Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   S.M.A.R.T. Repair & Google Redirect-Trojaner/Virus (https://www.trojaner-board.de/118459-s-m-a-r-t-repair-google-redirect-trojaner-virus.html)

firstLINE 03.07.2012 23:21
S.M.A.R.T. Repair & Google Redirect-Trojaner/Virus
 
Hallo allerseits,
ich habe ein Problem mit meinem Laptop! Und zwar sind bei mir ganz plötzlich alle Programme abgestürzt und ich bekam jede Menge Fehlermeldungen à la "Teile der Festplatte sind defekt", "Schreib- und Lesefehler in C:\" usw. (den genauen Wortlaut weiß ich leider nicht mehr). Gleichzeitig hat sich das Programm S.M.A.R.T. Repair / Data Revocery geöffnet, einen Systemcheck durchgeführt und sämtliche Fehler gefunden. Daraufhin hab ich mir einige Anleitungen durchgelesen (u.a. in diesem Forum), wie man dieses Programm wieder entfernt. Nach mehreren Neustarts waren dann auch alle Dateien auf meinem Computer wieder sichtbar, jedoch bekam ich nach jedem Neustart eine Meldung von AntiVir, dass sich auf den Laufwerken C:, D: und W: ein Virus befindet (BOO/TDss.O). Mittlerweile bin ich auf avast Antivirus umgestiegen und habe eine Startzeitüberprüfung durchführen lassen. Dabei kam die Meldung "Datei MBR 0 ist infiziert von MBR:Alureon-L [Rtk]". Mir ist außerdem noch aufgefallen, dass ich mitunter auf Websiten wie z.B. haveme.com weitergeleitet werde, wenn ich auf ein Suchergebnis bei Google klicke.

Hier sind meine Logs:

defogger

defogger_disable.log
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 23:49 on 03/07/2012 (Patrick)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

OTL

OTL.txt
Code:
OTL logfile created on: 7/3/2012 11:54:56 PM - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Patrick\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.79 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 65.09% Memory free
7.59 Gb Paging File | 6.17 Gb Available in Paging File | 81.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172.79 Gb Total Space | 103.44 Gb Free Space | 59.86% Space Free | Partition Type: NTFS
Drive D: | 113.19 Gb Total Space | 8.45 Gb Free Space | 7.46% Space Free | Partition Type: NTFS
Drive W: | 12.00 Gb Total Space | 3.84 Gb Free Space | 31.97% Space Free | Partition Type: NTFS
 
Computer Name: PATRICKS | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/07/03 23:52:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
PRC - [2012/06/28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2012/06/28 14:51:51 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012/06/28 14:51:48 | 000,133,912 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2012/01/08 10:39:06 | 000,035,328 | ---- | M] (NirSoft) -- C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe
PRC - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/10/01 06:01:32 | 002,320,920 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009/10/01 06:01:30 | 000,268,824 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files (x86)\System Control Manager\MSIService.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012/06/28 14:51:53 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2012/06/28 14:51:48 | 000,133,912 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2010/01/08 13:34:01 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/14 03:39:47 | 000,081,920 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\tlntsvr.exe -- (TlntSvr)
SRV - [2012/06/18 14:45:03 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/06/05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012/04/04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/16 16:26:26 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2011/12/16 16:26:22 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011/12/01 21:55:08 | 000,069,632 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Connectify\ConnectifyService.exe -- (Connectify)
SRV - [2011/07/29 21:31:40 | 001,249,064 | ---- | M] () [Disabled | Stopped] -- C:\ProgramData\TVersity\Media Server\MediaServer.exe -- (TVersityMediaServer)
SRV - [2011/05/29 04:12:16 | 000,075,136 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2010/10/13 20:36:44 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 11:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/03 20:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2009/10/01 06:01:32 | 002,320,920 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009/10/01 06:01:30 | 000,268,824 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009/07/10 00:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\System Control Manager\MSIService.exe -- (Micro Star SCM)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012/07/03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswNdis2.sys -- (aswNdis2)
DRV:64bit: - [2012/07/03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswFW.sys -- (aswFW)
DRV:64bit: - [2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012/06/27 22:33:54 | 000,012,368 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswNdis.sys -- (aswNdis)
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudserd.sys -- (ssudserd) SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.)
DRV:64bit: - [2012/02/24 11:14:42 | 000,203,320 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm) SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.)
DRV:64bit: - [2012/02/24 11:14:42 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.)
DRV:64bit: - [2012/01/18 14:04:14 | 000,031,344 | ---- | M] (Connectify) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\cnnctfy2.sys -- (cnnctfy2)
DRV:64bit: - [2011/12/08 06:22:36 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2011/12/08 06:22:36 | 000,141,384 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdserd.sys -- (sscdserd) SAMSUNG Mobile Modem Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/12/08 06:22:36 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus) SAMSUNG USB Composite Device driver (WDM)
DRV:64bit: - [2011/12/08 06:22:36 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2011/12/08 06:22:28 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011/12/08 06:22:28 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus) SAMSUNG Android USB Composite Device driver (WDM)
DRV:64bit: - [2011/12/08 06:22:28 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd) SAMSUNG Android USB Diagnostic Serial Port (WDM)
DRV:64bit: - [2011/12/08 06:22:28 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2011/12/08 06:22:28 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl) SAMSUNG Android USB Modem (Filter)
DRV:64bit: - [2011/06/27 02:37:00 | 002,753,536 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011/06/10 06:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/01/04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010/11/20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/02 09:18:46 | 000,021,504 | ---- | M] (Shrew Soft Inc) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\vfilter.sys -- (vflt)
DRV:64bit: - [2010/09/02 09:18:46 | 000,017,408 | ---- | M] (Shrew Soft Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\virtualnet.sys -- (vnet)
DRV:64bit: - [2010/03/04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/02/10 09:01:58 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010/01/28 04:33:38 | 000,116,736 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/01/08 13:55:30 | 006,232,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag)
DRV:64bit: - [2010/01/08 13:55:30 | 006,232,064 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010/01/08 12:41:42 | 007,778,176 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010/01/08 12:40:57 | 000,160,256 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010/01/07 21:51:38 | 000,271,872 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2009/12/16 04:12:25 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009/12/05 03:50:22 | 000,087,888 | ---- | M] (ENE Technology Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\EUCR6SK.sys -- (EUCR)
DRV:64bit: - [2009/09/17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009/08/28 10:33:48 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 23:01:14 | 001,227,776 | ---- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SmSerl64.sys -- (smserial)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 23:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/01/04 16:11:16 | 000,016,392 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2006/07/24 17:05:00 | 000,005,632 | ---- | M] () [File_System | System | Stopped] -- C:\windows\SysWow64\drivers\StarOpen.sys -- (StarOpen)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F1A148D2-8D6B-4736-91DD-AED78EACF3C8}
IE:64bit: - HKLM\..\SearchScopes\{F1A148D2-8D6B-4736-91DD-AED78EACF3C8}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {A7172603-AD3C-4D75-B502-E98AC72B540D}
IE - HKLM\..\SearchScopes\{A7172603-AD3C-4D75-B502-E98AC72B540D}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msmiq.com/(S(cmjgqi45joflms55soqm2oiq))/default.aspx?language=de-de
IE - HKCU\..\SearchScopes,DefaultScope = {A7172603-AD3C-4D75-B502-E98AC72B540D}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012/03/15 04:57:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012/07/03 23:17:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/06/18 14:45:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012/04/12 00:32:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 3.1.7\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2011/10/28 19:54:16 | 000,000,000 | ---D | M]
 
[2011/02/02 09:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions
[2011/02/02 09:53:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2010/09/17 23:24:04 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012/07/03 19:11:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions
[2012/05/11 03:31:02 | 000,000,000 | ---D | M] (SeoQuake) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\{317B5128-0B0B-49b2-B2DB-1E7560E16C74}
[2010/09/18 02:03:30 | 000,000,000 | ---D | M] (SmoothWheel (mozdev.org)) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\{5F590AA2-1221-4113-A6F4-A4BB62414FAC}
[2012/05/29 00:52:33 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\battlefieldheroespatcher@ea.com
[2012/05/18 19:45:48 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Patrick\AppData\Roaming\mozilla\Firefox\Profiles\55rk036k.default\extensions\ich@maltegoetz.de
[2011/12/19 19:13:47 | 000,000,933 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\11-suche.xml
[2011/12/19 19:13:47 | 000,002,419 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\englische-ergebnisse.xml
[2012/06/28 22:52:00 | 000,001,018 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\facebook.xml
[2011/12/19 19:13:47 | 000,010,525 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\gmx-suche.xml
[2011/12/19 19:13:47 | 000,002,457 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\lastminute.xml
[2011/12/19 19:13:47 | 000,005,508 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\webde-suche.xml
[2011/01/21 18:25:38 | 000,004,140 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\searchplugins\youtube.xml
[2012/05/21 15:02:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/01/21 00:47:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
[2012/03/15 04:57:48 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2012/06/26 21:44:09 | 000,626,986 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{62760FD6-B943-48C9-AB09-F99C6FE96088}.XPI
[2012/06/05 01:31:15 | 000,020,995 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{8A8C1ADA-2504-45C6-A2D2-265591ABBD00}.XPI
[2011/10/31 15:41:07 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012/05/19 11:37:06 | 000,697,058 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{DC572301-7619-498C-A57D-39143191B318}.XPI
[2012/07/03 19:11:28 | 000,045,005 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\{EF522540-89F5-46B9-B6FE-1829E2B572C6}.XPI
[2012/05/04 01:24:33 | 000,363,268 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI
[2012/03/07 18:57:05 | 000,072,222 | ---- | M] () (No name found) -- C:\USERS\PATRICK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\55RK036K.DEFAULT\EXTENSIONS\SKIPSCREEN@SKIPSCREEN.XPI
[2012/06/18 14:45:04 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/03/08 13:06:20 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2011/08/31 12:38:58 | 000,082,944 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2012/03/11 18:35:28 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/03/11 18:35:28 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/03/11 18:35:28 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/03/11 18:35:28 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/03/11 18:35:28 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/03/11 18:35:28 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2011/10/14 02:43:20 | 000,437,925 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1        www.007guard.com
O1 - Hosts: 127.0.0.1        007guard.com
O1 - Hosts: 127.0.0.1        008i.com
O1 - Hosts: 127.0.0.1        www.008k.com
O1 - Hosts: 127.0.0.1        008k.com
O1 - Hosts: 127.0.0.1        www.00hq.com
O1 - Hosts: 127.0.0.1        00hq.com
O1 - Hosts: 127.0.0.1        010402.com
O1 - Hosts: 127.0.0.1        www.032439.com
O1 - Hosts: 127.0.0.1        032439.com
O1 - Hosts: 127.0.0.1        www.0scan.com
O1 - Hosts: 127.0.0.1        0scan.com
O1 - Hosts: 127.0.0.1        1000gratisproben.com
O1 - Hosts: 127.0.0.1        www.1000gratisproben.com
O1 - Hosts: 127.0.0.1        1001namen.com
O1 - Hosts: 127.0.0.1        www.1001namen.com
O1 - Hosts: 127.0.0.1        100888290cs.com
O1 - Hosts: 127.0.0.1        www.100888290cs.com
O1 - Hosts: 127.0.0.1        www.100sexlinks.com
O1 - Hosts: 127.0.0.1        100sexlinks.com
O1 - Hosts: 127.0.0.1        10sek.com
O1 - Hosts: 127.0.0.1        www.10sek.com
O1 - Hosts: 127.0.0.1        www.1-2005-search.com
O1 - Hosts: 127.0.0.1        1-2005-search.com
O1 - Hosts: 127.0.0.1        123fporn.info
O1 - Hosts: 15060 more lines...
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKCU..\Run: [$Volumouse$] C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe (NirSoft)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O4 - HKLM..\RunOnce: [aswAhAScr.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr.exe (AVAST Software)
O4 - HKLM..\RunOnce: [aswasOutExt64.dll] C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe (AVAST Software)
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk = C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx (WRC Class)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.10 192.168.1.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DE079886-8D4C-4805-9951-B9B08F64DE77}: NameServer = 192.168.1.10 192.168.1.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8573EAE-4D38-4DC9-844F-192F0435BB95}: DhcpNameServer = 192.168.1.10 192.168.1.130
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (aswBoot.exe /A:"*" /L:"1031" /heur:80 /RA:ask /pup /archives /IA:0 /KBD:2 /wow /dir:"C:\Program Files\AVAST Software\Avast")
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/07/03 23:52:46 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2012/07/03 19:44:16 | 000,142,128 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys
[2012/07/03 19:44:06 | 000,266,776 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys
[2012/07/03 19:44:05 | 000,019,600 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys
[2012/07/03 19:44:05 | 000,012,368 | ---- | C] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys
[2012/07/03 19:31:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Internet Security
[2012/07/03 19:16:24 | 000,355,856 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2012/07/03 19:16:24 | 000,025,232 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 19:16:18 | 000,059,728 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2012/07/03 19:16:18 | 000,054,072 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 19:16:17 | 000,958,400 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2012/07/03 19:16:16 | 000,285,328 | ---- | C] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2012/07/03 19:16:16 | 000,071,064 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 19:15:51 | 000,041,224 | ---- | C] (AVAST Software) -- C:\windows\avastSS.scr
[2012/07/03 19:15:50 | 000,227,648 | ---- | C] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2012/07/03 19:15:38 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2012/07/03 19:15:38 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2012/07/03 04:14:57 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Malwarebytes
[2012/07/03 04:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/07/03 04:14:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/07/03 01:30:14 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Data Recovery
[2012/07/01 23:48:34 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Spotify
[2012/07/01 23:48:22 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Roaming\Spotify
[2012/06/27 08:18:13 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\Simple_Plan-Get_Your_Heart_On-(CN_Retail)-2012-iUKoO
[2012/06/23 14:47:32 | 000,000,000 | ---D | C] -- C:\Users\Patrick\AppData\Local\Macromedia
[2012/06/20 18:53:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/06/12 04:53:05 | 000,000,000 | ---D | C] -- C:\Users\Patrick\Desktop\Mash-Up Your Bootz Party
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/07/03 23:56:05 | 000,001,112 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/07/03 23:52:55 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Patrick\Desktop\OTL.exe
[2012/07/03 23:49:35 | 000,000,000 | ---- | M] () -- C:\Users\Patrick\defogger_reenable
[2012/07/03 23:29:20 | 000,050,477 | ---- | M] () -- C:\Users\Patrick\Desktop\Defogger.exe
[2012/07/03 23:24:28 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 23:24:28 | 000,017,376 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/03 23:17:08 | 000,000,000 | ---- | M] () -- C:\windows\SysWow64\config.nt
[2012/07/03 22:31:07 | 000,000,936 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000UA.job
[2012/07/03 22:30:34 | 000,001,108 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/07/03 22:30:02 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/07/03 22:29:58 | 3055,697,920 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/03 19:31:40 | 000,001,932 | ---- | M] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/07/03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2012/07/03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2012/07/03 18:21:52 | 000,266,776 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswNdis2.sys
[2012/07/03 18:21:52 | 000,142,128 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFW.sys
[2012/07/03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2012/07/03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswTdi.sys
[2012/07/03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswRdr2.sys
[2012/07/03 18:21:52 | 000,019,600 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswKbd.sys
[2012/07/03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswFsBlk.sys
[2012/07/03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2012/07/03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\windows\SysWow64\aswBoot.exe
[2012/07/03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2012/07/03 01:31:17 | 000,000,914 | ---- | M] () -- C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000Core.job
[2012/07/02 22:34:25 | 000,225,759 | ---- | M] () -- C:\Users\Patrick\Desktop\Reportff833bee-0091-4eb3-85ae-652f6fb55562.pdf
[2012/06/28 03:04:34 | 000,020,165 | ---- | M] () -- C:\Users\Patrick\Desktop\Klausurtermine_Technik_SS_12_Stand_180612.pdf
[2012/06/27 22:33:54 | 000,012,368 | ---- | M] (ALWIL Software) -- C:\windows\SysNative\drivers\aswNdis.sys
[2012/06/27 04:35:10 | 000,654,400 | ---- | M] () -- C:\windows\SysNative\perfh007.dat
[2012/06/27 04:35:10 | 000,616,242 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/06/27 04:35:10 | 000,130,240 | ---- | M] () -- C:\windows\SysNative\perfc007.dat
[2012/06/27 04:35:10 | 000,106,622 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/06/27 04:35:09 | 001,498,742 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/06/27 03:14:17 | 000,011,751 | ---- | M] () -- C:\Users\Patrick\Documents\Zulassungsantrag.pdf
[2012/06/21 05:06:35 | 000,921,126 | ---- | M] () -- C:\Users\Patrick\Desktop\abc.png
[2012/06/15 12:31:47 | 000,001,063 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/15 12:24:26 | 002,267,328 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/06/14 02:04:47 | 408,258,604 | ---- | M] () -- C:\Users\Patrick\Desktop\Video_MFS_I.wmv
[2012/06/12 03:55:27 | 008,938,527 | ---- | M] () -- C:\Users\Patrick\Desktop\Mashup-Germany - Brave new world.mp3
[2012/06/10 19:50:00 | 001,768,169 | ---- | M] () -- C:\Users\Patrick\Desktop\20120610_194959.jpg
[2012/06/10 19:40:36 | 001,582,290 | ---- | M] () -- C:\Users\Patrick\Desktop\20120610_194036.jpg
[2012/06/05 02:02:38 | 000,007,606 | ---- | M] () -- C:\Users\Patrick\AppData\Local\resmon.resmoncfg
[2012/06/05 01:32:56 | 000,001,524 | ---- | M] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk
[2012/06/04 15:50:11 | 277,480,778 | ---- | M] () -- C:\Users\Patrick\Desktop\Mashup-Germany - BACK TO THE FUTURE PROMO MIX.mp3
[1 C:\windows\*.tmp files -> C:\windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/07/03 23:49:35 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\defogger_reenable
[2012/07/03 23:29:21 | 000,050,477 | ---- | C] () -- C:\Users\Patrick\Desktop\Defogger.exe
[2012/07/03 19:31:40 | 000,001,932 | ---- | C] () -- C:\Users\Public\Desktop\avast! Internet Security.lnk
[2012/07/03 19:16:16 | 000,000,000 | ---- | C] () -- C:\windows\SysWow64\config.nt
[2012/07/02 22:34:25 | 000,225,759 | ---- | C] () -- C:\Users\Patrick\Desktop\Reportff833bee-0091-4eb3-85ae-652f6fb55562.pdf
[2012/07/01 23:48:34 | 000,001,813 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2012/06/28 03:04:33 | 000,020,165 | ---- | C] () -- C:\Users\Patrick\Desktop\Klausurtermine_Technik_SS_12_Stand_180612.pdf
[2012/06/27 03:14:17 | 000,011,751 | ---- | C] () -- C:\Users\Patrick\Documents\Zulassungsantrag.pdf
[2012/06/21 05:06:30 | 000,921,126 | ---- | C] () -- C:\Users\Patrick\Desktop\abc.png
[2012/06/21 03:57:29 | 001,582,290 | ---- | C] () -- C:\Users\Patrick\Desktop\20120610_194036.jpg
[2012/06/21 03:57:28 | 001,768,169 | ---- | C] () -- C:\Users\Patrick\Desktop\20120610_194959.jpg
[2012/06/15 12:31:42 | 000,001,063 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/06/14 02:03:01 | 408,258,604 | ---- | C] () -- C:\Users\Patrick\Desktop\Video_MFS_I.wmv
[2012/06/12 03:55:22 | 008,938,527 | ---- | C] () -- C:\Users\Patrick\Desktop\Mashup-Germany - Brave new world.mp3
[2012/06/05 01:32:15 | 000,001,524 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk
[2012/06/04 15:48:53 | 277,480,778 | ---- | C] () -- C:\Users\Patrick\Desktop\Mashup-Germany - BACK TO THE FUTURE PROMO MIX.mp3
[2012/03/26 00:01:08 | 000,000,000 | ---- | C] () -- C:\ProgramData\svcdotnet.inc
[2012/03/22 19:06:39 | 000,000,012 | ---- | C] () -- C:\ProgramData\svcdotnet.cfg
[2012/01/21 18:43:03 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\AppData\Local\{61060088-DC20-4A8A-A017-10DBA0868E3D}
[2011/12/13 20:59:03 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt
[2011/12/13 20:56:04 | 000,005,632 | ---- | C] () -- C:\windows\SysWow64\drivers\StarOpen.sys
[2011/06/25 09:47:25 | 000,554,496 | ---- | C] () -- C:\windows\SysWow64\dvmsg.dll
[2011/05/29 04:12:18 | 000,270,240 | ---- | C] () -- C:\windows\SysWow64\PnkBstrB.exe
[2011/05/29 04:12:16 | 000,075,136 | ---- | C] () -- C:\windows\SysWow64\PnkBstrA.exe
[2011/02/02 09:53:00 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2011/01/04 16:10:58 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2011/01/04 16:10:56 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2011/01/04 16:10:56 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2011/01/04 16:10:56 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2011/01/04 16:10:56 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2010/12/08 16:10:07 | 000,110,592 | ---- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2010/12/01 02:07:30 | 000,000,091 | ---- | C] () -- C:\windows\wininit.ini
[2010/11/24 17:28:27 | 000,003,584 | ---- | C] () -- C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/09/18 00:43:34 | 000,000,056 | ---- | C] () -- C:\windows\SysWow64\ezsidmv.dat
[2010/09/17 21:52:28 | 000,007,606 | ---- | C] () -- C:\Users\Patrick\AppData\Local\resmon.resmoncfg
[2010/09/15 19:25:17 | 000,000,000 | ---- | C] () -- C:\Users\Patrick\AppData\Roaming\wklnhst.dat
 
========== LOP Check ==========
 
[2012/07/03 18:57:48 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Amazon
[2012/03/13 17:53:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\avidemux
[2010/10/11 12:00:23 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Canon
[2011/07/01 11:08:16 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dev-Cpp
[2012/07/03 22:32:50 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Dropbox
[2010/12/27 15:30:48 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\FRITZ!
[2012/05/07 02:39:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ICQ
[2011/06/18 06:46:18 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\IrfanView
[2011/12/14 02:52:05 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Jumping Bytes
[2011/03/27 16:21:37 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Leadertech
[2012/07/03 18:59:53 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Mobile Master
[2011/04/19 14:18:50 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\ROUTE 66 Sync
[2012/02/03 03:16:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Samsung
[2012/07/03 02:53:03 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Spotify
[2011/12/02 18:11:42 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\SumatraPDF
[2012/05/21 14:54:21 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Systweak
[2012/04/10 00:19:44 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Temp
[2011/02/02 09:52:59 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Thunderbird
[2011/07/16 01:21:28 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\Tobit
[2011/12/04 19:05:32 | 000,000,000 | ---D | M] -- C:\Users\Patrick\AppData\Roaming\TS3Client
[2012/07/03 01:31:17 | 000,000,914 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000Core.job
[2012/07/03 22:31:07 | 000,000,936 | ---- | M] () -- C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000UA.job
[2012/05/27 00:41:51 | 000,032,640 | ---- | M] () -- C:\windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 

