05.0560 0716        wbengine        (691e3285e53dca558e1a84667f13e15a) C:\windows\system32\wbengine.exe

13:30:05.0620 0716        wbengine - ok

13:30:05.0659 0716        WbioSrvc        (9614b5d29dc76ac3c29f6d2d3aa70e67) C:\windows\System32\wbiosrvc.dll

13:30:05.0680 0716        WbioSrvc - ok

13:30:05.0736 0716        wcncsvc         (34eee0dfaadb4f691d6d5308a51315dc) C:\windows\System32\wcncsvc.dll

13:30:05.0770 0716        wcncsvc - ok

13:30:05.0774 0716        WcsPlugInService (5d930b6357a6d2af4d7653bdabbf352f) C:\windows\System32\WcsPlugInService.dll

13:30:05.0813 0716        WcsPlugInService - ok

13:30:05.0867 0716        Wd              (1112a9badacb47b7c0bb0392e3158dff) C:\windows\system32\DRIVERS\wd.sys

13:30:05.0879 0716        Wd - ok

13:30:05.0925 0716        Wdf01000        (9950e3d0f08141c7e89e64456ae7dc73) C:\windows\system32\drivers\Wdf01000.sys

13:30:05.0943 0716        Wdf01000 - ok

13:30:05.0960 0716        WdiServiceHost  (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll

13:30:06.0011 0716        WdiServiceHost - ok

13:30:06.0014 0716        WdiSystemHost   (46ef9dc96265fd0b423db72e7c38c2a5) C:\windows\system32\wdi.dll

13:30:06.0032 0716        WdiSystemHost - ok

13:30:06.0084 0716        WebClient       (a9d880f97530d5b8fee278923349929d) C:\windows\System32\webclnt.dll

13:30:06.0117 0716        WebClient - ok

13:30:06.0151 0716        Wecsvc          (760f0afe937a77cff27153206534f275) C:\windows\system32\wecsvc.dll

13:30:06.0185 0716        Wecsvc - ok

13:30:06.0203 0716        wercplsupport   (ac804569bb2364fb6017370258a4091b) C:\windows\System32\wercplsupport.dll

13:30:06.0234 0716        wercplsupport - ok

13:30:06.0267 0716        WerSvc          (08e420d873e4fd85241ee2421b02c4a4) C:\windows\System32\WerSvc.dll

13:30:06.0298 0716        WerSvc - ok

13:30:06.0330 0716        WfpLwf          (8b9a943f3b53861f2bfaf6c186168f79) C:\windows\system32\DRIVERS\wfplwf.sys

13:30:06.0362 0716        WfpLwf - ok

13:30:06.0379 0716        WIMMount        (5cf95b35e59e2a38023836fff31be64c) C:\windows\system32\drivers\wimmount.sys

13:30:06.0391 0716        WIMMount - ok

13:30:06.0517 0716        WinDefend       (3fae8f94296001c32eab62cd7d82e0fd) C:\Program Files\Windows Defender\mpsvc.dll

13:30:06.0554 0716        WinDefend - ok

13:30:06.0560 0716        WinHttpAutoProxySvc - ok

13:30:06.0642 0716        Winmgmt         (f62e510b6ad4c21eb9fe8668ed251826) C:\windows\system32\wbem\WMIsvc.dll

13:30:06.0672 0716        Winmgmt - ok

13:30:06.0800 0716        WinRM           (1b91cd34ea3a90ab6a4ef0550174f4cc) C:\windows\system32\WsmSvc.dll

13:30:06.0858 0716        WinRM - ok

13:30:06.0937 0716        WinUsb          (a67e5f9a400f3bd1be3d80613b45f708) C:\windows\system32\DRIVERS\WinUsb.sys

13:30:06.0972 0716        WinUsb - ok

13:30:07.0063 0716        Wlansvc         (16935c98ff639d185086a3529b1f2067) C:\windows\System32\wlansvc.dll

13:30:07.0090 0716        Wlansvc - ok

13:30:07.0129 0716        WmiAcpi         (0217679b8fca58714c3bf2726d2ca84e) C:\windows\system32\drivers\wmiacpi.sys