< End of report >
Extras.txt
Code:
OTL Extras logfile created on: 7/3/2012 11:54:56 PM - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Patrick\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.79 Gb Total Physical Memory | 2.47 Gb Available Physical Memory | 65.09% Memory free
7.59 Gb Paging File | 6.17 Gb Available in Paging File | 81.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 172.79 Gb Total Space | 103.44 Gb Free Space | 59.86% Space Free | Partition Type: NTFS
Drive D: | 113.19 Gb Total Space | 8.45 Gb Free Space | 7.46% Space Free | Partition Type: NTFS
Drive W: | 12.00 Gb Total Space | 3.84 Gb Free Space | 31.97% Space Free | Partition Type: NTFS
 
Computer Name: PATRICKS | User Name: Patrick | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [TVersity] -- "C:\ProgramData\TVersity\Media Server\GUILaunch.exe" -type "folder" -url "%1" -title "" -tags "" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F95954E-5A28-49F5-BC89-2350789D54D8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2258A3F6-8D3D-4926-9D6C-39D60C0E3B1F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27E62B77-5E5C-428D-BA86-DBAF2C7EA0AD}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{32012793-B903-434D-A472-B14120D86321}" = lport=2869 | protocol=6 | dir=in | app=system |
"{38F3F51A-F3C7-4FB5-B46E-0CCBBBE47A60}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{40994B19-2AFC-4D10-8D54-79A6094CC409}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{40C74C30-0EE6-403F-AFFD-2B7BBDBC35F5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{40F2A0D5-4DDD-436B-A70D-CEA212B5A410}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{42B1F363-A074-43AC-AF1A-13FDD64CF7D7}" = rport=2869 | protocol=6 | dir=out | app=system |
"{45156B6E-361A-44DB-A0A0-D36372AC3CC8}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{45628868-B2E7-427E-ACCB-B144D7814E76}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F30DD4E-5567-4728-8328-25D545C7B8E8}" = lport=1317 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{5EADCC62-DDD5-4690-8262-29D06F24B3DE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5F808B67-10D3-4FD8-9E15-FE3AB3A4238C}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{642D49FA-22CF-438D-977F-63C7DBF17333}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77E4ED91-466B-4BE4-A7AC-7FDBCC826F3B}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{785C1319-E93F-484E-BAFF-94F466BFB856}" = lport=10243 | protocol=6 | dir=in | app=system |
"{7A874133-A79E-4B29-B324-1F8431BAF464}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8A9F68FF-F2FB-4AB8-B53B-A3F94E5934CD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{916DC5A5-19AF-4379-8A6E-28B3391504F3}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9BF2C326-CD36-478A-9614-A391525EB6CD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A96CA2E8-4C50-4969-916B-63A3D61D546A}" = lport=1303 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{B04A8B7A-6B26-4DB6-A4F5-922FF412B6B0}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{B1410378-B77E-4CCC-B4FA-D7ABCB193158}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B6049468-539C-40E6-8F9B-CF46460315F2}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{B72A21AB-3742-4A0C-880B-228C8CDC00F7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B9D79949-E6E4-4003-831F-6771370A233E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BC4EA1F0-C587-4DCE-820C-0F1385391853}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{C805B6FB-F203-406E-B6ED-680E2EF13953}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{D53F8EEE-14AB-4BAF-97F3-3A8B855E82C8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D8A596E2-BE21-4158-A1E4-C768FABD3B98}" = lport=2869 | protocol=6 | dir=in | app=system |
"{FD305BFB-4F83-4409-9956-D10269704312}" = lport=2869 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{040AFA5E-91EF-4D15-8BEF-0EA5CD3ACDD5}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{06784D33-3824-487C-B2E6-509870E983C8}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{0E5DF8F8-6B00-4663-AD1F-E3B2FDA38F24}" = dir=in | app=c:\programdata\tversity\media server\mediaserver.exe |
"{12D252BB-D561-43F6-A339-608631ABFBF7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{183E5EE4-E8FD-48E0-B23B-370B79824710}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1C818C7E-DE18-4005-BEBA-0CB6710FA470}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1D02DEC2-D1D0-4EC1-A17F-3324643975D0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{254AE622-F809-4A40-AAE9-466044B6032B}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{2A9ACE52-7C08-4211-A746-E7B810B73E1C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{2CF0B08D-75BE-49EF-AD6F-EED025FA0E55}" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{31771D89-5FDB-4DA1-A328-3535DC542D14}" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"{3C083D36-D88C-4DD2-A4E1-034231281FDA}" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{40569683-8A10-4BC9-AA42-2EF1D0E80B13}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{42059D30-25EC-4608-90D9-82E5E2E07835}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{43B572BE-9CA4-444B-9888-A9E3B757ED0B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{4700C536-4022-49AD-A667-F47687CB76D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{494B3F4D-4AAC-497D-81B2-7A32AB8A5817}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{4BB5E217-5B68-4196-803A-36F38CEEB7BA}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{505B0D36-79BD-4C72-9A3D-678C9C4E099F}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{52419412-0F3F-4C24-AC94-EF9505251245}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{53C937CF-C6BC-42B5-8469-417B3508A097}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{54BBDEDD-441E-45DB-9712-C01300385787}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{581942BE-B789-4513-9E66-604A3B432038}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{593416DE-E7FA-49B6-A191-60E47A0DC8DC}" = dir=out | app=c:\windows\system32\svchost.exe |
"{5E61029C-8A4D-4E1D-ACD8-7B22A073E419}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{64642D57-F49C-45C6-8937-93C2FFFBE898}" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 12\game\fifa.exe |
"{69E0B37F-75E7-4B45-B541-D581BE671620}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6ED263DA-8211-4C8A-B1E9-303C53D99FEC}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{70E8F109-8441-4E18-B06B-D2F810671BBE}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{729DCAB6-D4B3-4CCC-B802-221ABBECC7A9}" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"{742A5ED9-1078-461A-A85B-E7F221E35ECF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{764E0312-9C09-4072-A3CB-8726FBED6A1F}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"{76996AF6-3079-497F-8C0C-66CCD5F46CC7}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{7775D4A1-A4A7-4D8B-9FF9-793BA3B7DE6A}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{80CE7F12-3F56-4176-8C33-3D9C96756008}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{83A31069-9841-4EB0-895E-AF9D29C8F70E}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{8544D0C1-2C9E-42D8-8414-BCC32F63BE26}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{87ED0B6D-B2A9-4544-8835-E25CA9EB1065}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8ACBF5C3-C19E-462B-9F97-F77F47B4C396}" = protocol=6 | dir=out | app=system |
"{90F7E6BE-E671-462B-9182-0EBC841FF6B0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{921561DE-C7B5-4E4E-B181-BA074B610FFB}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{946DC4F3-2654-47C8-AE48-22F0041DA1D2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{9B08F6E7-B76F-4C4D-89CD-0ABACAE9EE91}" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{9E9E41B6-6B95-4ED2-A8D0-3AE082715A30}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A0046EAE-0B30-4216-9C90-BE86A5793D14}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{A11EFC29-2721-4D4E-8E55-A3A9548DDE62}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A5E39896-138A-44EC-835D-5952649DDC4B}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"{A83AB83B-0CC7-4596-B851-3FA17232E7A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A91C62F1-50A3-4F9D-B8FD-F21AE4EEDC02}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{AA496294-1B59-4885-8010-75AA8D981E3C}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{B0A97DA0-A29B-4168-8070-003C158CC3A7}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{BB52DAEF-C098-4F9F-922B-CD3F52064135}" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\dropbox\bin\dropbox.exe |
"{C012925E-FCDD-4248-8A09-09A6A5FBB72E}" = protocol=6 | dir=in | app=c:\program files (x86)\tobit radio.fx\server\rfx-server.exe |
"{C1269B1F-4653-41CA-BDF0-76D6725D4426}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{C296E607-7803-4F3E-A753-D6DDCBB068D3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C4F795CF-AE88-466B-80CD-92EE41EC261B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{C51AA26E-865C-41E4-B262-E465221446E5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{C558AA1A-BBCA-4DE8-BC25-36F6F3336949}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{C8679FD4-B64D-4BAA-AD17-CEC13EC8EAAF}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{C927B300-6C72-4E14-BD44-46502A504867}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{CA387D85-9449-4861-9855-33461C54D74E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CCF7E5EC-8B97-4DF1-A739-839EF4A3A857}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CD5DDBA5-8006-408C-A02D-C2E6B2EF6502}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{CEB94370-0021-496E-8B26-8498FB2B690D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D0A141A6-1C78-43B6-B707-79DCDCD3BF02}" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"{D4684870-1D6E-4B96-8389-17E142C66C58}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{D5A374CB-C670-4BD5-9B96-6DB32D93CA0D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{D95C10C2-B238-4897-98EC-F9E3D5F48538}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{DCBE78B8-8E99-4CFC-8199-44E7D45E774D}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{DF07891F-A506-4DC2-BAE8-10305C82EA2B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{E2234F3B-CA5A-4030-A3D4-CD0DFAE360A7}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{E4E79D17-0CFC-449C-96CD-E5EC26BD7A3F}" = protocol=17 | dir=in | app=c:\program files (x86)\tobit radio.fx\client\rfx-client.exe |
"{E8CBC97C-1550-4412-B28E-2E86A8F7A3F8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{EA96B202-3BFA-4FAF-B8E7-56615717E727}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EB4C8D38-900F-4AA2-A172-F33BA8576C30}" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 12\game\fifa.exe |
"{EE4E6687-457F-4D3F-B315-4DDDC88F1681}" = dir=in | app=c:\users\patrick\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{F34490C5-B8B3-46A7-AE58-5B3336EBD8F7}" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{F5FD63E9-2347-4944-987E-D2CF63FEA90C}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F83A81C7-E524-4992-A4F6-CFCEB92EFFD5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{03A9AFD1-CA45-4D4A-9ADE-0B94D3EC9943}C:\spiele\ea sports\fifa 11 demo\game\fifa.exe" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 11 demo\game\fifa.exe |
"TCP Query User{03EEFC47-1E37-4A12-83D1-9645E8DEFA27}C:\program files (x86)\phoner\phoner.exe" = protocol=6 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"TCP Query User{04622A22-F5CC-40A4-9BCB-0DF791A75F91}C:\spiele\ea sports\fifa 11\game\fifa.exe" = protocol=6 | dir=in | app=c:\spiele\ea sports\fifa 11\game\fifa.exe |
"TCP Query User{12E4986E-6089-4AEC-9ABC-CBCF2639B8D4}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{1DF90C7E-6CDF-4163-9025-CBFB6056AC74}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{2ED775BF-A5F7-4018-9679-F268F0FA5475}C:\windows\syswow64\java.exe" = protocol=6 | dir=in | app=c:\windows\syswow64\java.exe |
"TCP Query User{2FFE6613-7772-4A22-8BB6-E3682AAEC5C8}C:\spiele\tmnationsforever\tmforever.exe" = protocol=6 | dir=in | app=c:\spiele\tmnationsforever\tmforever.exe |
"TCP Query User{42FA406C-AAF2-498A-9DFE-96CA78E3BEA9}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"TCP Query User{5E97DC46-BEB6-4AB4-BFD9-4E687E9AD64E}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{7D57DB70-C9AB-498C-B97D-EFDA47D681E9}C:\program files (x86)\fritz!dsl\fritzdsl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\fritz!dsl\fritzdsl.exe |
"TCP Query User{82BBC8B8-109F-442E-B5C4-832DB6ED7B4F}C:\program files (x86)\limewire\limewire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"TCP Query User{899E46D0-1759-45E1-90F3-86316716BB43}C:\program files\windows sidebar\sidebar.exe" = protocol=6 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"TCP Query User{92445DF0-EB79-4D49-8494-597412E8670A}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{B3015727-66B0-46C7-BAFA-6A5089CE833D}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{BF55D25E-7E4E-4A82-BFA2-11D535CEA39B}C:\users\patrick\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"TCP Query User{C5917837-099A-4BD7-AD14-A9817489FF80}C:\program files (x86)\route 66\route 66 sync\route66sync.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\route66sync.exe |
"TCP Query User{C99A21DF-9DFC-424F-B84E-18CA10E3CB85}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe |
"UDP Query User{060D5D71-A37E-4BF7-B11A-6A8A89B70A9A}C:\program files (x86)\limewire\limewire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\limewire\limewire.exe |
"UDP Query User{16B7D19D-2B3A-4E2C-80F0-B6F13A420871}C:\program files (x86)\route 66\route 66 sync\route66sync.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\route66sync.exe |
"UDP Query User{1E80B157-0A93-4FCF-AC90-BF10C249BB1D}C:\windows\syswow64\java.exe" = protocol=17 | dir=in | app=c:\windows\syswow64\java.exe |
"UDP Query User{2995AF03-3AA8-4D3A-990C-D43F74072CF2}C:\program files (x86)\fritz!dsl\fritzdsl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\fritz!dsl\fritzdsl.exe |
"UDP Query User{2B7612FE-9D65-49FC-9C71-D06AFB8CF6DB}C:\program files (x86)\phoner\phoner.exe" = protocol=17 | dir=in | app=c:\program files (x86)\phoner\phoner.exe |
"UDP Query User{3BA9C4EC-3AED-45E0-9785-83C3BBE48E44}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{44D180DF-9960-4C37-85FC-A394DAE34D37}C:\program files (x86)\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"UDP Query User{918A09AD-1239-4BD2-8994-CDC6E32BD4A9}C:\program files\windows sidebar\sidebar.exe" = protocol=17 | dir=in | app=c:\program files\windows sidebar\sidebar.exe |
"UDP Query User{9FD53F91-DC0A-4101-94E5-23E1A3CE64C8}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{B7598F0E-FD70-4CA9-99CA-3F8A46B9F864}C:\spiele\ea sports\fifa 11 demo\game\fifa.exe" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 11 demo\game\fifa.exe |
"UDP Query User{BFA27188-4C98-4851-A3E2-89F8A754E553}C:\spiele\tmnationsforever\tmforever.exe" = protocol=17 | dir=in | app=c:\spiele\tmnationsforever\tmforever.exe |
"UDP Query User{D8ED2EEE-80D7-4046-8BB3-CFC579823C38}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{DBBE0797-8BC7-4E05-8486-CB1B69C3271B}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{E1299DC7-D555-40BA-8CD5-5DE6D18C8222}C:\users\patrick\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\patrick\appdata\roaming\spotify\spotify.exe |
"UDP Query User{F343A8BB-7583-49C6-AE0C-6E698B1C2ACE}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe |
"UDP Query User{F84EC18F-74F1-406E-8775-189E9E2A0E30}C:\spiele\ea sports\fifa 11\game\fifa.exe" = protocol=17 | dir=in | app=c:\spiele\ea sports\fifa 11\game\fifa.exe |
"UDP Query User{F9A44067-33D9-4D42-9472-470E948AC309}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP250_series" = Canon MP250 series MP Drivers
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{2905D974-FADA-0FB1-7EB5-9427ED6F7A9E}" = ATI Catalyst Install Manager
"{2AAA4D8F-225B-C276-16A5-864DF9734D86}" = ccc-utility64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-002A-040C-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (French) 2007
"{90120000-002A-0410-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Italian) 2007
"{90120000-002A-0C0A-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Spanish) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"7F973C87231D745EBF31E772CC38BB9B185D3819" = Windows Driver Package - ENE (EUCR) USB  (12/04/2009 5.89.0.64)
"Connectify" = Connectify
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{007B37D9-0C45-4202-834B-DD5FAAE99D63}" = ArcSoft Print Creations - Slimline Card
"{01A1A019-E1D8-482A-BE17-5E118D17C0A0}" = ArcSoft Print Creations - Brochures & Flyers
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{07690F1C-04B1-4060-9691-6748ED1826B9}" = msi Software Install
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0C26A812-7DF7-BFA0-1D34-43D238037F61}" = CCC Help Chinese Traditional
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{230EECD6-C4EE-5F4B-69D1-17AAAC75A54A}" = Catalyst Control Center Core Implementation
"{24762012-C6C8-4AAD-A02D-71A009FA1683}" = Adobe Flash Player 10 ActiveX
"{25478065-4CB1-448C-80E4-8C4529017EE3}" = ArcSoft WebCam Companion 3
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}" = BurnRecovery
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{29F05234-DCBB-4FE0-88DC-5160C9250312}" = Adobe Photoshop CS3
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BCA1AE7-5643-515F-D0DF-CFFD9020593E}" = Catalyst Control Center Graphics Full New
"{30884ACA-08CD-6523-075F-04D218DDB79C}" = Catalyst Control Center Localization All
"{349BCF52-CFD0-42E9-5BC6-CAE57588D71E}" = CCC Help Czech
"{3738545D-C7BF-7E5D-ED5B-53FE01C966AA}" = CCC Help Danish
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3AC7D217-D49D-AF05-DC3E-0F05F91EA746}" = ccc-core-static
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CE47E6B-AE27-4E40-AC54-329EED96B933}" = ArcSoft Print Creations - Funhouse II
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E76E61B-150E-AFDB-C841-C12016986170}" = CCC Help French
"{3EDD63B9-5A19-2182-63AE-BF79BA637F85}" = Catalyst Control Center Graphics Light
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4877FA7F-687F-947C-5983-5B40E492A7C7}" = CCC Help Turkish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{521C9534-FE23-7DFD-82F7-F6E6CB3F8ACA}" = CCC Help Polish
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56589DFE-0C29-4DFE-8E42-887B771ECD23}" = ArcSoft Print Creations - Photo Book
"{56BB8142-1794-0F23-6FE4-963F119D2083}" = Catalyst Control Center Graphics Full Existing
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}" = ArcSoft Print Creations - Poster Creator
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6152EB38-DBA1-8B60-5E64-5D4115576599}" = CCC Help Norwegian
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6EAE176F-51F5-7F9A-7F7E-BC921531D796}" = CCC Help Japanese
"{6ECF91F0-002A-14F7-331C-3798C975B976}" = CCC Help German
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{70B7A167-0B88-445D-A3EA-97C73AA88CAC}" = Windows Live Toolbar
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73B5D990-04EA-4751-B10F-5534770B91F2}" = Adobe Color EU Recommended Settings
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7C25C80B-7F10-E662-6926-2A939761F5C8}" = Catalyst Control Center Graphics Previews Vista
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver For Windows Vista and Later
"{89202060-93AB-672C-477D-E8DEF46E8103}" = CCC Help Greek
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D73BCB1-DD24-816B-BF13-EA08DDF48D7C}" = Catalyst Control Center InstallProxy
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8E90189A-A5D4-4C0E-A908-06C4236F98EE}" = ArcSoft Magic-i Visual Effects 2
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-040C-0000-0000000FF1CE}" = Microsoft Office Excel MUI (French) 2007
"{90120000-0016-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0410-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Italian) 2007
"{90120000-0016-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0C0A-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Spanish) 2007
"{90120000-0016-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-040C-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (French) 2007
"{90120000-0018-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0410-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Italian) 2007
"{90120000-0018-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0C0A-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Spanish) 2007
"{90120000-0018-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-040C-0000-0000000FF1CE}" = Microsoft Office Word MUI (French) 2007
"{90120000-001B-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0410-0000-0000000FF1CE}" = Microsoft Office Word MUI (Italian) 2007
"{90120000-001B-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0C0A-0000-0000000FF1CE}" = Microsoft Office Word MUI (Spanish) 2007
"{90120000-001B-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0401-0000-0000000FF1CE}" = Microsoft Office Proof (Arabic) 2007
"{90120000-001F-0401-0000-0000000FF1CE}_HOMESTUDENTR_{3E8EA473-ECCE-405F-A9CA-59446AEADD3A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0403-0000-0000000FF1CE}" = Microsoft Office Proof (Catalan) 2007
"{90120000-001F-0403-0000-0000000FF1CE}_HOMESTUDENTR_{BEADB115-DB47-4BD0-A9EC-AE585AFAB2D8}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0413-0000-0000000FF1CE}" = Microsoft Office Proof (Dutch) 2007
"{90120000-001F-0413-0000-0000000FF1CE}_HOMESTUDENTR_{2C95E7EE-FEA7-4B3A-A6E5-DF90A88B816A}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0416-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Brazil)) 2007
"{90120000-001F-0416-0000-0000000FF1CE}_HOMESTUDENTR_{8A524694-0CA4-476A-9301-B1E9D70FC952}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-042D-0000-0000000FF1CE}" = Microsoft Office Proof (Basque) 2007
"{90120000-001F-042D-0000-0000000FF1CE}_HOMESTUDENTR_{017A6981-5E03-4A97-830A-35FE0927BB7F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0456-0000-0000000FF1CE}" = Microsoft Office Proof (Galician) 2007
"{90120000-001F-0456-0000-0000000FF1CE}_HOMESTUDENTR_{A3A03B41-14EA-4E50-97D8-FCF429AE0CCB}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-040C-1000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0410-1000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0C0A-1000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-002C-040C-0000-0000000FF1CE}" = Microsoft Office Proofing (French) 2007
"{90120000-002C-0410-0000-0000000FF1CE}" = Microsoft Office Proofing (Italian) 2007
"{90120000-002C-0C0A-0000-0000000FF1CE}" = Microsoft Office Proofing (Spanish) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-040C-0000-0000000FF1CE}" = Microsoft Office Shared MUI (French) 2007
"{90120000-006E-040C-0000-0000000FF1CE}_HOMESTUDENTR_{8283FD64-6A3B-4104-9E12-7CA25EF29A1A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0410-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Italian) 2007
"{90120000-006E-0410-0000-0000000FF1CE}_HOMESTUDENTR_{C0C7E58F-D0A1-4102-855B-0B7AA2E8F1C1}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0C0A-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Spanish) 2007
"{90120000-006E-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{430AE3E6-E982-4958-90FC-1C062BC74E22}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-040C-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (French) 2007
"{90120000-00A1-040C-0000-0000000FF1CE}_HOMESTUDENTR_{CF3C20A6-47B7-48DA-95C1-6FBB5A439AF8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0410-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Italian) 2007
"{90120000-00A1-0410-0000-0000000FF1CE}_HOMESTUDENTR_{7F40286D-09A7-4DC0-A2A4-AA18D026D369}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0C0A-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Spanish) 2007
"{90120000-00A1-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{D79E9128-A250-4155-BE90-2BE81DE0406A}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{9591C049-5CAE-4E89-A8D9-191F1899628B}" = ArcSoft Print Creations - Funhouse
"{95F875CC-1B85-43E6-B3E0-13EA04F3D995}" = ArcSoft Print Creations - Photo Prints
"{99750819-BDCB-7E89-E1B5-3A9C7D731BF5}" = CCC Help Italian
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9C9CEB9D-53FD-49A7-85D2-FE674F72F24E}" = Microsoft Search Enhancement Pack
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A310F46C-7E91-7CDD-1421-1AE260CE12EB}" = CCC Help Russian
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BA659DC5-F577-4364-903D-20C16DD4BDB3}" = Catalyst Control Center - Branding
"{BB9994D6-E795-6CC9-5CB2-D695FB21A746}" = PX Profile Update
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE1A2C04-6F14-4A16-B290-003769418AD9}" = ROUTE 66 Sync
"{BF54932F-23F6-3A4E-60EA-7AFF366CA8B8}" = CCC Help Hungarian
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5D7039E-0803-4FE8-976D-156DE1147E4F}" = ArcSoft Print Creations
"{C61DCDF8-D186-4386-F594-8E7A68D2D32D}" = CCC Help Spanish
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C6CD710D-1923-B80F-65C2-138DBDE28BC9}" = CCC Help Korean
"{CA9ED5E4-1548-485B-A293-417840060158}" = ArcSoft Print Creations - Photo Calendar
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2C67402-46F1-4A17-5319-937E8A62F43D}" = CCC Help Chinese Standard
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E067DFD3-10DE-7D9B-24A0-CA55943AC43C}" = CCC Help Dutch
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E1213853-C66B-B2A9-6AB4-34EC78702F1B}" = CCC Help Finnish
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E6B4117F-AC59-4B13-9274-EB136E8897EE}" = ArcSoft Print Creations - Album Page
"{E797EB9D-9E94-9136-B02D-8187E25FED44}" = CCC Help Thai
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}" = System Control Manager
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{F01F79AD-1F47-4685-AE4E-CCFA4EA9FF7C}" = Adobe Setup
"{F04F9557-81A9-4293-BC49-2C216FA325A7}" = ArcSoft Print Creations - Greeting Card
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F42B419C-78BD-024D-6617-27F09E22A1CF}" = CCC Help Portuguese
"{F5BCB227-3314-7F4B-19A3-9238615380F6}" = CCC Help English
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F932C96E-5C6C-20E8-EBAF-1DA5819EF0D1}" = CCC Help Swedish
"{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}" = Adobe Color NA Extra Settings
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_5f143314a5d434c8511097393d17397" = Adobe Photoshop CS3
"avast" = avast! Internet Security
"Avidemux 2.5" = Avidemux 2.5 (32-bit)
"bwin Poker JPC_is1" = bwin Poker JPC 1.0.0
"CanonMyPrinter" = Canon Utilities My Printer
"CanonSolutionMenu" = Canon Utilities Solution Menu
"Dev-C++" = Dev-C++ 5 beta 9 release (4.9.9.2)
"DivX Setup" = DivX-Setup
"Easy-PhotoPrint EX" = Canon Utilities Easy-PhotoPrint EX
"FKL 4" = Family Keylogger v4.88 (remove only)
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{BE1A2C04-6F14-4A16-B290-003769418AD9}" = ROUTE 66 Sync
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"Mozilla Thunderbird (3.1.7)" = Mozilla Thunderbird (3.1.7)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 3.0" = Canon MP Navigator EX 3.0
"New C Series Screensaver" = New C Series Screensaver
"Open Codecs" = Xiph.Org Open Codecs 0.85.17777
"Picasa 3" = Picasa 3
"PunkBusterSvc" = PunkBuster Services
"SumatraPDF" = SumatraPDF
"TmNationsForever_is1" = TmNationsForever
"TVersity Codec Pack" = TVersity Codec Pack 1.7
"TVersity Media Server" = TVersity Media Server 1.9.7
"VLC media player" = VLC media player 2.0.1
"Volumouse" = NirSoft Volumouse
"vShare.tv plugin" = vShare.tv plugin 1.3
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}" = Battlefield Heroes (Patrick)
"CodeBlocks" = CodeBlocks
"Dropbox" = Dropbox
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 6/10/2012 10:10:30 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 6/17/2012 1:08:00 PM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
 