13:30:07.0162 0716        WmiAcpi - ok

13:30:07.0236 0716        wmiApSrv        (6eb6b66517b048d87dc1856ddf1f4c3f) C:\windows\system32\wbem\WmiApSrv.exe

13:30:07.0265 0716        wmiApSrv - ok

13:30:07.0439 0716        WMPNetworkSvc   (3b40d3a61aa8c21b88ae57c58ab3122e) C:\Program Files\Windows Media Player\wmpnetwk.exe

13:30:07.0476 0716        WMPNetworkSvc - ok

13:30:07.0505 0716        WPCSvc          (a2f0ec770a92f2b3f9de6d518e11409c) C:\windows\System32\wpcsvc.dll

13:30:07.0526 0716        WPCSvc - ok

13:30:07.0573 0716        WPDBusEnum      (aa53356d60af47eacc85bc617a4f3f66) C:\windows\system32\wpdbusenum.dll

13:30:07.0612 0716        WPDBusEnum - ok

13:30:07.0673 0716        ws2ifsl         (6db3276587b853bf886b69528fdb048c) C:\windows\system32\drivers\ws2ifsl.sys

13:30:07.0719 0716        ws2ifsl - ok

13:30:07.0750 0716        wscsvc          (6f5d49efe0e7164e03ae773a3fe25340) C:\windows\System32\wscsvc.dll

13:30:07.0768 0716        wscsvc - ok

13:30:07.0771 0716        WSearch - ok

13:30:07.0933 0716        wuauserv        (fc3ec24fce372c89423e015a2ac1a31e) C:\windows\system32\wuaueng.dll

13:30:07.0978 0716        wuauserv - ok

13:30:08.0154 0716        WudfPf          (e714a1c0354636837e20ccbf00888ee7) C:\windows\system32\drivers\WudfPf.sys

13:30:08.0184 0716        WudfPf - ok

13:30:08.0234 0716        WUDFRd          (1023ee888c9b47178c5293ed5336ab69) C:\windows\system32\DRIVERS\WUDFRd.sys

13:30:08.0265 0716        WUDFRd - ok

13:30:08.0315 0716        wudfsvc         (8d1e1e529a2c9e9b6a85b55a345f7629) C:\windows\System32\WUDFSvc.dll

13:30:08.0344 0716        wudfsvc - ok

13:30:08.0385 0716        WwanSvc         (ff2d745b560f7c71b31f30f4d49f73d2) C:\windows\System32\wwansvc.dll

13:30:08.0406 0716        WwanSvc - ok

13:30:08.0477 0716        yukonw7         (30b73eb97218a16cbc6de535782a1b35) C:\windows\system32\DRIVERS\yk62x86.sys

13:30:08.0529 0716        yukonw7 - ok

13:30:08.0593 0716        ZTEusbmdm6k     (b8b466103280e45e391e876f05122607) C:\windows\system32\DRIVERS\ZTEusbmdm6k.sys

13:30:08.0613 0716        ZTEusbmdm6k - ok

13:30:08.0632 0716        ZTEusbnet       (911ba85906bc7602c73441502abfb565) C:\windows\system32\DRIVERS\ZTEusbnet.sys

13:30:08.0653 0716        ZTEusbnet - ok

13:30:08.0693 0716        ZTEusbnmea      (69774b89725ddc4781e0eeb9809f3b20) C:\windows\system32\DRIVERS\ZTEusbnmea.sys

13:30:08.0740 0716        ZTEusbnmea - ok

13:30:08.0802 0716        ZTEusbser6k     (b8b466103280e45e391e876f05122607) C:\windows\system32\DRIVERS\ZTEusbser6k.sys

13:30:08.0815 0716        ZTEusbser6k - ok

13:30:08.0840 0716        ZTEusbvoice     (b8b466103280e45e391e876f05122607) C:\windows\system32\DRIVERS\ZTEusbvoice.sys

13:30:08.0852 0716        ZTEusbvoice - ok

13:30:08.0961 0716        MBR (0x1B8)     (2e5debb2116b3417023e0d6562d7ed07) \Device\Harddisk0\DR0