Error - 6/18/2012 8:43:39 AM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
 
Error - 6/19/2012 10:22:06 AM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
 
Error - 6/19/2012 12:05:15 PM | Computer Name = PatrickS | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/19/2012 12:07:51 PM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
Error - 6/20/2012 9:38:45 AM | Computer Name = PatrickS | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: APSDaemon.exe, Version: 2.1.19.1,
 Zeitstempel: 0x4f3a19cc  Name des fehlerhaften Moduls: APSDaemon_main.dll, Version:
 2.1.19.1, Zeitstempel: 0x4f3de559  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000082f0
ID
 des fehlerhaften Prozesses: 0xfa0  Startzeit der fehlerhaften Anwendung: 0x01cd4d9d4a6fc4a6
Pfad
 der fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\Apple\Apple Application
 Support\APSDaemon.exe  Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Common
 Files\Apple\Apple Application Support\APSDaemon_main.dll  Berichtskennung: 4147d00b-badd-11e1-81e9-fc78a10dc9d3
 
Error - 6/22/2012 12:02:56 PM | Computer Name = PatrickS | Source = Google Update | ID = 20
Description =
 
Error - 6/24/2012 10:30:14 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
Error - 6/24/2012 10:32:31 AM | Computer Name = PatrickS | Source = SideBySide | ID = 16842811
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\microsoft\search enhancement pack\search helper\searchhelper.dll". Fehler
 in Manifest- oder Richtliniendatei "c:\program files (x86)\microsoft\search enhancement
 pack\search helper\searchhelper.dll" in Zeile 2.  Ungültige XML-Syntax.
 
[ Cisco AnyConnect VPN Client Events ]
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: CTransportWinInet::SendRequest File: .\CTransportWinInet.cpp
Line:
 1313 Invoked Function: CTransportWinInet::SendRequest Return Code: 12002 (0x00002EE2)
Description:
 Das Zeitlimit für den Vorgang wurde erreicht. 
 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectIfc::connect File: .\ConnectIfc.cpp Line: 349 Invoked
 Function: CTransport::SendRequest Return Code: -29949906 (0xFE37002E) Description:
 CTRANSPORT_ERROR_TIMEOUT
 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectIfc::TranslateStatusCode File: .\ConnectIfc.cpp Line:
 2703 Invoked Function: ConnectIfc::TranslateStatusCode Return Code: -29949906 (0xFE37002E)
Description:
 timeout
 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::connect File: .\ConnectMgr.cpp Line: 989 Invoked
 Function: ConnectIfc::connect Return Code: -29949906 (0xFE37002E) Description: CTRANSPORT_ERROR_TIMEOUT

 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1208
Invoked
 Function: ConnectMgr :: processIfcData Return Code: -33554423 (0xFE000009) Description:
 GLOBAL_ERROR_UNEXPECTED Unrecognized content type (Unknown) received.
 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1234
Invoked
 Function: ConnectMgr :: processIfcData Return Code: -33554423 (0xFE000009) Description:
 GLOBAL_ERROR_UNEXPECTED Unable to process response from tserver1.rheinahrcampus.de.

 
Error - 10/12/2010 7:51:36 AM | Computer Name = PatrickS | Source = vpnui | ID = 67108866
Description = Function: ConnectMgr::processIfcData File: .\ConnectMgr.cpp Line: 1315
Invoked
 Function: ConnectMgr::processIfcData Return Code: -33554423 (0xFE000009) Description:
 GLOBAL_ERROR_UNEXPECTED Unable to contact tserver1.rheinahrcampus.de.
 
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67110873
Description = Termination reason code 7: The agent has been stopped.
 
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67108866
Description = Function: CMainThread::getDownloaderMessage File: .\MainThread.cpp Line:
 964 Invoked Function: CVpnMgr::processEvents Return Code: 0 (0x00000000) Description:
 fatal error, stopping service
 
Error - 10/12/2010 8:07:39 AM | Computer Name = PatrickS | Source = vpnagent | ID = 67108866
Description = Function: service_main_NT File: .\Agent.cpp Line: 674 Invoked Function:
 WaitForSingleObject Return Code: 6 (0x00000006) Description: Das Handle ist ungültig.


 
[ System Events ]
Error - 7/3/2012 3:09:19 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  StarOpen  vflt
 
Error - 7/3/2012 3:11:24 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht
gestartet:  %%2
 
Error - 7/3/2012 3:11:24 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde:  %%2
 
Error - 7/3/2012 4:30:02 PM | Computer Name = PatrickS | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?07.?2012 um 21:22:02 unerwartet heruntergefahren.
 
Error - 7/3/2012 4:29:54 PM | Computer Name = PatrickS | Source = Application Popup | ID = 1060
Description = Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\Drivers\StarOpen.SYS
 nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version
 des Treibers zu erhalten.
 
Error - 7/3/2012 4:30:11 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
  StarOpen  vflt
 
Error - 7/3/2012 4:32:27 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MBAMProtector" wurde aufgrund folgenden Fehlers nicht
gestartet:  %%2
 
Error - 7/3/2012 4:32:27 PM | Computer Name = PatrickS | Source = Service Control Manager | ID = 7001
Description = Der Dienst "MBAMService" ist vom Dienst "MBAMProtector" abhängig,
der aufgrund folgenden Fehlers nicht gestartet wurde:  %%2
 
Error - 7/3/2012 4:32:31 PM | Computer Name = PatrickS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{DE079886-8D4C-4805-9951-B9B08F64DE77} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
Error - 7/3/2012 4:32:39 PM | Computer Name = PatrickS | Source = Server | ID = 2505
Description = Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht
 \Device\NetBT_Tcpip_{DE079886-8D4C-4805-9951-B9B08F64DE77} vom Serverdienst nicht
 gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 
 
< End of report >
Schon mal danke für eure Hilfe!

Chris4You 04.07.2012 07:47
Hi,

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"
http://oldtimer.geekstogo.com/OTL/OTL_Main_Tutorial.gif
Code:

:OTL
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

:Commands
[emptytemp]
[Reboot]
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

Schauen wir mal nach..
TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:
http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg
Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

aswMBR
Folge den Anweisungen hier.
Kurzanleitung:
Von http://filepony.de/download-aswmbr/ die aswMBR.exe runterladen und auf dem Desktop speichern.
  • Doppelklick auf die aswMBR.exe.
  • Scan-Button anklicken
  • Bootsectoren (MBR) etc. werden nun untersucht.....
  • Log speichern und im Thread posten

chris

firstLINE 04.07.2012 10:16
OTL-Fix-Log
Code:
All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Patrick
->Temp folder emptied: 5004164 bytes
->Temporary Internet Files folder emptied: 32246978 bytes
->Java cache emptied: 45884813 bytes
->FireFox cache emptied: 331757098 bytes
->Flash cache emptied: 384830 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 6 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 95810578 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36049904 bytes
RecycleBin emptied: 3192623049 bytes
 
Total Files Cleaned = 3,567.00 mb
 
 
OTL by OldTimer - Version 3.2.53.1 log created on 07042012_085517
TDSS-Killer

Hab (aus Versehen) 2x den Scan durchgeführt..

Code:
10:54:10.0250 3572        TDSS rootkit removing tool 2.7.44.0 Jul  2 2012 20:01:08
10:54:12.0044 3572        ============================================================
10:54:12.0044 3572        Current date / time: 2012/07/04 10:54:12.0044
10:54:12.0044 3572        SystemInfo:
10:54:12.0044 3572       
10:54:12.0044 3572        OS Version: 6.1.7601 ServicePack: 1.0
10:54:12.0044 3572        Product type: Workstation
10:54:12.0044 3572        ComputerName: PATRICKS
10:54:12.0044 3572        UserName: Patrick
10:54:12.0044 3572        Windows directory: C:\windows
10:54:12.0044 3572        System windows directory: C:\windows
10:54:12.0044 3572        Running under WOW64
10:54:12.0044 3572        Processor architecture: Intel x64
10:54:12.0044 3572        Number of processors: 4
10:54:12.0044 3572        Page size: 0x1000
10:54:12.0044 3572        Boot type: Normal boot
10:54:12.0044 3572        ============================================================
10:54:12.0528 3572        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:54:12.0544 3572        ============================================================
10:54:12.0544 3572        \Device\Harddisk0\DR0:
10:54:12.0544 3572        MBR partitions:
10:54:12.0544 3572        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1832800, BlocksNum 0x15997000
10:54:12.0544 3572        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x171C9800, BlocksNum 0xE2602B0
10:54:12.0544 3572        ============================================================
10:54:12.0590 3572        C: <-> \Device\Harddisk0\DR0\Partition0
10:54:12.0637 3572        D: <-> \Device\Harddisk0\DR0\Partition1
10:54:12.0637 3572        ============================================================
10:54:12.0637 3572        Initialize success
10:54:12.0637 3572        ============================================================
10:55:01.0403 3060        ============================================================
10:55:01.0403 3060        Scan started
10:55:01.0403 3060        Mode: Manual; SigCheck; TDLFS;
10:55:01.0403 3060        ============================================================
10:55:01.0715 3060        1394ohci        (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
10:55:01.0824 3060        1394ohci - ok
10:55:01.0933 3060        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:55:03.0634 3060        ACDaemon - ok
10:55:03.0712 3060        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
10:55:03.0727 3060        ACPI - ok
10:55:03.0790 3060        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
10:55:03.0836 3060        AcpiPmi - ok
10:55:03.0961 3060        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:55:03.0977 3060        AdobeARMservice - ok
10:55:04.0055 3060        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
10:55:04.0086 3060        adp94xx - ok
10:55:04.0148 3060        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
10:55:04.0180 3060        adpahci - ok
10:55:04.0226 3060        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
10:55:04.0258 3060        adpu320 - ok
10:55:04.0289 3060        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
10:55:04.0351 3060        AeLookupSvc - ok
10:55:04.0445 3060        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
10:55:04.0492 3060        AFD - ok
10:55:04.0554 3060        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
10:55:04.0570 3060        agp440 - ok
10:55:04.0616 3060        ALG            (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
10:55:04.0663 3060        ALG - ok
10:55:04.0726 3060        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
10:55:04.0741 3060        aliide - ok
10:55:04.0788 3060        AMD External Events Utility (9f5027a7a304a33de3077f523635553a) C:\windows\system32\atiesrxx.exe
10:55:04.0819 3060        AMD External Events Utility - ok
10:55:04.0835 3060        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
10:55:04.0866 3060        amdide - ok
10:55:04.0897 3060        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
10:55:04.0944 3060        AmdK8 - ok
10:55:05.0272 3060        amdkmdag        (0c3480807a602519b970088ffb112a70) C:\windows\system32\DRIVERS\atipmdag.sys
10:55:05.0459 3060        amdkmdag - ok
10:55:05.0615 3060        amdkmdap        (f031616862c873086b1f3c2b97ee35d5) C:\windows\system32\DRIVERS\atikmpag.sys
10:55:05.0662 3060        amdkmdap - ok
10:55:05.0693 3060        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
10:55:05.0724 3060        AmdPPM - ok
10:55:05.0771 3060        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
10:55:05.0802 3060        amdsata - ok
10:55:05.0864 3060        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
10:55:05.0896 3060        amdsbs - ok
10:55:05.0942 3060        amdxata        (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
10:55:05.0958 3060        amdxata - ok
10:55:06.0036 3060        androidusb      (4de0d5d747a73797c95a97dcce5018b5) C:\windows\system32\Drivers\ssadadb.sys
10:55:06.0067 3060        androidusb - ok
10:55:06.0114 3060        AppID          (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
10:55:06.0176 3060        AppID - ok
10:55:06.0223 3060        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
10:55:06.0301 3060        AppIDSvc - ok
10:55:06.0379 3060        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
10:55:06.0426 3060        Appinfo - ok
10:55:06.0566 3060        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:55:06.0582 3060        Apple Mobile Device - ok
10:55:06.0629 3060        arc            (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
10:55:06.0644 3060        arc - ok
10:55:06.0660 3060        arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
10:55:06.0676 3060        arcsas - ok
10:55:06.0691 3060        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:55:06.0707 3060        ArcSoftKsUFilter - ok
10:55:06.0769 3060        aswFsBlk        (df59b8e8df0bd2e0e303778a3806a17d) C:\windows\system32\drivers\aswFsBlk.sys
10:55:06.0785 3060        aswFsBlk - ok
10:55:06.0832 3060        aswFW          (f3cfbc0aa2b8bd665a2ccf1ba9e65919) C:\windows\system32\drivers\aswFW.sys
10:55:06.0832 3060        aswFW - ok
10:55:06.0878 3060        aswKbd          (c42d45089fd2ec63d13571362c258dc6) C:\windows\system32\drivers\aswKbd.sys
10:55:06.0894 3060        aswKbd - ok
10:55:06.0910 3060        aswMonFlt      (f8e6ab4f876feff69250f2e0c29ef004) C:\windows\system32\drivers\aswMonFlt.sys
10:55:06.0925 3060        aswMonFlt - ok
10:55:06.0956 3060        aswNdis        (518b8d447a1975ab46da093a2e743256) C:\windows\system32\DRIVERS\aswNdis.sys
10:55:06.0972 3060        aswNdis - ok
10:55:07.0003 3060        aswNdis2        (80a43cef831664c404c73564ccf4b8b1) C:\windows\system32\drivers\aswNdis2.sys
10:55:07.0019 3060        aswNdis2 - ok
10:55:07.0050 3060        aswRdr          (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\windows\System32\Drivers\aswrdr2.sys
10:55:07.0066 3060        aswRdr - ok
10:55:07.0159 3060        aswSnx          (f06e230e1e8ca9437a6474b7b551cd37) C:\windows\system32\drivers\aswSnx.sys
10:55:07.0190 3060        aswSnx - ok
10:55:07.0222 3060        aswSP          (3610ca74a69e380424f0452dec5c1317) C:\windows\system32\drivers\aswSP.sys
10:55:07.0237 3060        aswSP - ok
10:55:07.0268 3060        aswTdi          (87de3e31cb0091d22351349869324065) C:\windows\system32\drivers\aswTdi.sys
10:55:07.0268 3060        aswTdi - ok
10:55:07.0315 3060        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
10:55:07.0393 3060        AsyncMac - ok
10:55:07.0456 3060        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
10:55:07.0471 3060        atapi - ok
10:55:07.0674 3060        athr            (a5e770426d18f8ef332a593f3289da91) C:\windows\system32\DRIVERS\athrx.sys
10:55:07.0799 3060        athr - ok
10:55:07.0986 3060        AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\windows\system32\drivers\AtiHdmi.sys
10:55:08.0017 3060        AtiHdmiService - ok
10:55:08.0360 3060        atikmdag        (0c3480807a602519b970088ffb112a70) C:\windows\system32\DRIVERS\atikmdag.sys
10:55:08.0548 3060        atikmdag - ok
10:55:08.0766 3060        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
10:55:08.0875 3060        AudioEndpointBuilder - ok
10:55:08.0875 3060        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
10:55:08.0922 3060        AudioSrv - ok
10:55:09.0140 3060        avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:55:09.0156 3060        avast! Antivirus - ok
10:55:09.0203 3060        avast! Firewall (465a17095eb3b9e101429b669f495d01) C:\Program Files\AVAST Software\Avast\afwServ.exe
10:55:09.0218 3060        avast! Firewall - ok
10:55:09.0265 3060        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
10:55:09.0343 3060        AxInstSV - ok
10:55:09.0452 3060        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
10:55:09.0515 3060        b06bdrv - ok
10:55:09.0577 3060        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
10:55:09.0624 3060        b57nd60a - ok
10:55:09.0686 3060        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
10:55:09.0749 3060        BDESVC - ok
10:55:09.0780 3060        Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
10:55:09.0874 3060        Beep - ok
10:55:09.0998 3060        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
10:55:10.0092 3060        BFE - ok
10:55:10.0201 3060        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
10:55:10.0295 3060        BITS - ok
10:55:10.0373 3060        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
10:55:10.0420 3060        blbdrive - ok
10:55:10.0544 3060        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:55:10.0576 3060        Bonjour Service - ok
10:55:10.0638 3060        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
10:55:10.0669 3060        bowser - ok
10:55:10.0716 3060        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
10:55:10.0778 3060        BrFiltLo - ok
10:55:10.0794 3060        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
10:55:10.0810 3060        BrFiltUp - ok
10:55:10.0872 3060        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
10:55:10.0966 3060        Browser - ok
10:55:11.0012 3060        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
10:55:11.0044 3060        Brserid - ok
10:55:11.0075 3060        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
10:55:11.0122 3060        BrSerWdm - ok
10:55:11.0153 3060        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
10:55:11.0200 3060        BrUsbMdm - ok
10:55:11.0215 3060        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
10:55:11.0246 3060        BrUsbSer - ok
10:55:11.0293 3060        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
10:55:11.0340 3060        BTHMODEM - ok
10:55:11.0387 3060        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
10:55:11.0465 3060        bthserv - ok
10:55:11.0512 3060        cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
10:55:11.0574 3060        cdfs - ok
10:55:11.0636 3060        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
10:55:11.0699 3060        cdrom - ok
10:55:11.0777 3060        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
10:55:11.0855 3060        CertPropSvc - ok
10:55:11.0902 3060        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
10:55:11.0933 3060        circlass - ok
10:55:11.0995 3060        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
10:55:12.0042 3060        CLFS - ok
10:55:12.0136 3060        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:55:12.0167 3060        clr_optimization_v2.0.50727_32 - ok
10:55:12.0229 3060        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:55:12.0260 3060        clr_optimization_v2.0.50727_64 - ok
10:55:12.0370 3060        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:55:12.0401 3060        clr_optimization_v4.0.30319_32 - ok
10:55:12.0463 3060        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:55:12.0479 3060        clr_optimization_v4.0.30319_64 - ok
10:55:12.0526 3060        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
10:55:12.0572 3060        CmBatt - ok
10:55:12.0604 3060        cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
10:55:12.0619 3060        cmdide - ok
10:55:12.0682 3060        CNG            (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
10:55:12.0744 3060        CNG - ok
10:55:12.0822 3060        cnnctfy2        (040ff3b09f26926a3792e047db0f47dd) C:\windows\system32\DRIVERS\cnnctfy2.sys
10:55:12.0853 3060        cnnctfy2 - ok
10:55:12.0884 3060        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
10:55:12.0916 3060        Compbatt - ok
10:55:12.0962 3060        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
10:55:12.0994 3060        CompositeBus - ok
10:55:13.0025 3060        COMSysApp - ok
10:55:13.0118 3060        Connectify      (4dbc76cfc9a53d7f39bfc2dc8d505b0d) C:\Program Files (x86)\Connectify\ConnectifyService.exe
10:55:13.0150 3060        Connectify ( UnsignedFile.Multi.Generic ) - warning
10:55:13.0150 3060        Connectify - detected UnsignedFile.Multi.Generic (1)
10:55:13.0196 3060        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
10:55:13.0212 3060        crcdisk - ok
10:55:13.0290 3060        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
10:55:13.0368 3060        CryptSvc - ok
10:55:13.0477 3060        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
10:55:13.0555 3060        DcomLaunch - ok
10:55:13.0618 3060        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
10:55:13.0696 3060        defragsvc - ok
10:55:13.0743 3060        de_serv - ok
10:55:13.0805 3060        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
10:55:13.0883 3060        DfsC - ok
10:55:13.0914 3060        dgderdrv - ok
10:55:13.0977 3060        dg_ssudbus      (113212d25d0c9bb8901a9833774da97f) C:\windows\system32\DRIVERS\ssudbus.sys
10:55:14.0008 3060        dg_ssudbus - ok
10:55:14.0070 3060        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
10:55:14.0164 3060        Dhcp - ok
10:55:14.0211 3060        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
10:55:14.0289 3060        discache - ok
10:55:14.0335 3060        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
10:55:14.0367 3060        Disk - ok
10:55:14.0413 3060        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
10:55:14.0460 3060        Dnscache - ok
10:55:14.0507 3060        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
10:55:14.0569 3060        dot3svc - ok
10:55:14.0632 3060        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
10:55:14.0694 3060        DPS - ok
10:55:14.0741 3060        drmkaud        (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
10:55:14.0803 3060        drmkaud - ok
10:55:14.0913 3060        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
10:55:14.0959 3060        DXGKrnl - ok
10:55:15.0022 3060        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
10:55:15.0147 3060        EapHost - ok
10:55:15.0412 3060        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
10:55:15.0552 3060        ebdrv - ok
10:55:15.0708 3060        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
10:55:15.0771 3060        EFS - ok
10:55:15.0895 3060        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
10:55:15.0958 3060        ehRecvr - ok
10:55:16.0005 3060        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
10:55:16.0036 3060        ehSched - ok
10:55:16.0145 3060        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
10:55:16.0192 3060        elxstor - ok
10:55:16.0239 3060        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
10:55:16.0285 3060        ErrDev - ok
10:55:16.0348 3060        EUCR            (89d11159b361dd1eac5dd4e9895c04a4) C:\windows\system32\DRIVERS\EUCR6SK.SYS
10:55:16.0363 3060        EUCR - ok
10:55:16.0441 3060        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
10:55:16.0535 3060        EventSystem - ok
10:55:16.0582 3060        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
10:55:16.0675 3060        exfat - ok
10:55:16.0707 3060        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
10:55:16.0800 3060        fastfat - ok
10:55:16.0894 3060        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
10:55:17.0003 3060        Fax - ok
10:55:17.0034 3060        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
10:55:17.0081 3060        fdc - ok
10:55:17.0112 3060        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
10:55:17.0175 3060        fdPHost - ok
10:55:17.0206 3060        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
10:55:17.0268 3060        FDResPub - ok
10:55:17.0299 3060        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
10:55:17.0315 3060        FileInfo - ok
10:55:17.0346 3060        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
10:55:17.0471 3060        Filetrace - ok
10:55:17.0611 3060        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:55:17.0674 3060        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:55:17.0674 3060        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:55:17.0705 3060        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
10:55:17.0752 3060        flpydisk - ok
10:55:17.0830 3060        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
10:55:17.0861 3060        FltMgr - ok
10:55:17.0986 3060        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
10:55:18.0033 3060        FontCache - ok
10:55:18.0111 3060        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:55:18.0126 3060        FontCache3.0.0.0 - ok
10:55:18.0189 3060        FsDepends      (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
10:55:18.0220 3060        FsDepends - ok
10:55:18.0251 3060        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
10:55:18.0267 3060        Fs_Rec - ok
10:55:18.0345 3060        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
10:55:18.0376 3060        fvevol - ok
10:55:18.0423 3060        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
10:55:18.0438 3060        gagp30kx - ok
10:55:18.0501 3060        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
10:55:18.0516 3060        GEARAspiWDM - ok
10:55:18.0610 3060        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
10:55:18.0688 3060        gpsvc - ok
10:55:18.0797 3060        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:55:18.0828 3060        gupdate - ok
10:55:18.0859 3060        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:55:18.0875 3060        gupdatem - ok
10:55:18.0953 3060        gusvc          (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:55:18.0969 3060        gusvc - ok
10:55:19.0062 3060        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
10:55:19.0093 3060        hcw85cir - ok
10:55:19.0187 3060        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
10:55:19.0234 3060        HdAudAddService - ok
10:55:19.0296 3060        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
10:55:19.0343 3060        HDAudBus - ok
10:55:19.0405 3060        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
10:55:19.0437 3060        HECIx64 - ok
10:55:19.0452 3060        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
10:55:19.0499 3060        HidBatt - ok
10:55:19.0530 3060        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
10:55:19.0561 3060        HidBth - ok
10:55:19.0608 3060        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
10:55:19.0655 3060        HidIr - ok
10:55:19.0702 3060        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
10:55:19.0764 3060        hidserv - ok
10:55:19.0842 3060        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
10:55:19.0858 3060        HidUsb - ok
10:55:19.0905 3060        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
10:55:20.0029 3060        hkmsvc - ok
10:55:20.0076 3060        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
10:55:20.0092 3060        HomeGroupListener - ok
10:55:20.0154 3060        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
10:55:20.0217 3060        HomeGroupProvider - ok
10:55:20.0279 3060        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
10:55:20.0326 3060        HpSAMD - ok
10:55:20.0435 3060        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
10:55:20.0529 3060        HTTP - ok
10:55:20.0560 3060        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
10:55:20.0575 3060        hwpolicy - ok
10:55:20.0638 3060        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
10:55:20.0685 3060        i8042prt - ok
10:55:20.0747 3060        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
10:55:20.0778 3060        iaStor - ok
10:55:20.0903 3060        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:55:20.0919 3060        IAStorDataMgrSvc - ok
10:55:21.0012 3060        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
10:55:21.0043 3060        iaStorV - ok
10:55:21.0184 3060        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:55:21.0231 3060        idsvc - ok
10:55:21.0277 3060        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
10:55:21.0293 3060        iirsp - ok
10:55:21.0402 3060        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
10:55:21.0480 3060        IKEEXT - ok
10:55:21.0558 3060        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\windows\system32\DRIVERS\Impcd.sys
10:55:21.0605 3060        Impcd - ok
10:55:21.0823 3060        IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\windows\system32\drivers\RTKVHD64.sys
10:55:21.0886 3060        IntcAzAudAddService - ok
10:55:22.0057 3060        IntcDAud        (da24c1f66ee1b5a92e045376d7a44b58) C:\windows\system32\DRIVERS\IntcDAud.sys
10:55:22.0135 3060        IntcDAud - ok
10:55:22.0167 3060        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
10:55:22.0182 3060        intelide - ok
10:55:22.0713 3060        intelkmd        (31d1aff484d8a0906cf8d44251ec390f) C:\windows\system32\DRIVERS\igdpmd64.sys
10:55:22.0947 3060        intelkmd - ok
10:55:23.0103 3060        intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
10:55:23.0149 3060        intelppm - ok
10:55:23.0181 3060        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
10:55:23.0290 3060        IPBusEnum - ok
10:55:23.0321 3060        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
10:55:23.0399 3060        IpFilterDriver - ok
10:55:23.0493 3060        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
10:55:23.0602 3060        iphlpsvc - ok
10:55:23.0633 3060        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
10:55:23.0664 3060        IPMIDRV - ok
10:55:23.0711 3060        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
10:55:23.0773 3060        IPNAT - ok
10:55:23.0961 3060        iPod Service    (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
10:55:24.0007 3060        iPod Service - ok
10:55:24.0054 3060        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
10:55:24.0101 3060        IRENUM - ok
10:55:24.0163 3060        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
10:55:24.0195 3060        isapnp - ok
10:55:24.0257 3060        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
10:55:24.0288 3060        iScsiPrt - ok
10:55:24.0304 3060        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
10:55:24.0319 3060        kbdclass - ok
10:55:24.0382 3060        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
10:55:24.0429 3060        kbdhid - ok
10:55:24.0475 3060        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:55:24.0507 3060        KeyIso - ok
10:55:24.0538 3060        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
10:55:24.0553 3060        KSecDD - ok
10:55:24.0600 3060        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
10:55:24.0631 3060        KSecPkg - ok
10:55:24.0663 3060        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
10:55:24.0725 3060        ksthunk - ok
10:55:24.0772 3060        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
10:55:24.0850 3060        KtmRm - ok
10:55:24.0912 3060        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
10:55:25.0021 3060        LanmanServer - ok
10:55:25.0068 3060        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
10:55:25.0162 3060        LanmanWorkstation - ok
10:55:25.0209 3060        lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
10:55:25.0287 3060        lltdio - ok
10:55:25.0349 3060        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
10:55:25.0443 3060        lltdsvc - ok
10:55:25.0474 3060        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
10:55:25.0536 3060        lmhosts - ok
10:55:25.0661 3060        LMS            (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:55:25.0692 3060        LMS - ok
10:55:25.0755 3060        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
10:55:25.0786 3060        LSI_FC - ok
10:55:25.0801 3060        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
10:55:25.0817 3060        LSI_SAS - ok
10:55:25.0848 3060        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
10:55:25.0864 3060        LSI_SAS2 - ok
10:55:25.0895 3060        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
10:55:25.0911 3060        LSI_SCSI - ok
10:55:25.0942 3060        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
10:55:26.0004 3060        luafv - ok
10:55:26.0035 3060        MBAMProtector - ok
10:55:26.0145 3060        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:55:26.0176 3060        MBAMService - ok
10:55:26.0238 3060        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
10:55:26.0285 3060        Mcx2Svc - ok
10:55:26.0301 3060        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
10:55:26.0316 3060        megasas - ok
10:55:26.0363 3060        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
10:55:26.0394 3060        MegaSR - ok
10:55:26.0472 3060        Micro Star SCM  (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
10:55:26.0488 3060        Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
10:55:26.0488 3060        Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
10:55:26.0550 3060        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
10:55:26.0613 3060        MMCSS - ok
10:55:26.0644 3060        Modem          (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
10:55:26.0722 3060        Modem - ok
10:55:26.0753 3060        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
10:55:26.0815 3060        monitor - ok
10:55:26.0878 3060        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
10:55:26.0893 3060        mouclass - ok
10:55:26.0925 3060        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
10:55:26.0971 3060        mouhid - ok
10:55:27.0018 3060        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
10:55:27.0049 3060        mountmgr - ok
10:55:27.0127 3060        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:55:27.0159 3060        MozillaMaintenance - ok
10:55:27.0205 3060        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
10:55:27.0237 3060        mpio - ok
10:55:27.0268 3060        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
10:55:27.0346 3060        mpsdrv - ok
10:55:27.0439 3060        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
10:55:27.0549 3060        MpsSvc - ok
10:55:27.0595 3060        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
10:55:27.0642 3060        MRxDAV - ok
10:55:27.0673 3060        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
10:55:27.0736 3060        mrxsmb - ok
10:55:27.0798 3060        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
10:55:27.0861 3060        mrxsmb10 - ok
10:55:27.0892 3060        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
10:55:27.0939 3060        mrxsmb20 - ok
10:55:27.0985 3060        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
10:55:28.0001 3060        msahci - ok
10:55:28.0048 3060        msdsm          (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
10:55:28.0079 3060        msdsm - ok
10:55:28.0126 3060        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
10:55:28.0173 3060        MSDTC - ok
10:55:28.0219 3060        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
10:55:28.0282 3060        Msfs - ok
10:55:28.0297 3060        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
10:55:28.0407 3060        mshidkmdf - ok
10:55:28.0438 3060        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
10:55:28.0453 3060        msisadrv - ok
10:55:28.0500 3060        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
10:55:28.0578 3060        MSiSCSI - ok
10:55:28.0578 3060        msiserver - ok
10:55:28.0609 3060        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
10:55:28.0656 3060        MSKSSRV - ok
10:55:28.0656 3060        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
10:55:28.0734 3060        MSPCLOCK - ok
10:55:28.0734 3060        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
10:55:28.0797 3060        MSPQM - ok
10:55:28.0859 3060        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
10:55:28.0906 3060        MsRPC - ok
10:55:28.0937 3060        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
10:55:28.0953 3060        mssmbios - ok
10:55:28.0984 3060        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
10:55:29.0031 3060        MSTEE - ok
10:55:29.0046 3060        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
10:55:29.0093 3060        MTConfig - ok
10:55:29.0124 3060        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
10:55:29.0140 3060        Mup - ok
10:55:29.0218 3060        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
10:55:29.0280 3060        napagent - ok
10:55:29.0358 3060        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
10:55:29.0421 3060        NativeWifiP - ok
10:55:29.0530 3060        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
10:55:29.0592 3060        NDIS - ok
10:55:29.0608 3060        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
10:55:29.0686 3060        NdisCap - ok
10:55:29.0717 3060        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
10:55:29.0779 3060        NdisTapi - ok
10:55:29.0842 3060        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
10:55:29.0935 3060        Ndisuio - ok
10:55:29.0982 3060        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
10:55:30.0076 3060        NdisWan - ok
10:55:30.0123 3060        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
10:55:30.0185 3060        NDProxy - ok
10:55:30.0247 3060        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
10:55:30.0325 3060        NetBIOS - ok
10:55:30.0372 3060        NetBT          (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
10:55:30.0450 3060        NetBT - ok
10:55:30.0497 3060        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:55:30.0528 3060        Netlogon - ok
10:55:30.0591 3060        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
10:55:30.0684 3060        Netman - ok
10:55:30.0747 3060        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
10:55:30.0840 3060        netprofm - ok
10:55:30.0918 3060        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:55:30.0934 3060        NetTcpPortSharing - ok
10:55:30.0996 3060        nfrd960        (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
10:55:31.0012 3060        nfrd960 - ok
10:55:31.0090 3060        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
10:55:31.0168 3060        NlaSvc - ok
10:55:31.0183 3060        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
10:55:31.0230 3060        Npfs - ok
10:55:31.0261 3060        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
10:55:31.0324 3060        nsi - ok
10:55:31.0339 3060        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
10:55:31.0417 3060        nsiproxy - ok
10:55:31.0589 3060        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
10:55:31.0667 3060        Ntfs - ok
10:55:31.0807 3060        Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
10:55:31.0885 3060        Null - ok
10:55:31.0948 3060        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
10:55:31.0995 3060        nvraid - ok
10:55:32.0057 3060        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
10:55:32.0088 3060        nvstor - ok
10:55:32.0135 3060        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
10:55:32.0151 3060        nv_agp - ok
10:55:32.0307 3060        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:55:32.0353 3060        odserv - ok
10:55:32.0385 3060        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
10:55:32.0431 3060        ohci1394 - ok
10:55:32.0494 3060        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:55:32.0525 3060        ose - ok