13:30:09.0423 0716        \Device\Harddisk0\DR0 - ok

13:30:09.0449 0716        Boot (0x1200)   (615df38242380c7ce249ecda8dfcbf11) \Device\Harddisk0\DR0\Partition0

13:30:09.0451 0716        \Device\Harddisk0\DR0\Partition0 - ok

13:30:09.0464 0716        Boot (0x1200)   (522d36ed4744732fcad88a18441f4f40) \Device\Harddisk0\DR0\Partition1

13:30:09.0466 0716        \Device\Harddisk0\DR0\Partition1 - ok

13:30:09.0492 0716        Boot (0x1200)   (d081fa005a08bca0f74d3dd515baac42) \Device\Harddisk0\DR0\Partition2

13:30:09.0494 0716        \Device\Harddisk0\DR0\Partition2 - ok

13:30:09.0494 0716        ============================================================

13:30:09.0494 0716        Scan finished

13:30:09.0494 0716        ============================================================

13:30:09.0503 4956        Detected object count: 6

13:30:09.0503 4956        Actual detected object count: 6

13:30:39.0375 4956        C:\windows\system32\drivers\BMLoad.sys - copied to quarantine

13:30:39.0375 4956        HKLM\SYSTEM\ControlSet001\services\BMLoad - will be deleted on reboot

13:30:39.0415 4956        HKLM\SYSTEM\ControlSet002\services\BMLoad - will be deleted on reboot

13:30:39.0583 4956        C:\windows\system32\drivers\BMLoad.sys - will be deleted on reboot

13:30:39.0583 4956        BMLoad ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:39.0618 4956        C:\windows\system32\FsUsbExDisk.SYS - copied to quarantine

13:30:39.0619 4956        HKLM\SYSTEM\ControlSet001\services\FsUsbExDisk - will be deleted on reboot

13:30:39.0632 4956        HKLM\SYSTEM\ControlSet002\services\FsUsbExDisk - will be deleted on reboot

13:30:39.0635 4956        C:\windows\system32\FsUsbExDisk.SYS - will be deleted on reboot

13:30:39.0635 4956        FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:39.0680 4956        C:\windows\system32\nlssrv32.exe - copied to quarantine

13:30:39.0680 4956        HKLM\SYSTEM\ControlSet001\services\nlsX86cc - will be deleted on reboot

13:30:39.0695 4956        HKLM\SYSTEM\ControlSet002\services\nlsX86cc - will be deleted on reboot

13:30:39.0698 4956        C:\windows\system32\nlssrv32.exe - will be deleted on reboot

13:30:39.0698 4956        nlsX86cc ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:39.0806 4956        C:\Program Files\OpenVPN\bin\openvpnserv.exe - copied to quarantine

13:30:39.0806 4956        HKLM\SYSTEM\ControlSet001\services\OpenVPNService - will be deleted on reboot

13:30:39.0821 4956        HKLM\SYSTEM\ControlSet002\services\OpenVPNService - will be deleted on reboot

13:30:39.0825 4956        C:\Program Files\OpenVPN\bin\openvpnserv.exe - will be deleted on reboot

13:30:39.0825 4956        OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:39.0893 4956        C:\windows\SYSTEM32\Rezip.exe - copied to quarantine

13:30:39.0894 4956        HKLM\SYSTEM\ControlSet001\services\Rezip - will be deleted on reboot

13:30:39.0912 4956        HKLM\SYSTEM\ControlSet002\services\Rezip - will be deleted on reboot

13:30:39.0915 4956        C:\windows\SYSTEM32\Rezip.exe - will be deleted on reboot

13:30:39.0915 4956        Rezip ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:39.0945 4956        C:\windows\system32\drivers\tcpipBM.sys - copied to quarantine

13:30:39.0945 4956        HKLM\SYSTEM\ControlSet001\services\tcpipBM - will be deleted on reboot

13:30:39.0965 4956        HKLM\SYSTEM\ControlSet002\services\tcpipBM - will be deleted on reboot

13:30:39.0968 4956        C:\windows\system32\drivers\tcpipBM.sys - will be deleted on reboot

13:30:39.0968 4956        tcpipBM ( UnsignedFile.Multi.Generic ) - User select action: Delete 

13:30:42.0327 0768        Deinitialize success