10:55:32.0587 3060        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
10:55:32.0650 3060        p2pimsvc - ok
10:55:32.0697 3060        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
10:55:32.0759 3060        p2psvc - ok
10:55:32.0790 3060        Parport        (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
10:55:32.0837 3060        Parport - ok
10:55:32.0884 3060        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
10:55:32.0899 3060        partmgr - ok
10:55:32.0962 3060        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
10:55:32.0993 3060        PcaSvc - ok
10:55:33.0196 3060        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
10:55:33.0243 3060        pci - ok
10:55:33.0383 3060        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
10:55:33.0399 3060        pciide - ok
10:55:33.0461 3060        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
10:55:33.0523 3060        pcmcia - ok
10:55:33.0539 3060        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
10:55:33.0555 3060        pcw - ok
10:55:34.0194 3060        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
10:55:34.0303 3060        PEAUTH - ok
10:55:34.0647 3060        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
10:55:34.0693 3060        PerfHost - ok
10:55:34.0896 3060        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
10:55:34.0990 3060        pla - ok
10:55:35.0068 3060        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
10:55:35.0115 3060        PlugPlay - ok
10:55:35.0161 3060        PnkBstrA - ok
10:55:35.0208 3060        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
10:55:35.0239 3060        PNRPAutoReg - ok
10:55:35.0317 3060        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
10:55:35.0349 3060        PNRPsvc - ok
10:55:35.0442 3060        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
10:55:35.0598 3060        PolicyAgent - ok
10:55:35.0661 3060        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
10:55:35.0770 3060        Power - ok
10:55:35.0863 3060        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
10:55:35.0910 3060        PptpMiniport - ok
10:55:35.0957 3060        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
10:55:35.0973 3060        Processor - ok
10:55:36.0035 3060        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
10:55:36.0113 3060        ProfSvc - ok
10:55:36.0144 3060        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:55:36.0175 3060        ProtectedStorage - ok
10:55:36.0238 3060        Psched          (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
10:55:36.0347 3060        Psched - ok
10:55:36.0503 3060        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
10:55:36.0581 3060        ql2300 - ok
10:55:36.0721 3060        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
10:55:36.0753 3060        ql40xx - ok
10:55:36.0815 3060        QWAVE          (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
10:55:36.0877 3060        QWAVE - ok
10:55:36.0893 3060        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
10:55:36.0940 3060        QWAVEdrv - ok
10:55:36.0955 3060        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
10:55:37.0002 3060        RasAcd - ok
10:55:37.0049 3060        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
10:55:37.0111 3060        RasAgileVpn - ok
10:55:37.0158 3060        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
10:55:37.0283 3060        RasAuto - ok
10:55:37.0361 3060        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
10:55:37.0455 3060        Rasl2tp - ok
10:55:37.0533 3060        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
10:55:37.0626 3060        RasMan - ok
10:55:37.0689 3060        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
10:55:37.0751 3060        RasPppoe - ok
10:55:37.0767 3060        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
10:55:37.0845 3060        RasSstp - ok
10:55:37.0938 3060        rdbss          (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
10:55:38.0047 3060        rdbss - ok
10:55:38.0094 3060        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
10:55:38.0110 3060        rdpbus - ok
10:55:38.0157 3060        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
10:55:38.0235 3060        RDPCDD - ok
10:55:38.0250 3060        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
10:55:38.0313 3060        RDPENCDD - ok
10:55:38.0328 3060        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
10:55:38.0406 3060        RDPREFMP - ok
10:55:38.0453 3060        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
10:55:38.0515 3060        RDPWD - ok
10:55:38.0609 3060        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
10:55:38.0625 3060        rdyboost - ok
10:55:38.0671 3060        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
10:55:38.0734 3060        RemoteAccess - ok
10:55:38.0796 3060        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
10:55:38.0859 3060        RemoteRegistry - ok
10:55:38.0890 3060        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
10:55:38.0968 3060        RpcEptMapper - ok
10:55:38.0999 3060        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
10:55:39.0015 3060        RpcLocator - ok
10:55:39.0093 3060        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
10:55:39.0171 3060        RpcSs - ok
10:55:39.0217 3060        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
10:55:39.0295 3060        rspndr - ok
10:55:39.0327 3060        RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys
10:55:39.0358 3060        RTHDMIAzAudService - ok
10:55:39.0436 3060        RTL8167        (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
10:55:39.0467 3060        RTL8167 - ok
10:55:39.0514 3060        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:55:39.0529 3060        SamSs - ok
10:55:39.0654 3060        SamsungAllShareV2.0 (8325093bdae38247a8482ab0a1bc37ce) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
10:55:39.0685 3060        SamsungAllShareV2.0 - ok
10:55:39.0732 3060        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
10:55:39.0779 3060        sbp2port - ok
10:55:39.0826 3060        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
10:55:39.0873 3060        SCardSvr - ok
10:55:39.0904 3060        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
10:55:39.0997 3060        scfilter - ok
10:55:40.0107 3060        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
10:55:40.0216 3060        Schedule - ok
10:55:40.0263 3060        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
10:55:40.0309 3060        SCPolicySvc - ok
10:55:40.0356 3060        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
10:55:40.0372 3060        sdbus - ok
10:55:40.0434 3060        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
10:55:40.0481 3060        SDRSVC - ok
10:55:40.0621 3060        SeaPort        (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
10:55:40.0653 3060        SeaPort - ok
10:55:40.0699 3060        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
10:55:40.0793 3060        secdrv - ok
10:55:40.0824 3060        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
10:55:40.0902 3060        seclogon - ok
10:55:40.0949 3060        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
10:55:41.0027 3060        SENS - ok
10:55:41.0105 3060        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
10:55:41.0183 3060        SensrSvc - ok
10:55:41.0230 3060        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
10:55:41.0261 3060        Serenum - ok
10:55:41.0292 3060        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
10:55:41.0339 3060        Serial - ok
10:55:41.0401 3060        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
10:55:41.0433 3060        sermouse - ok
10:55:41.0495 3060        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
10:55:41.0573 3060        SessionEnv - ok
10:55:41.0604 3060        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
10:55:41.0651 3060        sffdisk - ok
10:55:41.0682 3060        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
10:55:41.0729 3060        sffp_mmc - ok
10:55:41.0745 3060        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
10:55:41.0791 3060        sffp_sd - ok
10:55:41.0823 3060        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
10:55:41.0869 3060        sfloppy - ok
10:55:41.0947 3060        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
10:55:42.0057 3060        SharedAccess - ok
10:55:42.0119 3060        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
10:55:42.0213 3060        ShellHWDetection - ok
10:55:42.0353 3060        SimpleSlideShowServer (002efe99e9117d8c9feb17ce9cc6af82) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
10:55:42.0369 3060        SimpleSlideShowServer - ok
10:55:42.0415 3060        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
10:55:42.0431 3060        SiSRaid2 - ok
10:55:42.0478 3060        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
10:55:42.0493 3060        SiSRaid4 - ok
10:55:42.0634 3060        SkypeUpdate    (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:55:42.0665 3060        SkypeUpdate - ok
10:55:42.0696 3060        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
10:55:42.0774 3060        Smb - ok
10:55:42.0946 3060        smserial        (7ae8bca90539ecbde87ac45ba1436be3) C:\windows\system32\DRIVERS\SmSerl64.sys
10:55:43.0008 3060        smserial - ok
10:55:43.0071 3060        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
10:55:43.0117 3060        SNMPTRAP - ok
10:55:43.0149 3060        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
10:55:43.0164 3060        spldr - ok
10:55:43.0258 3060        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
10:55:43.0320 3060        Spooler - ok
10:55:43.0617 3060        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
10:55:43.0788 3060        sppsvc - ok
10:55:43.0929 3060        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
10:55:44.0022 3060        sppuinotify - ok
10:55:44.0131 3060        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
10:55:44.0163 3060        srv - ok
10:55:44.0241 3060        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
10:55:44.0272 3060        srv2 - ok
10:55:44.0319 3060        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
10:55:44.0365 3060        srvnet - ok
10:55:44.0459 3060        ssadbus        (8f8324ed1de63ffc7b1a02cd2d963c72) C:\windows\system32\DRIVERS\ssadbus.sys
10:55:44.0490 3060        ssadbus - ok
10:55:44.0521 3060        ssadmdfl        (58221efcb74167b73667f0024c661ce0) C:\windows\system32\DRIVERS\ssadmdfl.sys
10:55:44.0537 3060        ssadmdfl - ok
10:55:44.0599 3060        ssadmdm        (4da7c71bfac5ad71255b7e4cab980163) C:\windows\system32\DRIVERS\ssadmdm.sys
10:55:44.0646 3060        ssadmdm - ok
10:55:44.0693 3060        ssadserd        (d33d1bd3ec0e766211a234f56a12726d) C:\windows\system32\DRIVERS\ssadserd.sys
10:55:44.0740 3060        ssadserd - ok
10:55:44.0833 3060        sscdbus        (ed161b91fdf7eaa39469d72d463d5f4e) C:\windows\system32\DRIVERS\sscdbus.sys
10:55:44.0865 3060        sscdbus - ok
10:55:44.0865 3060        sscdmdfl        (4cb09e77593dbd8d7af33b37375ca715) C:\windows\system32\DRIVERS\sscdmdfl.sys
10:55:44.0880 3060        sscdmdfl - ok
10:55:44.0911 3060        sscdmdm        (c7b4cf53497a6e5363f3439427663882) C:\windows\system32\DRIVERS\sscdmdm.sys
10:55:44.0943 3060        sscdmdm - ok
10:55:44.0974 3060        sscdserd        (05ffa552f578e27ab2d41b6828db477f) C:\windows\system32\DRIVERS\sscdserd.sys
10:55:45.0005 3060        sscdserd - ok
10:55:45.0067 3060        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
10:55:45.0161 3060        SSDPSRV - ok
10:55:45.0192 3060        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
10:55:45.0239 3060        SstpSvc - ok
10:55:45.0301 3060        ssudmdm        (78cd64791f8634cf7b582fd085e57c4b) C:\windows\system32\DRIVERS\ssudmdm.sys
10:55:45.0333 3060        ssudmdm - ok
10:55:45.0411 3060        ssudserd        (dfb8e60fcad331662a25c1133e6902bb) C:\windows\system32\DRIVERS\ssudserd.sys
10:55:45.0442 3060        ssudserd - ok
10:55:45.0473 3060        StarOpen - ok
10:55:45.0504 3060        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
10:55:45.0520 3060        stexstor - ok
10:55:45.0645 3060        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
10:55:45.0707 3060        stisvc - ok
10:55:45.0738 3060        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
10:55:45.0754 3060        swenum - ok
10:55:45.0832 3060        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
10:55:45.0894 3060        swprv - ok
10:55:46.0003 3060        SynTP          (8f63178d1db81bb79270ae55ecdd8321) C:\windows\system32\DRIVERS\SynTP.sys
10:55:46.0019 3060        SynTP - ok
10:55:46.0206 3060        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
10:55:46.0300 3060        SysMain - ok
10:55:46.0471 3060        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
10:55:46.0518 3060        TabletInputService - ok
10:55:46.0596 3060        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
10:55:46.0674 3060        TapiSrv - ok
10:55:46.0705 3060        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
10:55:46.0783 3060        TBS - ok
10:55:47.0002 3060        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
10:55:47.0080 3060        Tcpip - ok
10:55:47.0423 3060        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
10:55:47.0485 3060        TCPIP6 - ok
10:55:47.0641 3060        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
10:55:47.0735 3060        tcpipreg - ok
10:55:47.0751 3060        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
10:55:47.0782 3060        TDPIPE - ok
10:55:47.0829 3060        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
10:55:47.0860 3060        TDTCP - ok
10:55:47.0922 3060        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
10:55:48.0000 3060        tdx - ok
10:55:48.0047 3060        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
10:55:48.0078 3060        TermDD - ok
10:55:48.0141 3060        TermService    (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
10:55:48.0203 3060        TermService - ok
10:55:48.0250 3060        TFsExDisk      (ce4b6956e4e12492715a53076e58761f) C:\windows\System32\Drivers\TFsExDisk.sys
10:55:48.0265 3060        TFsExDisk - ok
10:55:48.0297 3060        Themes          (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
10:55:48.0375 3060        Themes - ok
10:55:48.0421 3060        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
10:55:48.0468 3060        THREADORDER - ok
10:55:48.0546 3060        TlntSvr        (519cb7d7f697f4ba47de05845c20f158) C:\windows\System32\tlntsvr.exe
10:55:48.0593 3060        TlntSvr - ok
10:55:48.0655 3060        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
10:55:48.0733 3060        TrkWks - ok
10:55:48.0827 3060        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
10:55:48.0889 3060        TrustedInstaller - ok
10:55:48.0936 3060        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
10:55:48.0983 3060        tssecsrv - ok
10:55:49.0108 3060        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
10:55:49.0139 3060        TsUsbFlt - ok
10:55:49.0264 3060        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
10:55:49.0357 3060        tunnel - ok
10:55:49.0545 3060        TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe
10:55:49.0607 3060        TVersityMediaServer - ok
10:55:49.0810 3060        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
10:55:49.0825 3060        uagp35 - ok
10:55:49.0919 3060        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
10:55:50.0044 3060        udfs - ok
10:55:50.0075 3060        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
10:55:50.0122 3060        UI0Detect - ok
10:55:50.0184 3060        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
10:55:50.0200 3060        uliagpkx - ok
10:55:50.0278 3060        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
10:55:50.0293 3060        umbus - ok
10:55:50.0340 3060        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
10:55:50.0371 3060        UmPass - ok
10:55:50.0652 3060        UNS            (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:55:50.0730 3060        UNS - ok
10:55:50.0902 3060        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
10:55:51.0042 3060        upnphost - ok
10:55:51.0105 3060        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
10:55:51.0136 3060        USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:55:51.0136 3060        USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
10:55:51.0183 3060        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
10:55:51.0214 3060        usbccgp - ok
10:55:51.0261 3060        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
10:55:51.0292 3060        usbcir - ok
10:55:51.0339 3060        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
10:55:51.0370 3060        usbehci - ok
10:55:51.0432 3060        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
10:55:51.0479 3060        usbhub - ok
10:55:51.0510 3060        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
10:55:51.0541 3060        usbohci - ok
10:55:51.0588 3060        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
10:55:51.0619 3060        usbprint - ok
10:55:51.0682 3060        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
10:55:51.0729 3060        usbscan - ok
10:55:51.0791 3060        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
10:55:51.0822 3060        USBSTOR - ok
10:55:51.0931 3060        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
10:55:51.0963 3060        usbuhci - ok
10:55:52.0041 3060        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
10:55:52.0072 3060        usbvideo - ok
10:55:52.0119 3060        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
10:55:52.0197 3060        UxSms - ok
10:55:52.0259 3060        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:55:52.0275 3060        VaultSvc - ok
10:55:52.0353 3060        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
10:55:52.0368 3060        vdrvroot - ok
10:55:52.0446 3060        vds            (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
10:55:52.0555 3060        vds - ok
10:55:52.0618 3060        vflt            (00c7df4f50962ba218ab60d32869100b) C:\windows\system32\DRIVERS\vfilter.sys
10:55:52.0649 3060        vflt ( UnsignedFile.Multi.Generic ) - warning
10:55:52.0649 3060        vflt - detected UnsignedFile.Multi.Generic (1)
10:55:52.0711 3060        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
10:55:52.0743 3060        vga - ok
10:55:52.0758 3060        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
10:55:52.0821 3060        VgaSave - ok
10:55:52.0883 3060        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
10:55:52.0914 3060        vhdmp - ok
10:55:52.0945 3060        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
10:55:52.0961 3060        viaide - ok
10:55:52.0992 3060        vnet            (a99ca064ad11266fe7067a79bf78bbb5) C:\windows\system32\DRIVERS\virtualnet.sys
10:55:53.0023 3060        vnet ( UnsignedFile.Multi.Generic ) - warning
10:55:53.0023 3060        vnet - detected UnsignedFile.Multi.Generic (1)
10:55:53.0086 3060        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
10:55:53.0101 3060        volmgr - ok
10:55:53.0179 3060        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
10:55:53.0195 3060        volmgrx - ok
10:55:53.0273 3060        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
10:55:53.0304 3060        volsnap - ok
10:55:53.0304 3060        vpnva - ok
10:55:53.0367 3060        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
10:55:53.0398 3060        vsmraid - ok
10:55:53.0538 3060        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
10:55:53.0647 3060        VSS - ok
10:55:53.0819 3060        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
10:55:53.0866 3060        vwifibus - ok
10:55:53.0897 3060        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
10:55:53.0944 3060        vwififlt - ok
10:55:53.0991 3060        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
10:55:54.0022 3060        vwifimp - ok
10:55:54.0084 3060        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
10:55:54.0209 3060        W32Time - ok
10:55:54.0225 3060        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
10:55:54.0271 3060        WacomPen - ok
10:55:54.0365 3060        WANARP          (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
10:55:54.0443 3060        WANARP - ok
10:55:54.0459 3060        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
10:55:54.0521 3060        Wanarpv6 - ok
10:55:54.0646 3060        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
10:55:54.0739 3060        wbengine - ok
10:55:54.0895 3060        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
10:55:54.0942 3060        WbioSrvc - ok
10:55:55.0020 3060        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
10:55:55.0114 3060        wcncsvc - ok
10:55:55.0145 3060        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
10:55:55.0161 3060        WcsPlugInService - ok
10:55:55.0239 3060        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
10:55:55.0254 3060        Wd - ok
10:55:55.0301 3060        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
10:55:55.0332 3060        Wdf01000 - ok
10:55:55.0363 3060        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
10:55:55.0395 3060        WdiServiceHost - ok
10:55:55.0410 3060        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
10:55:55.0441 3060        WdiSystemHost - ok
10:55:55.0504 3060        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
10:55:55.0551 3060        WebClient - ok
10:55:55.0597 3060        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
10:55:55.0660 3060        Wecsvc - ok
10:55:55.0691 3060        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
10:55:55.0753 3060        wercplsupport - ok
10:55:55.0800 3060        WerSvc          (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
10:55:55.0863 3060        WerSvc - ok
10:55:55.0956 3060        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
10:55:55.0987 3060        WfpLwf - ok
10:55:56.0003 3060        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
10:55:56.0019 3060        WIMMount - ok
10:55:56.0050 3060        WinDefend - ok
10:55:56.0065 3060        WinHttpAutoProxySvc - ok
10:55:56.0143 3060        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
10:55:56.0190 3060        Winmgmt - ok
10:55:56.0331 3060        WinRM          (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
10:55:56.0455 3060        WinRM - ok
10:55:56.0658 3060        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
10:55:56.0689 3060        WinUsb - ok
10:55:56.0783 3060        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
10:55:56.0830 3060        Wlansvc - ok
10:55:56.0877 3060        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
10:55:56.0908 3060        WmiAcpi - ok
10:55:56.0986 3060        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
10:55:57.0033 3060        wmiApSrv - ok
10:55:57.0126 3060        WMPNetworkSvc - ok
10:55:57.0157 3060        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
10:55:57.0204 3060        WPCSvc - ok
10:55:57.0251 3060        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
10:55:57.0267 3060        WPDBusEnum - ok
10:55:57.0298 3060        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
10:55:57.0360 3060        ws2ifsl - ok
10:55:57.0407 3060        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
10:55:57.0438 3060        wscsvc - ok
10:55:57.0438 3060        WSearch - ok
10:55:57.0625 3060        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
10:55:57.0719 3060        wuauserv - ok
10:55:57.0875 3060        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
10:55:57.0937 3060        WudfPf - ok
10:55:57.0969 3060        WUDFRd          (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
10:55:58.0047 3060        WUDFRd - ok
10:55:58.0093 3060        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
10:55:58.0140 3060        wudfsvc - ok
10:55:58.0187 3060        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
10:55:58.0249 3060        WwanSvc - ok
10:55:58.0327 3060        MBR (0x1B8)    (77a4fe43427b9d4037d059eb3f6742a3) \Device\Harddisk0\DR0
10:55:58.0359 3060        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
10:55:58.0359 3060        \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
10:55:58.0468 3060        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:55:58.0468 3060        \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:55:58.0483 3060        Boot (0x1200)  (50a0b6b96dde02ffa90b00ef4b9e76d4) \Device\Harddisk0\DR0\Partition0
10:55:58.0499 3060        \Device\Harddisk0\DR0\Partition0 - ok
10:55:58.0515 3060        Boot (0x1200)  (bf218d235dd6e5ac320a49273e5e8a8f) \Device\Harddisk0\DR0\Partition1
10:55:58.0515 3060        \Device\Harddisk0\DR0\Partition1 - ok
10:55:58.0515 3060        ============================================================
10:55:58.0515 3060        Scan finished
10:55:58.0515 3060        ============================================================
10:55:58.0546 2560        Detected object count: 8
10:55:58.0546 2560        Actual detected object count: 8
10:58:05.0639 2560        Connectify ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0639 2560        Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:05.0639 2560        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0639 2560        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:05.0639 2560        Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0639 2560        Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:05.0655 2560        USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0655 2560        USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:05.0655 2560        vflt ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0655 2560        vflt ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:05.0655 2560        vnet ( UnsignedFile.Multi.Generic ) - skipped by user
10:58:05.0655 2560        vnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:58:06.0606 2560        \Device\Harddisk0\DR0\# - copied to quarantine
10:58:06.0606 2560        \Device\Harddisk0\DR0 - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
10:58:06.0700 2560        \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
10:58:12.0285 2560        \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
10:58:12.0581 2560        \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
10:58:12.0705 2560        \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
10:58:12.0776 2560        \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
10:58:12.0875 2560        \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
10:58:13.0011 2560        \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
10:58:13.0090 2560        \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
10:58:13.0209 2560        \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
10:58:13.0219 2560        \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
10:58:13.0229 2560        \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
10:58:13.0229 2560        \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
10:58:13.0302 2560        \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
10:58:13.0381 2560        \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
10:58:16.0821 2560        \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
10:58:19.0291 2560        \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
10:58:19.0380 2560        \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
10:58:19.0480 2560        \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
10:58:19.0670 2560        \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
10:58:19.0750 2560        \Device\Harddisk0\DR0 - processing error
10:58:31.0158 2560        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Cure
10:58:31.0173 2560        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
10:58:31.0173 2560        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
10:59:05.0899 4988        ============================================================
10:59:05.0899 4988        Scan started
10:59:05.0899 4988        Mode: Manual; SigCheck; TDLFS;
10:59:05.0899 4988        ============================================================
10:59:06.0071 4988        1394ohci        (a87d604aea360176311474c87a63bb88) C:\windows\system32\drivers\1394ohci.sys
10:59:06.0117 4988        1394ohci - ok
10:59:06.0273 4988        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
10:59:06.0289 4988        ACDaemon - ok
10:59:06.0383 4988        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\windows\system32\drivers\ACPI.sys
10:59:06.0414 4988        ACPI - ok
10:59:06.0492 4988        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\windows\system32\drivers\acpipmi.sys
10:59:06.0523 4988        AcpiPmi - ok
10:59:06.0663 4988        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:59:06.0695 4988        AdobeARMservice - ok
10:59:06.0773 4988        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\windows\system32\DRIVERS\adp94xx.sys
10:59:06.0819 4988        adp94xx - ok
10:59:06.0851 4988        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\windows\system32\DRIVERS\adpahci.sys
10:59:06.0866 4988        adpahci - ok
10:59:06.0897 4988        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\windows\system32\DRIVERS\adpu320.sys
10:59:06.0913 4988        adpu320 - ok
10:59:06.0960 4988        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\windows\System32\aelupsvc.dll
10:59:07.0007 4988        AeLookupSvc - ok
10:59:07.0100 4988        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\windows\system32\drivers\afd.sys
10:59:07.0131 4988        AFD - ok
10:59:07.0178 4988        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\windows\system32\drivers\agp440.sys
10:59:07.0209 4988        agp440 - ok
10:59:07.0256 4988        ALG            (3290d6946b5e30e70414990574883ddb) C:\windows\System32\alg.exe
10:59:07.0272 4988        ALG - ok
10:59:07.0287 4988        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\windows\system32\drivers\aliide.sys
10:59:07.0303 4988        aliide - ok
10:59:07.0334 4988        AMD External Events Utility (9f5027a7a304a33de3077f523635553a) C:\windows\system32\atiesrxx.exe
10:59:07.0350 4988        AMD External Events Utility - ok
10:59:07.0365 4988        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\windows\system32\drivers\amdide.sys
10:59:07.0381 4988        amdide - ok
10:59:07.0428 4988        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\windows\system32\DRIVERS\amdk8.sys
10:59:07.0459 4988        AmdK8 - ok
10:59:07.0880 4988        amdkmdag        (0c3480807a602519b970088ffb112a70) C:\windows\system32\DRIVERS\atipmdag.sys
10:59:07.0974 4988        amdkmdag - ok
10:59:08.0130 4988        amdkmdap        (f031616862c873086b1f3c2b97ee35d5) C:\windows\system32\DRIVERS\atikmpag.sys
10:59:08.0161 4988        amdkmdap - ok
10:59:08.0192 4988        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\windows\system32\DRIVERS\amdppm.sys
10:59:08.0208 4988        AmdPPM - ok
10:59:08.0286 4988        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\windows\system32\drivers\amdsata.sys
10:59:08.0317 4988        amdsata - ok
10:59:08.0348 4988        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\windows\system32\DRIVERS\amdsbs.sys
10:59:08.0364 4988        amdsbs - ok
10:59:08.0379 4988        amdxata        (540daf1cea6094886d72126fd7c33048) C:\windows\system32\drivers\amdxata.sys
10:59:08.0395 4988        amdxata - ok
10:59:08.0442 4988        androidusb      (4de0d5d747a73797c95a97dcce5018b5) C:\windows\system32\Drivers\ssadadb.sys
10:59:08.0457 4988        androidusb - ok
10:59:08.0520 4988        AppID          (89a69c3f2f319b43379399547526d952) C:\windows\system32\drivers\appid.sys
10:59:08.0567 4988        AppID - ok
10:59:08.0582 4988        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\windows\System32\appidsvc.dll
10:59:08.0645 4988        AppIDSvc - ok
10:59:08.0691 4988        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\windows\System32\appinfo.dll
10:59:08.0738 4988        Appinfo - ok
10:59:08.0910 4988        Apple Mobile Device (7ef47644b74ebe721cc32211d3c35e76) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:59:08.0925 4988        Apple Mobile Device - ok
10:59:08.0972 4988        arc            (c484f8ceb1717c540242531db7845c4e) C:\windows\system32\DRIVERS\arc.sys
10:59:08.0988 4988        arc - ok
10:59:09.0019 4988        arcsas          (019af6924aefe7839f61c830227fe79c) C:\windows\system32\DRIVERS\arcsas.sys
10:59:09.0035 4988        arcsas - ok
10:59:09.0081 4988        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys
10:59:09.0097 4988        ArcSoftKsUFilter - ok
10:59:09.0113 4988        aswFsBlk        (df59b8e8df0bd2e0e303778a3806a17d) C:\windows\system32\drivers\aswFsBlk.sys
10:59:09.0144 4988        aswFsBlk - ok
10:59:09.0175 4988        aswFW          (f3cfbc0aa2b8bd665a2ccf1ba9e65919) C:\windows\system32\drivers\aswFW.sys
10:59:09.0191 4988        aswFW - ok
10:59:09.0222 4988        aswKbd          (c42d45089fd2ec63d13571362c258dc6) C:\windows\system32\drivers\aswKbd.sys
10:59:09.0237 4988        aswKbd - ok
10:59:09.0269 4988        aswMonFlt      (f8e6ab4f876feff69250f2e0c29ef004) C:\windows\system32\drivers\aswMonFlt.sys
10:59:09.0284 4988        aswMonFlt - ok
10:59:09.0300 4988        aswNdis        (518b8d447a1975ab46da093a2e743256) C:\windows\system32\DRIVERS\aswNdis.sys
10:59:09.0315 4988        aswNdis - ok
10:59:09.0362 4988        aswNdis2        (80a43cef831664c404c73564ccf4b8b1) C:\windows\system32\drivers\aswNdis2.sys
10:59:09.0378 4988        aswNdis2 - ok
10:59:09.0409 4988        aswRdr          (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\windows\System32\Drivers\aswrdr2.sys
10:59:09.0425 4988        aswRdr - ok
10:59:09.0518 4988        aswSnx          (f06e230e1e8ca9437a6474b7b551cd37) C:\windows\system32\drivers\aswSnx.sys
10:59:09.0565 4988        aswSnx - ok
10:59:09.0612 4988        aswSP          (3610ca74a69e380424f0452dec5c1317) C:\windows\system32\drivers\aswSP.sys
10:59:09.0627 4988        aswSP - ok
10:59:09.0659 4988        aswTdi          (87de3e31cb0091d22351349869324065) C:\windows\system32\drivers\aswTdi.sys
10:59:09.0674 4988        aswTdi - ok
10:59:09.0705 4988        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\windows\system32\DRIVERS\asyncmac.sys
10:59:09.0752 4988        AsyncMac - ok
10:59:09.0799 4988        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\windows\system32\drivers\atapi.sys
10:59:09.0830 4988        atapi - ok
10:59:10.0127 4988        athr            (a5e770426d18f8ef332a593f3289da91) C:\windows\system32\DRIVERS\athrx.sys
10:59:10.0173 4988        athr - ok
10:59:10.0361 4988        AtiHdmiService  (77c149e6d702737b2e372dee166faef8) C:\windows\system32\drivers\AtiHdmi.sys
10:59:10.0376 4988        AtiHdmiService - ok
10:59:10.0813 4988        atikmdag        (0c3480807a602519b970088ffb112a70) C:\windows\system32\DRIVERS\atikmdag.sys
10:59:10.0907 4988        atikmdag - ok
10:59:11.0141 4988        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
10:59:11.0203 4988        AudioEndpointBuilder - ok
10:59:11.0203 4988        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\windows\System32\Audiosrv.dll
10:59:11.0265 4988        AudioSrv - ok
10:59:11.0499 4988        avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:59:11.0531 4988        avast! Antivirus - ok
10:59:11.0562 4988        avast! Firewall (465a17095eb3b9e101429b669f495d01) C:\Program Files\AVAST Software\Avast\afwServ.exe
10:59:11.0593 4988        avast! Firewall - ok
10:59:11.0640 4988        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\windows\System32\AxInstSV.dll
10:59:11.0671 4988        AxInstSV - ok
10:59:11.0780 4988        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\windows\system32\DRIVERS\bxvbda.sys
10:59:11.0811 4988        b06bdrv - ok
10:59:11.0843 4988        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\windows\system32\DRIVERS\b57nd60a.sys
10:59:11.0858 4988        b57nd60a - ok
10:59:11.0905 4988        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\windows\System32\bdesvc.dll
10:59:11.0921 4988        BDESVC - ok
10:59:11.0936 4988        Beep            (16a47ce2decc9b099349a5f840654746) C:\windows\system32\drivers\Beep.sys
10:59:11.0983 4988        Beep - ok
10:59:12.0077 4988        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\windows\System32\bfe.dll
10:59:12.0155 4988        BFE - ok
10:59:12.0264 4988        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\windows\System32\qmgr.dll
10:59:12.0326 4988        BITS - ok
10:59:12.0404 4988        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\windows\system32\DRIVERS\blbdrive.sys
10:59:12.0435 4988        blbdrive - ok
10:59:12.0576 4988        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
10:59:12.0591 4988        Bonjour Service - ok
10:59:12.0638 4988        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\windows\system32\DRIVERS\bowser.sys
10:59:12.0685 4988        bowser - ok
10:59:12.0716 4988        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\windows\system32\DRIVERS\BrFiltLo.sys
10:59:12.0747 4988        BrFiltLo - ok
10:59:12.0763 4988        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\windows\system32\DRIVERS\BrFiltUp.sys
10:59:12.0779 4988        BrFiltUp - ok
10:59:12.0857 4988        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\windows\System32\browser.dll
10:59:12.0935 4988        Browser - ok
10:59:12.0981 4988        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\windows\System32\Drivers\Brserid.sys
10:59:12.0997 4988        Brserid - ok
10:59:13.0028 4988        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\windows\System32\Drivers\BrSerWdm.sys
10:59:13.0044 4988        BrSerWdm - ok
10:59:13.0059 4988        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\windows\System32\Drivers\BrUsbMdm.sys
10:59:13.0075 4988        BrUsbMdm - ok
10:59:13.0075 4988        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\windows\System32\Drivers\BrUsbSer.sys
10:59:13.0091 4988        BrUsbSer - ok
10:59:13.0122 4988        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\windows\system32\DRIVERS\bthmodem.sys
10:59:13.0137 4988        BTHMODEM - ok
10:59:13.0184 4988        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\windows\system32\bthserv.dll
10:59:13.0247 4988        bthserv - ok
10:59:13.0262 4988        cdfs            (b8bd2bb284668c84865658c77574381a) C:\windows\system32\DRIVERS\cdfs.sys
10:59:13.0309 4988        cdfs - ok
10:59:13.0371 4988        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\windows\system32\drivers\cdrom.sys
10:59:13.0418 4988        cdrom - ok
10:59:13.0465 4988        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
10:59:13.0512 4988        CertPropSvc - ok
10:59:13.0527 4988        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\windows\system32\DRIVERS\circlass.sys
10:59:13.0543 4988        circlass - ok
10:59:13.0605 4988        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\windows\system32\CLFS.sys
10:59:13.0621 4988        CLFS - ok
10:59:13.0730 4988        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:59:13.0746 4988        clr_optimization_v2.0.50727_32 - ok
10:59:13.0839 4988        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:59:13.0871 4988        clr_optimization_v2.0.50727_64 - ok
10:59:13.0980 4988        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:59:14.0011 4988        clr_optimization_v4.0.30319_32 - ok
10:59:14.0058 4988        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:59:14.0073 4988        clr_optimization_v4.0.30319_64 - ok
10:59:14.0105 4988        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\windows\system32\DRIVERS\CmBatt.sys
10:59:14.0136 4988        CmBatt - ok
10:59:14.0183 4988        cmdide          (e19d3f095812725d88f9001985b94edd) C:\windows\system32\drivers\cmdide.sys
10:59:14.0214 4988        cmdide - ok
10:59:14.0323 4988        CNG            (c4943b6c962e4b82197542447ad599f4) C:\windows\system32\Drivers\cng.sys
10:59:14.0370 4988        CNG - ok
10:59:14.0417 4988        cnnctfy2        (040ff3b09f26926a3792e047db0f47dd) C:\windows\system32\DRIVERS\cnnctfy2.sys
10:59:14.0448 4988        cnnctfy2 - ok
10:59:14.0479 4988        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\windows\system32\DRIVERS\compbatt.sys
10:59:14.0495 4988        Compbatt - ok
10:59:14.0526 4988        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\windows\system32\drivers\CompositeBus.sys
10:59:14.0557 4988        CompositeBus - ok
10:59:14.0557 4988        COMSysApp - ok
10:59:14.0651 4988        Connectify      (4dbc76cfc9a53d7f39bfc2dc8d505b0d) C:\Program Files (x86)\Connectify\ConnectifyService.exe
10:59:14.0651 4988        Connectify ( UnsignedFile.Multi.Generic ) - warning
10:59:14.0651 4988        Connectify - detected UnsignedFile.Multi.Generic (1)
10:59:14.0682 4988        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\windows\system32\DRIVERS\crcdisk.sys
10:59:14.0697 4988        crcdisk - ok
10:59:14.0775 4988        CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\windows\system32\cryptsvc.dll
10:59:14.0838 4988        CryptSvc - ok
10:59:14.0947 4988        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
10:59:14.0994 4988        DcomLaunch - ok
10:59:15.0072 4988        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\windows\System32\defragsvc.dll
10:59:15.0119 4988        defragsvc - ok
10:59:15.0150 4988        de_serv - ok
10:59:15.0212 4988        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\windows\system32\Drivers\dfsc.sys
10:59:15.0259 4988        DfsC - ok
10:59:15.0259 4988        dgderdrv - ok
10:59:15.0321 4988        dg_ssudbus      (113212d25d0c9bb8901a9833774da97f) C:\windows\system32\DRIVERS\ssudbus.sys
10:59:15.0337 4988        dg_ssudbus - ok
10:59:15.0415 4988        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\windows\system32\dhcpcore.dll
10:59:15.0477 4988        Dhcp - ok
10:59:15.0509 4988        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\windows\system32\drivers\discache.sys
10:59:15.0571 4988        discache - ok
10:59:15.0618 4988        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\windows\system32\DRIVERS\disk.sys
10:59:15.0649 4988        Disk - ok
10:59:15.0743 4988        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\windows\System32\dnsrslvr.dll
10:59:15.0774 4988        Dnscache - ok
10:59:15.0836 4988        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\windows\System32\dot3svc.dll
10:59:15.0914 4988        dot3svc - ok
10:59:15.0961 4988        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\windows\system32\dps.dll
10:59:16.0039 4988        DPS - ok
10:59:16.0055 4988        drmkaud        (9b19f34400d24df84c858a421c205754) C:\windows\system32\drivers\drmkaud.sys
10:59:16.0086 4988        drmkaud - ok
10:59:16.0195 4988        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\windows\System32\drivers\dxgkrnl.sys
10:59:16.0226 4988        DXGKrnl - ok
10:59:16.0273 4988        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\windows\System32\eapsvc.dll
10:59:16.0335 4988        EapHost - ok
10:59:16.0632 4988        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\windows\system32\DRIVERS\evbda.sys
10:59:16.0694 4988        ebdrv - ok
10:59:16.0866 4988        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\windows\System32\lsass.exe
10:59:16.0881 4988        EFS - ok
10:59:17.0022 4988        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\windows\ehome\ehRecvr.exe
10:59:17.0053 4988        ehRecvr - ok
10:59:17.0084 4988        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\windows\ehome\ehsched.exe
10:59:17.0100 4988        ehSched - ok
10:59:17.0225 4988        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\windows\system32\DRIVERS\elxstor.sys
10:59:17.0256 4988        elxstor - ok
10:59:17.0318 4988        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\windows\system32\drivers\errdev.sys
10:59:17.0365 4988        ErrDev - ok
10:59:17.0381 4988        EUCR            (89d11159b361dd1eac5dd4e9895c04a4) C:\windows\system32\DRIVERS\EUCR6SK.SYS
10:59:17.0396 4988        EUCR - ok
10:59:17.0474 4988        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\windows\system32\es.dll
10:59:17.0568 4988        EventSystem - ok
10:59:17.0599 4988        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\windows\system32\drivers\exfat.sys
10:59:17.0646 4988        exfat - ok
10:59:17.0677 4988        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\windows\system32\drivers\fastfat.sys
10:59:17.0724 4988        fastfat - ok
10:59:17.0817 4988        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\windows\system32\fxssvc.exe
10:59:17.0864 4988        Fax - ok
10:59:17.0880 4988        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\windows\system32\DRIVERS\fdc.sys
10:59:17.0895 4988        fdc - ok
10:59:17.0927 4988        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\windows\system32\fdPHost.dll
10:59:17.0973 4988        fdPHost - ok
10:59:17.0989 4988        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\windows\system32\fdrespub.dll
10:59:18.0036 4988        FDResPub - ok
10:59:18.0067 4988        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\windows\system32\drivers\fileinfo.sys
10:59:18.0083 4988        FileInfo - ok
10:59:18.0145 4988        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\windows\system32\drivers\filetrace.sys
10:59:18.0207 4988        Filetrace - ok
10:59:18.0395 4988        FLEXnet Licensing Service (227846995afeefa70d328bf5334a86a5) C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:59:18.0410 4988        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
10:59:18.0410 4988        FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
10:59:18.0426 4988        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\windows\system32\DRIVERS\flpydisk.sys
10:59:18.0457 4988        flpydisk - ok
10:59:18.0551 4988        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\windows\system32\drivers\fltmgr.sys
10:59:18.0582 4988        FltMgr - ok
10:59:18.0722 4988        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\windows\system32\FntCache.dll
10:59:18.0769 4988        FontCache - ok
10:59:18.0863 4988        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:59:18.0894 4988        FontCache3.0.0.0 - ok
10:59:18.0941 4988        FsDepends      (d43703496149971890703b4b1b723eac) C:\windows\system32\drivers\FsDepends.sys
10:59:18.0956 4988        FsDepends - ok
10:59:19.0003 4988        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\windows\system32\drivers\Fs_Rec.sys
10:59:19.0034 4988        Fs_Rec - ok
10:59:19.0097 4988        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\windows\system32\DRIVERS\fvevol.sys
10:59:19.0128 4988        fvevol - ok
10:59:19.0159 4988        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\windows\system32\DRIVERS\gagp30kx.sys
10:59:19.0175 4988        gagp30kx - ok
10:59:19.0221 4988        GEARAspiWDM    (e403aacf8c7bb11375122d2464560311) C:\windows\system32\DRIVERS\GEARAspiWDM.sys
10:59:19.0237 4988        GEARAspiWDM - ok
10:59:19.0346 4988        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\windows\System32\gpsvc.dll
10:59:19.0424 4988        gpsvc - ok
10:59:19.0580 4988        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:59:19.0596 4988        gupdate - ok
10:59:19.0611 4988        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:59:19.0627 4988        gupdatem - ok
10:59:19.0674 4988        gusvc          (c1b577b2169900f4cf7190c39f085794) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
10:59:19.0689 4988        gusvc - ok
10:59:19.0721 4988        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\windows\system32\drivers\hcw85cir.sys
10:59:19.0736 4988        hcw85cir - ok
10:59:19.0799 4988        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\windows\system32\drivers\HdAudio.sys
10:59:19.0830 4988        HdAudAddService - ok
10:59:19.0861 4988        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\windows\system32\drivers\HDAudBus.sys
10:59:19.0877 4988        HDAudBus - ok
10:59:19.0908 4988        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\windows\system32\DRIVERS\HECIx64.sys
10:59:19.0923 4988        HECIx64 - ok
10:59:19.0939 4988        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\windows\system32\DRIVERS\HidBatt.sys
10:59:19.0955 4988        HidBatt - ok
10:59:19.0970 4988        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\windows\system32\DRIVERS\hidbth.sys
10:59:19.0986 4988        HidBth - ok
10:59:20.0001 4988        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\windows\system32\DRIVERS\hidir.sys
10:59:20.0017 4988        HidIr - ok
10:59:20.0048 4988        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\windows\system32\hidserv.dll
10:59:20.0095 4988        hidserv - ok
10:59:20.0142 4988        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\windows\system32\drivers\hidusb.sys
10:59:20.0173 4988        HidUsb - ok
10:59:20.0235 4988        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\windows\system32\kmsvc.dll
10:59:20.0298 4988        hkmsvc - ok
10:59:20.0360 4988        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\windows\system32\ListSvc.dll
10:59:20.0376 4988        HomeGroupListener - ok
10:59:20.0454 4988        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\windows\system32\provsvc.dll
10:59:20.0501 4988        HomeGroupProvider - ok
10:59:20.0547 4988        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\windows\system32\drivers\HpSAMD.sys
10:59:20.0579 4988        HpSAMD - ok
10:59:20.0688 4988        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\windows\system32\drivers\HTTP.sys
10:59:20.0750 4988        HTTP - ok
10:59:20.0797 4988        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\windows\system32\drivers\hwpolicy.sys
10:59:20.0828 4988        hwpolicy - ok
10:59:20.0875 4988        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\windows\system32\drivers\i8042prt.sys
10:59:20.0906 4988        i8042prt - ok
10:59:20.0984 4988        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\windows\system32\DRIVERS\iaStor.sys
10:59:21.0015 4988        iaStor - ok
10:59:21.0156 4988        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:59:21.0171 4988        IAStorDataMgrSvc - ok
10:59:21.0265 4988        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\windows\system32\drivers\iaStorV.sys
10:59:21.0312 4988        iaStorV - ok
10:59:21.0468 4988        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:59:21.0499 4988        idsvc - ok
10:59:21.0546 4988        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\windows\system32\DRIVERS\iirsp.sys
10:59:21.0561 4988        iirsp - ok
10:59:21.0671 4988        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\windows\System32\ikeext.dll
10:59:21.0749 4988        IKEEXT - ok
10:59:21.0764 4988        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\windows\system32\DRIVERS\Impcd.sys
10:59:21.0780 4988        Impcd - ok
10:59:21.0983 4988        IntcAzAudAddService (e9befd8c6a1db3b544b61647dda35f62) C:\windows\system32\drivers\RTKVHD64.sys
10:59:22.0045 4988        IntcAzAudAddService - ok
10:59:22.0217 4988        IntcDAud        (da24c1f66ee1b5a92e045376d7a44b58) C:\windows\system32\DRIVERS\IntcDAud.sys
10:59:22.0248 4988        IntcDAud - ok
10:59:22.0310 4988        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\windows\system32\drivers\intelide.sys
10:59:22.0326 4988        intelide - ok
10:59:22.0903 4988        intelkmd        (31d1aff484d8a0906cf8d44251ec390f) C:\windows\system32\DRIVERS\igdpmd64.sys
10:59:23.0012 4988        intelkmd - ok
10:59:23.0168 4988        intelppm        (ada036632c664caa754079041cf1f8c1) C:\windows\system32\DRIVERS\intelppm.sys
10:59:23.0199 4988        intelppm - ok
10:59:23.0246 4988        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\windows\system32\ipbusenum.dll
10:59:23.0309 4988        IPBusEnum - ok
10:59:23.0355 4988        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\windows\system32\DRIVERS\ipfltdrv.sys
10:59:23.0402 4988        IpFilterDriver - ok
10:59:23.0496 4988        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\windows\System32\iphlpsvc.dll
10:59:23.0558 4988        iphlpsvc - ok
10:59:23.0621 4988        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\windows\system32\drivers\IPMIDrv.sys
10:59:23.0636 4988        IPMIDRV - ok
10:59:23.0683 4988        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\windows\system32\drivers\ipnat.sys
10:59:23.0745 4988        IPNAT - ok
10:59:23.0886 4988        iPod Service    (755e4ba6dce627a2683bb7640553c8d6) C:\Program Files\iPod\bin\iPodService.exe
10:59:23.0933 4988        iPod Service - ok
10:59:23.0948 4988        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\windows\system32\drivers\irenum.sys
10:59:23.0979 4988        IRENUM - ok
10:59:24.0042 4988        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\windows\system32\drivers\isapnp.sys
10:59:24.0057 4988        isapnp - ok
10:59:24.0135 4988        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\windows\system32\drivers\msiscsi.sys
10:59:24.0167 4988        iScsiPrt - ok
10:59:24.0198 4988        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\windows\system32\drivers\kbdclass.sys
10:59:24.0213 4988        kbdclass - ok
10:59:24.0291 4988        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\windows\system32\drivers\kbdhid.sys
10:59:24.0323 4988        kbdhid - ok
10:59:24.0369 4988        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:59:24.0401 4988        KeyIso - ok
10:59:24.0463 4988        KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\windows\system32\Drivers\ksecdd.sys
10:59:24.0494 4988        KSecDD - ok
10:59:24.0557 4988        KSecPkg        (7e33198d956943a4f11a5474c1e9106f) C:\windows\system32\Drivers\ksecpkg.sys
10:59:24.0588 4988        KSecPkg - ok
10:59:24.0619 4988        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\windows\system32\drivers\ksthunk.sys
10:59:24.0650 4988        ksthunk - ok
10:59:24.0713 4988        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\windows\system32\msdtckrm.dll
10:59:24.0775 4988        KtmRm - ok
10:59:24.0853 4988        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\windows\system32\srvsvc.dll
10:59:24.0915 4988        LanmanServer - ok
10:59:24.0962 4988        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\windows\System32\wkssvc.dll
10:59:25.0009 4988        LanmanWorkstation - ok
10:59:25.0040 4988        lltdio          (1538831cf8ad2979a04c423779465827) C:\windows\system32\DRIVERS\lltdio.sys
10:59:25.0087 4988        lltdio - ok
10:59:25.0165 4988        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\windows\System32\lltdsvc.dll
10:59:25.0227 4988        lltdsvc - ok
10:59:25.0259 4988        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\windows\System32\lmhsvc.dll
10:59:25.0305 4988        lmhosts - ok
10:59:25.0446 4988        LMS            (7485fbcef9136f530953575e2977859d) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:59:25.0477 4988        LMS - ok
10:59:25.0539 4988        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\windows\system32\DRIVERS\lsi_fc.sys
10:59:25.0555 4988        LSI_FC - ok
10:59:25.0586 4988        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\windows\system32\DRIVERS\lsi_sas.sys
10:59:25.0602 4988        LSI_SAS - ok
10:59:25.0617 4988        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\windows\system32\DRIVERS\lsi_sas2.sys
10:59:25.0617 4988        LSI_SAS2 - ok
10:59:25.0649 4988        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\windows\system32\DRIVERS\lsi_scsi.sys
10:59:25.0664 4988        LSI_SCSI - ok
10:59:25.0695 4988        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\windows\system32\drivers\luafv.sys
10:59:25.0742 4988        luafv - ok
10:59:25.0742 4988        MBAMProtector - ok
10:59:25.0867 4988        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
10:59:25.0898 4988        MBAMService - ok
10:59:25.0961 4988        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\windows\system32\Mcx2Svc.dll
10:59:25.0992 4988        Mcx2Svc - ok
10:59:26.0007 4988        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\windows\system32\DRIVERS\megasas.sys
10:59:26.0023 4988        megasas - ok
10:59:26.0085 4988        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\windows\system32\DRIVERS\MegaSR.sys
10:59:26.0117 4988        MegaSR - ok
10:59:26.0210 4988        Micro Star SCM  (71c6748ee8de938532057ef10b4b7e44) C:\Program Files (x86)\System Control Manager\MSIService.exe
10:59:26.0226 4988        Micro Star SCM ( UnsignedFile.Multi.Generic ) - warning
10:59:26.0226 4988        Micro Star SCM - detected UnsignedFile.Multi.Generic (1)
10:59:26.0273 4988        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
10:59:26.0335 4988        MMCSS - ok
10:59:26.0335 4988        Modem          (800ba92f7010378b09f9ed9270f07137) C:\windows\system32\drivers\modem.sys
10:59:26.0382 4988        Modem - ok
10:59:26.0413 4988        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\windows\system32\DRIVERS\monitor.sys
10:59:26.0444 4988        monitor - ok
10:59:26.0475 4988        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\windows\system32\drivers\mouclass.sys
10:59:26.0507 4988        mouclass - ok
10:59:26.0522 4988        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\windows\system32\DRIVERS\mouhid.sys
10:59:26.0538 4988        mouhid - ok
10:59:26.0600 4988        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\windows\system32\drivers\mountmgr.sys
10:59:26.0616 4988        mountmgr - ok
10:59:26.0694 4988        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:59:26.0709 4988        MozillaMaintenance - ok
10:59:26.0772 4988        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\windows\system32\drivers\mpio.sys
10:59:26.0803 4988        mpio - ok
10:59:26.0834 4988        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\windows\system32\drivers\mpsdrv.sys
10:59:26.0881 4988        mpsdrv - ok
10:59:27.0006 4988        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\windows\system32\mpssvc.dll
10:59:27.0084 4988        MpsSvc - ok
10:59:27.0162 4988        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\windows\system32\drivers\mrxdav.sys
10:59:27.0193 4988        MRxDAV - ok
10:59:27.0271 4988        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\windows\system32\DRIVERS\mrxsmb.sys
10:59:27.0302 4988        mrxsmb - ok
10:59:27.0380 4988        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\windows\system32\DRIVERS\mrxsmb10.sys
10:59:27.0411 4988        mrxsmb10 - ok
10:59:27.0489 4988        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\windows\system32\DRIVERS\mrxsmb20.sys
10:59:27.0521 4988        mrxsmb20 - ok
10:59:27.0583 4988        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\windows\system32\drivers\msahci.sys
10:59:27.0614 4988        msahci - ok
10:59:27.0692 4988        msdsm          (db801a638d011b9633829eb6f663c900) C:\windows\system32\drivers\msdsm.sys
10:59:27.0723 4988        msdsm - ok
10:59:27.0801 4988        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\windows\System32\msdtc.exe
10:59:27.0817 4988        MSDTC - ok
10:59:27.0864 4988        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\windows\system32\drivers\Msfs.sys
10:59:27.0926 4988        Msfs - ok
10:59:27.0989 4988        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\windows\System32\drivers\mshidkmdf.sys
10:59:28.0035 4988        mshidkmdf - ok
10:59:28.0098 4988        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\windows\system32\drivers\msisadrv.sys
10:59:28.0129 4988        msisadrv - ok
10:59:28.0176 4988        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\windows\system32\iscsiexe.dll
10:59:28.0223 4988        MSiSCSI - ok
10:59:28.0223 4988        msiserver - ok
10:59:28.0254 4988        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\windows\system32\drivers\MSKSSRV.sys
10:59:28.0285 4988        MSKSSRV - ok
10:59:28.0301 4988        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\windows\system32\drivers\MSPCLOCK.sys
10:59:28.0347 4988        MSPCLOCK - ok
10:59:28.0347 4988        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\windows\system32\drivers\MSPQM.sys
10:59:28.0394 4988        MSPQM - ok
10:59:28.0472 4988        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\windows\system32\drivers\MsRPC.sys
10:59:28.0488 4988        MsRPC - ok
10:59:28.0535 4988        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\windows\system32\drivers\mssmbios.sys
10:59:28.0550 4988        mssmbios - ok
10:59:28.0566 4988        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\windows\system32\drivers\MSTEE.sys
10:59:28.0613 4988        MSTEE - ok
10:59:28.0628 4988        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\windows\system32\DRIVERS\MTConfig.sys
10:59:28.0644 4988        MTConfig - ok
10:59:28.0659 4988        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\windows\system32\Drivers\mup.sys
10:59:28.0675 4988        Mup - ok
10:59:28.0784 4988        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\windows\system32\qagentRT.dll
10:59:28.0831 4988        napagent - ok
10:59:28.0878 4988        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\windows\system32\DRIVERS\nwifi.sys
10:59:28.0925 4988        NativeWifiP - ok
10:59:29.0065 4988        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\windows\system32\drivers\ndis.sys
10:59:29.0096 4988        NDIS - ok
10:59:29.0143 4988        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\windows\system32\DRIVERS\ndiscap.sys
10:59:29.0190 4988        NdisCap - ok
10:59:29.0205 4988        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\windows\system32\DRIVERS\ndistapi.sys
10:59:29.0252 4988        NdisTapi - ok
10:59:29.0315 4988        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\windows\system32\DRIVERS\ndisuio.sys
10:59:29.0377 4988        Ndisuio - ok
10:59:29.0455 4988        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\windows\system32\DRIVERS\ndiswan.sys
10:59:29.0517 4988        NdisWan - ok
10:59:29.0595 4988        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\windows\system32\drivers\NDProxy.sys
10:59:29.0642 4988        NDProxy - ok
10:59:29.0705 4988        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\windows\system32\DRIVERS\netbios.sys
10:59:29.0767 4988        NetBIOS - ok
10:59:29.0861 4988        NetBT          (09594d1089c523423b32a4229263f068) C:\windows\system32\DRIVERS\netbt.sys
10:59:29.0939 4988        NetBT - ok
10:59:29.0985 4988        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:59:30.0017 4988        Netlogon - ok
10:59:30.0079 4988        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\windows\System32\netman.dll
10:59:30.0141 4988        Netman - ok
10:59:30.0204 4988        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\windows\System32\netprofm.dll
10:59:30.0266 4988        netprofm - ok
10:59:30.0360 4988        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:59:30.0391 4988        NetTcpPortSharing - ok
10:59:30.0438 4988        nfrd960        (77889813be4d166cdab78ddba990da92) C:\windows\system32\DRIVERS\nfrd960.sys
10:59:30.0469 4988        nfrd960 - ok
10:59:30.0547 4988        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\windows\System32\nlasvc.dll
10:59:30.0609 4988        NlaSvc - ok
10:59:30.0641 4988        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\windows\system32\drivers\Npfs.sys
10:59:30.0687 4988        Npfs - ok
10:59:30.0703 4988        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\windows\system32\nsisvc.dll
10:59:30.0750 4988        nsi - ok
10:59:30.0765 4988        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\windows\system32\drivers\nsiproxy.sys
10:59:30.0812 4988        nsiproxy - ok
10:59:30.0984 4988        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\windows\system32\drivers\Ntfs.sys
10:59:31.0031 4988        Ntfs - ok
10:59:31.0202 4988        Null            (9899284589f75fa8724ff3d16aed75c1) C:\windows\system32\drivers\Null.sys
10:59:31.0265 4988        Null - ok
10:59:31.0343 4988        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\windows\system32\drivers\nvraid.sys
10:59:31.0374 4988        nvraid - ok
10:59:31.0452 4988        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\windows\system32\drivers\nvstor.sys
10:59:31.0483 4988        nvstor - ok
10:59:31.0530 4988        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\windows\system32\drivers\nv_agp.sys
10:59:31.0545 4988        nv_agp - ok
10:59:31.0733 4988        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:59:31.0764 4988        odserv - ok
10:59:31.0826 4988        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\windows\system32\drivers\ohci1394.sys
10:59:31.0857 4988        ohci1394 - ok
10:59:31.0904 4988        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:59:31.0920 4988        ose - ok
10:59:31.0982 4988        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
10:59:32.0029 4988        p2pimsvc - ok
10:59:32.0076 4988        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\windows\system32\p2psvc.dll
10:59:32.0091 4988        p2psvc - ok
10:59:32.0138 4988        Parport        (0086431c29c35be1dbc43f52cc273887) C:\windows\system32\DRIVERS\parport.sys
10:59:32.0169 4988        Parport - ok
10:59:32.0232 4988        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\windows\system32\drivers\partmgr.sys
10:59:32.0247 4988        partmgr - ok
10:59:32.0294 4988        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\windows\System32\pcasvc.dll
10:59:32.0341 4988        PcaSvc - ok
10:59:32.0419 4988        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\windows\system32\drivers\pci.sys
10:59:32.0450 4988        pci - ok
10:59:32.0497 4988        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\windows\system32\drivers\pciide.sys
10:59:32.0528 4988        pciide - ok
10:59:32.0575 4988        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\windows\system32\DRIVERS\pcmcia.sys
10:59:32.0606 4988        pcmcia - ok
10:59:32.0622 4988        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\windows\system32\drivers\pcw.sys
10:59:32.0637 4988        pcw - ok
10:59:32.0700 4988        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\windows\system32\drivers\peauth.sys
10:59:32.0762 4988        PEAUTH - ok
10:59:32.0871 4988        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\windows\SysWow64\perfhost.exe
10:59:32.0887 4988        PerfHost - ok
10:59:33.0090 4988        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\windows\system32\pla.dll
10:59:33.0168 4988        pla - ok
10:59:33.0277 4988        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\windows\system32\umpnpmgr.dll
10:59:33.0308 4988        PlugPlay - ok
10:59:33.0324 4988        PnkBstrA - ok
10:59:33.0355 4988        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\windows\system32\pnrpauto.dll
10:59:33.0371 4988        PNRPAutoReg - ok
10:59:33.0417 4988        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\windows\system32\pnrpsvc.dll
10:59:33.0433 4988        PNRPsvc - ok
10:59:33.0542 4988        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\windows\System32\ipsecsvc.dll
10:59:33.0605 4988        PolicyAgent - ok
10:59:33.0651 4988        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\windows\system32\umpo.dll
10:59:33.0698 4988        Power - ok
10:59:33.0807 4988        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\windows\system32\DRIVERS\raspptp.sys
10:59:33.0870 4988        PptpMiniport - ok
10:59:33.0901 4988        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\windows\system32\DRIVERS\processr.sys
10:59:33.0917 4988        Processor - ok
10:59:33.0995 4988        ProfSvc        (5c78838b4d166d1a27db3a8a820c799a) C:\windows\system32\profsvc.dll
10:59:34.0057 4988        ProfSvc - ok
10:59:34.0104 4988        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:59:34.0135 4988        ProtectedStorage - ok
10:59:34.0197 4988        Psched          (0557cf5a2556bd58e26384169d72438d) C:\windows\system32\DRIVERS\pacer.sys
10:59:34.0260 4988        Psched - ok
10:59:34.0400 4988        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\windows\system32\DRIVERS\ql2300.sys
10:59:34.0463 4988        ql2300 - ok
10:59:34.0634 4988        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\windows\system32\DRIVERS\ql40xx.sys
10:59:34.0650 4988        ql40xx - ok
10:59:34.0712 4988        QWAVE          (906191634e99aea92c4816150bda3732) C:\windows\system32\qwave.dll
10:59:34.0759 4988        QWAVE - ok
10:59:34.0775 4988        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\windows\system32\drivers\qwavedrv.sys
10:59:34.0790 4988        QWAVEdrv - ok
10:59:34.0806 4988        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\windows\system32\DRIVERS\rasacd.sys
10:59:34.0853 4988        RasAcd - ok
10:59:34.0884 4988        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\windows\system32\DRIVERS\AgileVpn.sys
10:59:34.0931 4988        RasAgileVpn - ok
10:59:34.0962 4988        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\windows\System32\rasauto.dll
10:59:35.0009 4988        RasAuto - ok
10:59:35.0071 4988        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\windows\system32\DRIVERS\rasl2tp.sys
10:59:35.0118 4988        Rasl2tp - ok
10:59:35.0196 4988        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\windows\System32\rasmans.dll
10:59:35.0258 4988        RasMan - ok
10:59:35.0305 4988        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\windows\system32\DRIVERS\raspppoe.sys
10:59:35.0352 4988        RasPppoe - ok
10:59:35.0383 4988        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\windows\system32\DRIVERS\rassstp.sys
10:59:35.0430 4988        RasSstp - ok
10:59:35.0508 4988        rdbss          (77f665941019a1594d887a74f301fa2f) C:\windows\system32\DRIVERS\rdbss.sys
10:59:35.0570 4988        rdbss - ok
10:59:35.0586 4988        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\windows\system32\DRIVERS\rdpbus.sys
10:59:35.0601 4988        rdpbus - ok
10:59:35.0617 4988        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\windows\system32\DRIVERS\RDPCDD.sys
10:59:35.0664 4988        RDPCDD - ok
10:59:35.0679 4988        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\windows\system32\drivers\rdpencdd.sys
10:59:35.0711 4988        RDPENCDD - ok
10:59:35.0726 4988        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\windows\system32\drivers\rdprefmp.sys
10:59:35.0773 4988        RDPREFMP - ok
10:59:35.0835 4988        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\windows\system32\drivers\RDPWD.sys
10:59:35.0867 4988        RDPWD - ok
10:59:35.0945 4988        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\windows\system32\drivers\rdyboost.sys
10:59:35.0976 4988        rdyboost - ok
10:59:36.0007 4988        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\windows\System32\mprdim.dll
10:59:36.0069 4988        RemoteAccess - ok
10:59:36.0116 4988        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\windows\system32\regsvc.dll
10:59:36.0163 4988        RemoteRegistry - ok
10:59:36.0179 4988        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\windows\System32\RpcEpMap.dll
10:59:36.0225 4988        RpcEptMapper - ok
10:59:36.0257 4988        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\windows\system32\locator.exe
10:59:36.0272 4988        RpcLocator - ok
10:59:36.0366 4988        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\windows\system32\rpcss.dll
10:59:36.0428 4988        RpcSs - ok
10:59:36.0459 4988        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\windows\system32\DRIVERS\rspndr.sys
10:59:36.0506 4988        rspndr - ok
10:59:36.0553 4988        RTHDMIAzAudService (4e821c740a675f6d040be41d59a62b1d) C:\windows\system32\drivers\RtHDMIVX.sys
10:59:36.0584 4988        RTHDMIAzAudService - ok
10:59:36.0662 4988        RTL8167        (ee082e06a82ff630351d1e0ebbd3d8d0) C:\windows\system32\DRIVERS\Rt64win7.sys
10:59:36.0709 4988        RTL8167 - ok
10:59:36.0756 4988        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:59:36.0771 4988        SamSs - ok
10:59:36.0881 4988        SamsungAllShareV2.0 (8325093bdae38247a8482ab0a1bc37ce) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
10:59:36.0912 4988        SamsungAllShareV2.0 - ok
10:59:36.0974 4988        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\windows\system32\drivers\sbp2port.sys
10:59:36.0990 4988        sbp2port - ok
10:59:37.0037 4988        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\windows\System32\SCardSvr.dll
10:59:37.0099 4988        SCardSvr - ok
10:59:37.0146 4988        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\windows\system32\DRIVERS\scfilter.sys
10:59:37.0193 4988        scfilter - ok
10:59:37.0317 4988        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\windows\system32\schedsvc.dll
10:59:37.0395 4988        Schedule - ok
10:59:37.0442 4988        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\windows\System32\certprop.dll
10:59:37.0489 4988        SCPolicySvc - ok
10:59:37.0551 4988        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\windows\system32\drivers\sdbus.sys
10:59:37.0567 4988        sdbus - ok
10:59:37.0629 4988        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\windows\System32\SDRSVC.dll
10:59:37.0661 4988        SDRSVC - ok
10:59:37.0785 4988        SeaPort        (d358e077a0a05d9b12da22d137ee8464) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
10:59:37.0817 4988        SeaPort - ok
10:59:37.0832 4988        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\windows\system32\drivers\secdrv.sys
10:59:37.0879 4988        secdrv - ok
10:59:37.0941 4988        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\windows\system32\seclogon.dll
10:59:38.0004 4988        seclogon - ok
10:59:38.0035 4988        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\windows\System32\sens.dll
10:59:38.0097 4988        SENS - ok
10:59:38.0113 4988        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\windows\system32\sensrsvc.dll
10:59:38.0129 4988        SensrSvc - ok
10:59:38.0160 4988        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\windows\system32\DRIVERS\serenum.sys
10:59:38.0175 4988        Serenum - ok
10:59:38.0207 4988        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\windows\system32\DRIVERS\serial.sys
10:59:38.0222 4988        Serial - ok
10:59:38.0269 4988        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\windows\system32\DRIVERS\sermouse.sys
10:59:38.0300 4988        sermouse - ok
10:59:38.0378 4988        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\windows\system32\sessenv.dll
10:59:38.0441 4988        SessionEnv - ok
10:59:38.0487 4988        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\windows\system32\drivers\sffdisk.sys
10:59:38.0503 4988        sffdisk - ok
10:59:38.0519 4988        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\windows\system32\drivers\sffp_mmc.sys
10:59:38.0534 4988        sffp_mmc - ok
10:59:38.0534 4988        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\windows\system32\drivers\sffp_sd.sys
10:59:38.0565 4988        sffp_sd - ok
10:59:38.0597 4988        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\windows\system32\DRIVERS\sfloppy.sys
10:59:38.0612 4988        sfloppy - ok
10:59:38.0690 4988        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\windows\System32\ipnathlp.dll
10:59:38.0753 4988        SharedAccess - ok
10:59:38.0831 4988        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\windows\System32\shsvcs.dll
10:59:38.0893 4988        ShellHWDetection - ok
10:59:38.0987 4988        SimpleSlideShowServer (002efe99e9117d8c9feb17ce9cc6af82) C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
10:59:39.0002 4988        SimpleSlideShowServer - ok
10:59:39.0049 4988        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\windows\system32\DRIVERS\SiSRaid2.sys
10:59:39.0065 4988        SiSRaid2 - ok
10:59:39.0111 4988        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\windows\system32\DRIVERS\sisraid4.sys
10:59:39.0127 4988        SiSRaid4 - ok
10:59:39.0252 4988        SkypeUpdate    (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
10:59:39.0267 4988        SkypeUpdate - ok
10:59:39.0299 4988        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\windows\system32\DRIVERS\smb.sys
10:59:39.0345 4988        Smb - ok
10:59:39.0470 4988        smserial        (7ae8bca90539ecbde87ac45ba1436be3) C:\windows\system32\DRIVERS\SmSerl64.sys
10:59:39.0517 4988        smserial - ok
10:59:39.0548 4988        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\windows\System32\snmptrap.exe
10:59:39.0564 4988        SNMPTRAP - ok
10:59:39.0579 4988        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\windows\system32\drivers\spldr.sys
10:59:39.0595 4988        spldr - ok
10:59:39.0689 4988        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\windows\System32\spoolsv.exe
10:59:39.0767 4988        Spooler - ok
10:59:40.0063 4988        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\windows\system32\sppsvc.exe
10:59:40.0141 4988        sppsvc - ok
10:59:40.0297 4988        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\windows\system32\sppuinotify.dll
10:59:40.0359 4988        sppuinotify - ok
10:59:40.0453 4988        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\windows\system32\DRIVERS\srv.sys
10:59:40.0484 4988        srv - ok
10:59:40.0562 4988        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\windows\system32\DRIVERS\srv2.sys
10:59:40.0609 4988        srv2 - ok
10:59:40.0640 4988        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\windows\system32\DRIVERS\srvnet.sys
10:59:40.0656 4988        srvnet - ok
10:59:40.0718 4988        ssadbus        (8f8324ed1de63ffc7b1a02cd2d963c72) C:\windows\system32\DRIVERS\ssadbus.sys
10:59:40.0749 4988        ssadbus - ok
10:59:40.0796 4988        ssadmdfl        (58221efcb74167b73667f0024c661ce0) C:\windows\system32\DRIVERS\ssadmdfl.sys
10:59:40.0812 4988        ssadmdfl - ok
10:59:40.0874 4988        ssadmdm        (4da7c71bfac5ad71255b7e4cab980163) C:\windows\system32\DRIVERS\ssadmdm.sys
10:59:40.0905 4988        ssadmdm - ok
10:59:40.0937 4988        ssadserd        (d33d1bd3ec0e766211a234f56a12726d) C:\windows\system32\DRIVERS\ssadserd.sys
10:59:40.0952 4988        ssadserd - ok
10:59:40.0999 4988        sscdbus        (ed161b91fdf7eaa39469d72d463d5f4e) C:\windows\system32\DRIVERS\sscdbus.sys
10:59:41.0030 4988        sscdbus - ok
10:59:41.0030 4988        sscdmdfl        (4cb09e77593dbd8d7af33b37375ca715) C:\windows\system32\DRIVERS\sscdmdfl.sys
10:59:41.0046 4988        sscdmdfl - ok
10:59:41.0077 4988        sscdmdm        (c7b4cf53497a6e5363f3439427663882) C:\windows\system32\DRIVERS\sscdmdm.sys
10:59:41.0093 4988        sscdmdm - ok
10:59:41.0124 4988        sscdserd        (05ffa552f578e27ab2d41b6828db477f) C:\windows\system32\DRIVERS\sscdserd.sys
10:59:41.0124 4988        sscdserd - ok
10:59:41.0202 4988        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\windows\System32\ssdpsrv.dll
10:59:41.0264 4988        SSDPSRV - ok
10:59:41.0280 4988        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\windows\system32\sstpsvc.dll
10:59:41.0327 4988        SstpSvc - ok
10:59:41.0405 4988        ssudmdm        (78cd64791f8634cf7b582fd085e57c4b) C:\windows\system32\DRIVERS\ssudmdm.sys
10:59:41.0436 4988        ssudmdm - ok
10:59:41.0498 4988        ssudserd        (dfb8e60fcad331662a25c1133e6902bb) C:\windows\system32\DRIVERS\ssudserd.sys
10:59:41.0529 4988        ssudserd - ok
10:59:41.0545 4988        StarOpen - ok
10:59:41.0576 4988        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\windows\system32\DRIVERS\stexstor.sys
10:59:41.0592 4988        stexstor - ok
10:59:41.0685 4988        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\windows\System32\wiaservc.dll
10:59:41.0732 4988        stisvc - ok
10:59:41.0779 4988        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\windows\system32\drivers\swenum.sys
10:59:41.0810 4988        swenum - ok
10:59:41.0888 4988        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\windows\System32\swprv.dll
10:59:41.0951 4988        swprv - ok
10:59:41.0982 4988        SynTP          (8f63178d1db81bb79270ae55ecdd8321) C:\windows\system32\DRIVERS\SynTP.sys
10:59:41.0997 4988        SynTP - ok
10:59:42.0185 4988        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\windows\system32\sysmain.dll
10:59:42.0247 4988        SysMain - ok
10:59:42.0419 4988        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\windows\System32\TabSvc.dll
10:59:42.0465 4988        TabletInputService - ok
10:59:42.0543 4988        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\windows\System32\tapisrv.dll
10:59:42.0590 4988        TapiSrv - ok
10:59:42.0637 4988        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\windows\System32\tbssvc.dll
10:59:42.0684 4988        TBS - ok
10:59:42.0918 4988        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\drivers\tcpip.sys
10:59:42.0965 4988        Tcpip - ok
10:59:43.0292 4988        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\windows\system32\DRIVERS\tcpip.sys
10:59:43.0339 4988        TCPIP6 - ok
10:59:43.0511 4988        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\windows\system32\drivers\tcpipreg.sys
10:59:43.0557 4988        tcpipreg - ok
10:59:43.0589 4988        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\windows\system32\drivers\tdpipe.sys
10:59:43.0604 4988        TDPIPE - ok
10:59:43.0651 4988        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\windows\system32\drivers\tdtcp.sys
10:59:43.0682 4988        TDTCP - ok
10:59:43.0745 4988        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\windows\system32\DRIVERS\tdx.sys
10:59:43.0791 4988        tdx - ok
10:59:43.0854 4988        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\windows\system32\drivers\termdd.sys
10:59:43.0885 4988        TermDD - ok
10:59:43.0947 4988        TermService    (2e648163254233755035b46dd7b89123) C:\windows\System32\termsrv.dll
10:59:44.0010 4988        TermService - ok
10:59:44.0072 4988        TFsExDisk      (ce4b6956e4e12492715a53076e58761f) C:\windows\System32\Drivers\TFsExDisk.sys
10:59:44.0103 4988        TFsExDisk - ok
10:59:44.0135 4988        Themes          (f0344071948d1a1fa732231785a0664c) C:\windows\system32\themeservice.dll
10:59:44.0150 4988        Themes - ok
10:59:44.0197 4988        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\windows\system32\mmcss.dll
10:59:44.0259 4988        THREADORDER - ok
10:59:44.0291 4988        TlntSvr        (519cb7d7f697f4ba47de05845c20f158) C:\windows\System32\tlntsvr.exe
10:59:44.0306 4988        TlntSvr - ok
10:59:44.0353 4988        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\windows\System32\trkwks.dll
10:59:44.0400 4988        TrkWks - ok
10:59:44.0509 4988        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\windows\servicing\TrustedInstaller.exe
10:59:44.0571 4988        TrustedInstaller - ok
10:59:44.0618 4988        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\windows\system32\DRIVERS\tssecsrv.sys
10:59:44.0681 4988        tssecsrv - ok
10:59:44.0743 4988        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\windows\system32\drivers\tsusbflt.sys
10:59:44.0759 4988        TsUsbFlt - ok
10:59:44.0837 4988        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\windows\system32\DRIVERS\tunnel.sys
10:59:44.0899 4988        tunnel - ok
10:59:45.0102 4988        TVersityMediaServer (06bccb3bf0d06adccc4ebc8ef682dd59) C:\ProgramData\TVersity\Media Server\MediaServer.exe
10:59:45.0149 4988        TVersityMediaServer - ok
10:59:45.0336 4988        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\windows\system32\DRIVERS\uagp35.sys
10:59:45.0367 4988        uagp35 - ok
10:59:45.0429 4988        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\windows\system32\DRIVERS\udfs.sys
10:59:45.0507 4988        udfs - ok
10:59:45.0539 4988        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\windows\system32\UI0Detect.exe
10:59:45.0554 4988        UI0Detect - ok
10:59:45.0601 4988        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\windows\system32\drivers\uliagpkx.sys
10:59:45.0632 4988        uliagpkx - ok
10:59:45.0695 4988        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\windows\system32\drivers\umbus.sys
10:59:45.0726 4988        umbus - ok
10:59:45.0741 4988        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\windows\system32\DRIVERS\umpass.sys
10:59:45.0773 4988        UmPass - ok
10:59:46.0069 4988        UNS            (765f2dd351ba064f657751d8d75e58c0) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:59:46.0131 4988        UNS - ok
10:59:46.0319 4988        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\windows\System32\upnphost.dll
10:59:46.0381 4988        upnphost - ok
10:59:46.0443 4988        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\windows\system32\Drivers\usbaapl64.sys
10:59:46.0459 4988        USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
10:59:46.0459 4988        USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
10:59:46.0521 4988        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\windows\system32\DRIVERS\usbccgp.sys
10:59:46.0537 4988        usbccgp - ok
10:59:46.0599 4988        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\windows\system32\drivers\usbcir.sys
10:59:46.0631 4988        usbcir - ok
10:59:46.0693 4988        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\windows\system32\drivers\usbehci.sys
10:59:46.0724 4988        usbehci - ok
10:59:46.0755 4988        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\windows\system32\DRIVERS\usbhub.sys
10:59:46.0771 4988        usbhub - ok
10:59:46.0833 4988        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\windows\system32\drivers\usbohci.sys
10:59:46.0865 4988        usbohci - ok
10:59:46.0896 4988        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\windows\system32\DRIVERS\usbprint.sys
10:59:46.0911 4988        usbprint - ok
10:59:46.0974 4988        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\windows\system32\DRIVERS\usbscan.sys
10:59:47.0021 4988        usbscan - ok
10:59:47.0052 4988        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\windows\system32\DRIVERS\USBSTOR.SYS
10:59:47.0067 4988        USBSTOR - ok
10:59:47.0083 4988        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\windows\system32\drivers\usbuhci.sys
10:59:47.0099 4988        usbuhci - ok
10:59:47.0161 4988        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\windows\System32\Drivers\usbvideo.sys
10:59:47.0208 4988        usbvideo - ok
10:59:47.0239 4988        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\windows\System32\uxsms.dll
10:59:47.0301 4988        UxSms - ok
10:59:47.0348 4988        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\windows\system32\lsass.exe
10:59:47.0379 4988        VaultSvc - ok
10:59:47.0426 4988        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\windows\system32\drivers\vdrvroot.sys
10:59:47.0457 4988        vdrvroot - ok
10:59:47.0551 4988        vds            (8d6b481601d01a456e75c3210f1830be) C:\windows\System32\vds.exe
10:59:47.0629 4988        vds - ok
10:59:47.0676 4988        vflt            (00c7df4f50962ba218ab60d32869100b) C:\windows\system32\DRIVERS\vfilter.sys
10:59:47.0676 4988        vflt ( UnsignedFile.Multi.Generic ) - warning
10:59:47.0676 4988        vflt - detected UnsignedFile.Multi.Generic (1)
10:59:47.0707 4988        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\windows\system32\DRIVERS\vgapnp.sys
10:59:47.0754 4988        vga - ok
10:59:47.0769 4988        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\windows\System32\drivers\vga.sys
10:59:47.0816 4988        VgaSave - ok
10:59:47.0879 4988        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\windows\system32\drivers\vhdmp.sys
10:59:47.0910 4988        vhdmp - ok
10:59:47.0957 4988        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\windows\system32\drivers\viaide.sys
10:59:47.0988 4988        viaide - ok
10:59:48.0035 4988        vnet            (a99ca064ad11266fe7067a79bf78bbb5) C:\windows\system32\DRIVERS\virtualnet.sys
10:59:48.0035 4988        vnet ( UnsignedFile.Multi.Generic ) - warning
10:59:48.0035 4988        vnet - detected UnsignedFile.Multi.Generic (1)
10:59:48.0097 4988        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\windows\system32\drivers\volmgr.sys
10:59:48.0128 4988        volmgr - ok
10:59:48.0206 4988        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\windows\system32\drivers\volmgrx.sys
10:59:48.0237 4988        volmgrx - ok
10:59:48.0315 4988        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\windows\system32\drivers\volsnap.sys
10:59:48.0347 4988        volsnap - ok
10:59:48.0347 4988        vpnva - ok
10:59:48.0409 4988        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\windows\system32\DRIVERS\vsmraid.sys
10:59:48.0425 4988        vsmraid - ok
10:59:48.0612 4988        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\windows\system32\vssvc.exe
10:59:48.0690 4988        VSS - ok
10:59:48.0846 4988        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\windows\system32\DRIVERS\vwifibus.sys
10:59:48.0877 4988        vwifibus - ok
10:59:48.0893 4988        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\windows\system32\DRIVERS\vwififlt.sys
10:59:48.0908 4988        vwififlt - ok
10:59:48.0939 4988        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\windows\system32\DRIVERS\vwifimp.sys
10:59:48.0955 4988        vwifimp - ok
10:59:49.0033 4988        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\windows\system32\w32time.dll
10:59:49.0095 4988        W32Time - ok
10:59:49.0127 4988        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\windows\system32\DRIVERS\wacompen.sys
10:59:49.0142 4988        WacomPen - ok
10:59:49.0189 4988        WANARP          (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
10:59:49.0251 4988        WANARP - ok
10:59:49.0251 4988        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\windows\system32\DRIVERS\wanarp.sys
10:59:49.0298 4988        Wanarpv6 - ok
10:59:49.0470 4988        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\windows\system32\wbengine.exe
10:59:49.0532 4988        wbengine - ok
10:59:49.0704 4988        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\windows\System32\wbiosrvc.dll
10:59:49.0751 4988        WbioSrvc - ok
10:59:49.0829 4988        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\windows\System32\wcncsvc.dll
10:59:49.0891 4988        wcncsvc - ok
10:59:49.0907 4988        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\windows\System32\WcsPlugInService.dll
10:59:49.0922 4988        WcsPlugInService - ok
10:59:50.0016 4988        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\windows\system32\DRIVERS\wd.sys
10:59:50.0031 4988        Wd - ok
10:59:50.0109 4988        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\windows\system32\drivers\Wdf01000.sys
10:59:50.0156 4988        Wdf01000 - ok
10:59:50.0187 4988        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
10:59:50.0219 4988        WdiServiceHost - ok
10:59:50.0234 4988        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\windows\system32\wdi.dll
10:59:50.0250 4988        WdiSystemHost - ok
10:59:50.0312 4988        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\windows\System32\webclnt.dll
10:59:50.0343 4988        WebClient - ok
10:59:50.0375 4988        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\windows\system32\wecsvc.dll
10:59:50.0437 4988        Wecsvc - ok
10:59:50.0453 4988        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\windows\System32\wercplsupport.dll
10:59:50.0499 4988        wercplsupport - ok
10:59:50.0515 4988        WerSvc          (6d137963730144698cbd10f202e9f251) C:\windows\System32\WerSvc.dll
10:59:50.0562 4988        WerSvc - ok
10:59:50.0640 4988        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\windows\system32\DRIVERS\wfplwf.sys
10:59:50.0702 4988        WfpLwf - ok
10:59:50.0718 4988        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\windows\system32\drivers\wimmount.sys
10:59:50.0733 4988        WIMMount - ok
10:59:50.0765 4988        WinDefend - ok
10:59:50.0780 4988        WinHttpAutoProxySvc - ok
10:59:50.0874 4988        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\windows\system32\wbem\WMIsvc.dll
10:59:50.0952 4988        Winmgmt - ok
10:59:51.0170 4988        WinRM          (bcb1310604aa415c4508708975b3931e) C:\windows\system32\WsmSvc.dll
10:59:51.0264 4988        WinRM - ok
10:59:51.0451 4988        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\windows\system32\DRIVERS\WinUsb.sys
10:59:51.0482 4988        WinUsb - ok
10:59:51.0576 4988        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\windows\System32\wlansvc.dll
10:59:51.0623 4988        Wlansvc - ok
10:59:51.0669 4988        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\windows\system32\drivers\wmiacpi.sys
10:59:51.0701 4988        WmiAcpi - ok
10:59:51.0810 4988        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\windows\system32\wbem\WmiApSrv.exe
10:59:51.0841 4988        wmiApSrv - ok
10:59:51.0919 4988        WMPNetworkSvc - ok
10:59:51.0950 4988        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\windows\System32\wpcsvc.dll
10:59:51.0981 4988        WPCSvc - ok
10:59:52.0044 4988        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\windows\system32\wpdbusenum.dll
10:59:52.0075 4988        WPDBusEnum - ok
10:59:52.0106 4988        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\windows\system32\drivers\ws2ifsl.sys
10:59:52.0153 4988        ws2ifsl - ok
10:59:52.0184 4988        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\windows\System32\wscsvc.dll
10:59:52.0200 4988        wscsvc - ok
10:59:52.0215 4988        WSearch - ok
10:59:52.0434 4988        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\windows\system32\wuaueng.dll
10:59:52.0496 4988        wuauserv - ok
10:59:52.0699 4988        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\windows\system32\drivers\WudfPf.sys
10:59:52.0746 4988        WudfPf - ok
10:59:52.0793 4988        WUDFRd          (cf8d590be3373029d57af80914190682) C:\windows\system32\DRIVERS\WUDFRd.sys
10:59:52.0824 4988        WUDFRd - ok
10:59:52.0886 4988        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\windows\System32\WUDFSvc.dll
10:59:52.0964 4988        wudfsvc - ok
10:59:53.0027 4988        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\windows\System32\wwansvc.dll
10:59:53.0058 4988        WwanSvc - ok
10:59:53.0089 4988        MBR (0x1B8)    (77a4fe43427b9d4037d059eb3f6742a3) \Device\Harddisk0\DR0
10:59:53.0136 4988        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - infected
10:59:53.0136 4988        \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.a (0)
10:59:53.0245 4988        \Device\Harddisk0\DR0 ( TDSS File System ) - warning
10:59:53.0245 4988        \Device\Harddisk0\DR0 - detected TDSS File System (1)
10:59:53.0276 4988        Boot (0x1200)  (50a0b6b96dde02ffa90b00ef4b9e76d4) \Device\Harddisk0\DR0\Partition0
10:59:53.0276 4988        \Device\Harddisk0\DR0\Partition0 - ok
10:59:53.0292 4988        Boot (0x1200)  (bf218d235dd6e5ac320a49273e5e8a8f) \Device\Harddisk0\DR0\Partition1
10:59:53.0307 4988        \Device\Harddisk0\DR0\Partition1 - ok
10:59:53.0307 4988        ============================================================
10:59:53.0307 4988        Scan finished
10:59:53.0307 4988        ============================================================
10:59:53.0307 4960        Detected object count: 8
10:59:53.0307 4960        Actual detected object count: 8
11:00:03.0401 4960        Connectify ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0401 4960        Connectify ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0401 4960        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0401 4960        FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0416 4960        Micro Star SCM ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0416 4960        Micro Star SCM ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0416 4960        USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0416 4960        USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0416 4960        vflt ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0416 4960        vflt ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0416 4960        vnet ( UnsignedFile.Multi.Generic ) - skipped by user
11:00:03.0416 4960        vnet ( UnsignedFile.Multi.Generic ) - User select action: Skip
11:00:03.0416 4960        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - skipped by user
11:00:03.0416 4960        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Skip
11:00:03.0432 4960        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:00:03.0432 4960        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Die aswMBR.exe habe ich heruntergeladen, aber nach Doppelklick bzw. Rechtsklick -> "Als Administrator ausführen" passiert nichts. Antiviren-Programm war ausgeschaltet.

Chris4You 04.07.2012 10:23
Hi,

ok, zweiter Lauf für den Killer, die Einträge (und nur die)
Code:
11:00:03.0416 4960        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - skipped by user
11:00:03.0416 4960        \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.a ) - User select action: Skip
11:00:03.0432 4960        \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
11:00:03.0432 4960        \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
mit Cure auswählen
http://support.kaspersky.com/de/imag.../2663_2_en.png
Nach Klicken auf die Schaltfläche Continue gehts dann weiter, nach Abschluss ist ein Neustart erforderlich.

Nach dem Neustart nochmal ein neues Log vom Killer posten...

chris

firstLINE 04.07.2012 10:29
Bei TDSS File System lässt sich nur "Copy to quarantine" und "delete" auswählen. Was soll ich nehmen?

Chris4You 04.07.2012 10:52
Hi,

lass es mal stehen, wenn der Bootblock bereinigt ist sollte es keine rolle mehr spielen...

wir lassen später noch CF los, danach widmen wir uns wieder dem TDSS-Filesystem...

chris

firstLINE 04.07.2012 11:21
Nachdem ich auf "Continue" geklickt hab, kommt die Meldung "Can't cure MBR. Write standard boot code?"

Und mein Anti-Virenprogramm schlägt auch Alarm.

Chris4You 04.07.2012 12:37
Hi,

was besonderes beim MBR, d.h. hast Du einen Laptop? Die verwenden meist spezielle Bootblöcke zur Wiederherstellung...

Hast du eine Installations-CD?

Wie lautet die Meldung des Antivireprogramm?

Läuft der hier:
MBR-Check
Lade Dir http://ad13.geekstogo.com/MBRCheck.exe und speichere die Datei auf dem Desktop.
  • Doppelklick auf die MBRCheck.exe.
  • Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Das Tool braucht nur eine Sekunde.
  • Danach solltest du eine MBRCheck_<Datum>_<Uhrzeit>.txt auf dem Desktop finden.
Poste bitte den Inhalt des .txt Dokumentes

chris

firstLINE 04.07.2012 13:12
Liste der Anhänge anzeigen (Anzahl: 1)
Jap, habe einen Laptop! Installations-CD hab ich gerade nicht zur Hand, aber eine ISO-Datei.. könnte theoretisch vom USB-Stick booten!

Das hier kam als Meldung:
Anhang 37010

MBR-Check
Code:
MBRCheck, version 1.2.3
(c) 2010, AD

Command-line:                       
Windows Version:                Windows 7 Home Premium Edition
Windows Information:                Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer:        Micro-Star International
BIOS Manufacturer:                American Megatrends Inc.
System Manufacturer:                Micro-Star International
System Product Name:                MS-1688
Logical Drives Mask:                0x0040001c

Kernel Drivers (total 157):
  0x0320B000 \SystemRoot\system32\ntoskrnl.exe
  0x037F3000 \SystemRoot\system32\hal.dll
  0x00B9C000 \SystemRoot\system32\kdcom.dll
  0x00CE5000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
  0x00D34000 \SystemRoot\system32\PSHED.dll
  0x00D48000 \SystemRoot\system32\CLFS.SYS
  0x00C00000 \SystemRoot\system32\CI.dll
  0x00EFD000 \SystemRoot\system32\drivers\Wdf01000.sys
  0x00FA1000 \SystemRoot\system32\drivers\WDFLDR.SYS
  0x00E00000 \SystemRoot\system32\drivers\ACPI.sys
  0x00E57000 \SystemRoot\system32\drivers\WMILIB.SYS
  0x00E60000 \SystemRoot\system32\drivers\msisadrv.sys
  0x00E6A000 \SystemRoot\system32\drivers\pci.sys
  0x00E9D000 \SystemRoot\system32\drivers\vdrvroot.sys
  0x00EAA000 \SystemRoot\System32\drivers\partmgr.sys
  0x00EBF000 \SystemRoot\system32\DRIVERS\compbatt.sys
  0x00EC8000 \SystemRoot\system32\DRIVERS\BATTC.SYS
  0x00ED4000 \SystemRoot\system32\drivers\volmgr.sys
  0x01089000 \SystemRoot\System32\drivers\volmgrx.sys
  0x010E5000 \SystemRoot\System32\drivers\mountmgr.sys
  0x012B0000 \SystemRoot\system32\DRIVERS\iaStor.sys
  0x014BA000 \SystemRoot\system32\drivers\atapi.sys
  0x014C3000 \SystemRoot\system32\drivers\ataport.SYS
  0x014ED000 \SystemRoot\system32\drivers\amdxata.sys
  0x014F8000 \SystemRoot\system32\drivers\fltmgr.sys
  0x01544000 \SystemRoot\system32\drivers\fileinfo.sys
  0x01605000 \SystemRoot\System32\Drivers\Ntfs.sys
  0x01558000 \SystemRoot\System32\Drivers\msrpc.sys
  0x017A8000 \SystemRoot\System32\Drivers\ksecdd.sys
  0x01200000 \SystemRoot\System32\Drivers\cng.sys
  0x017C3000 \SystemRoot\System32\drivers\pcw.sys
  0x017D4000 \SystemRoot\System32\Drivers\Fs_Rec.sys
  0x010FF000 \SystemRoot\system32\drivers\ndis.sys
  0x01000000 \SystemRoot\system32\drivers\NETIO.SYS
  0x015B6000 \SystemRoot\System32\Drivers\aswNdis2.sys
  0x01272000 \SystemRoot\System32\Drivers\ksecpkg.sys
  0x0182A000 \SystemRoot\System32\drivers\tcpip.sys
  0x01A2D000 \SystemRoot\System32\drivers\fwpkclnt.sys
  0x01A77000 \SystemRoot\system32\DRIVERS\aswNdis.sys
  0x01A7E000 \SystemRoot\system32\drivers\volsnap.sys
  0x01ACA000 \SystemRoot\System32\Drivers\spldr.sys
  0x01AD2000 \SystemRoot\System32\drivers\rdyboost.sys
  0x01B0C000 \SystemRoot\System32\Drivers\mup.sys
  0x01B1E000 \SystemRoot\System32\drivers\hwpolicy.sys
  0x01B27000 \SystemRoot\System32\DRIVERS\fvevol.sys
  0x01B61000 \SystemRoot\system32\DRIVERS\disk.sys
  0x01B77000 \SystemRoot\system32\DRIVERS\CLASSPNP.SYS
  0x044C4000 \SystemRoot\system32\drivers\cdrom.sys
  0x044EE000 \SystemRoot\System32\Drivers\aswSnx.SYS
  0x045DC000 \SystemRoot\System32\Drivers\Null.SYS
  0x045E5000 \SystemRoot\System32\Drivers\Beep.SYS
  0x045EC000 \SystemRoot\System32\Drivers\aswKbd.SYS
  0x04200000 \SystemRoot\System32\drivers\vga.sys
  0x0420E000 \SystemRoot\System32\drivers\VIDEOPRT.SYS
  0x04233000 \SystemRoot\System32\drivers\watchdog.sys
  0x04243000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
  0x0424C000 \SystemRoot\system32\drivers\rdpencdd.sys
  0x04255000 \SystemRoot\system32\drivers\rdprefmp.sys
  0x0425E000 \SystemRoot\System32\Drivers\Msfs.SYS
  0x04269000 \SystemRoot\System32\Drivers\Npfs.SYS
  0x0427A000 \SystemRoot\system32\DRIVERS\tdx.sys
  0x01BB5000 \SystemRoot\system32\DRIVERS\TDI.SYS
  0x01BC2000 \SystemRoot\System32\Drivers\aswFW.SYS
  0x01BE7000 \SystemRoot\System32\Drivers\aswTdi.SYS
  0x02E87000 \SystemRoot\system32\drivers\afd.sys
  0x02F10000 \SystemRoot\System32\Drivers\aswrdr2.sys
  0x02F20000 \SystemRoot\System32\DRIVERS\netbt.sys
  0x02F65000 \SystemRoot\system32\DRIVERS\wfplwf.sys
  0x02F6E000 \SystemRoot\system32\DRIVERS\pacer.sys
  0x02F94000 \SystemRoot\system32\DRIVERS\vwififlt.sys
  0x02FAA000 \SystemRoot\system32\DRIVERS\cnnctfy2.sys
  0x02FB4000 \SystemRoot\system32\DRIVERS\netbios.sys
  0x02FC3000 \SystemRoot\system32\DRIVERS\wanarp.sys
  0x02FDE000 \SystemRoot\system32\drivers\termdd.sys
  0x02E00000 \SystemRoot\system32\DRIVERS\rdbss.sys
  0x02E51000 \SystemRoot\system32\drivers\nsiproxy.sys
  0x02E5D000 \SystemRoot\system32\drivers\mssmbios.sys
  0x02E68000 \SystemRoot\System32\drivers\discache.sys
  0x01800000 \SystemRoot\System32\Drivers\dfsc.sys
  0x017DE000 \SystemRoot\system32\DRIVERS\blbdrive.sys
  0x04A9D000 \SystemRoot\System32\Drivers\aswSP.SYS
  0x04AF9000 \SystemRoot\system32\DRIVERS\tunnel.sys
  0x04B1F000 \SystemRoot\system32\DRIVERS\atikmpag.sys
  0x04C45000 \SystemRoot\system32\DRIVERS\atipmdag.sys
  0x0583E000 \SystemRoot\system32\DRIVERS\igdpmd64.sys
  0x05289000 \SystemRoot\System32\drivers\dxgkrnl.sys
  0x05FA9000 \SystemRoot\System32\drivers\dxgmms1.sys
  0x05FEF000 \SystemRoot\system32\DRIVERS\HECIx64.sys
  0x05800000 \SystemRoot\system32\drivers\usbehci.sys
  0x0537D000 \SystemRoot\system32\drivers\USBPORT.SYS
  0x05811000 \SystemRoot\system32\drivers\HDAudBus.sys
  0x060B9000 \SystemRoot\system32\DRIVERS\athrx.sys
  0x0635F000 \SystemRoot\system32\DRIVERS\vwifibus.sys
  0x0636C000 \SystemRoot\system32\DRIVERS\Rt64win7.sys
  0x06000000 \SystemRoot\system32\drivers\i8042prt.sys
  0x0601E000 \SystemRoot\system32\drivers\kbdclass.sys
  0x0602D000 \SystemRoot\system32\DRIVERS\SynTP.sys
  0x0607A000 \SystemRoot\system32\DRIVERS\USBD.SYS
  0x0607C000 \SystemRoot\system32\drivers\mouclass.sys
  0x0608B000 \SystemRoot\system32\DRIVERS\CmBatt.sys
  0x06090000 \SystemRoot\system32\drivers\wmiacpi.sys
  0x06099000 \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
  0x053D3000 \SystemRoot\system32\DRIVERS\Impcd.sys
  0x04C00000 \SystemRoot\system32\DRIVERS\intelppm.sys
  0x060A6000 \SystemRoot\system32\drivers\CompositeBus.sys
  0x04C16000 \SystemRoot\system32\DRIVERS\AgileVpn.sys
  0x04B4B000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
  0x063F1000 \SystemRoot\system32\DRIVERS\ndistapi.sys
  0x04B6F000 \SystemRoot\system32\DRIVERS\ndiswan.sys
  0x04B9E000 \SystemRoot\system32\DRIVERS\raspppoe.sys
  0x04BB9000 \SystemRoot\system32\DRIVERS\raspptp.sys
  0x04BDA000 \SystemRoot\system32\DRIVERS\rassstp.sys
  0x063FD000 \SystemRoot\system32\drivers\swenum.sys
  0x04A00000 \SystemRoot\system32\drivers\ks.sys
  0x04C2C000 \SystemRoot\system32\drivers\umbus.sys
  0x04A43000 \SystemRoot\system32\DRIVERS\usbhub.sys
  0x01060000 \SystemRoot\System32\Drivers\NDProxy.SYS
  0x06E84000 \SystemRoot\system32\drivers\RTKVHD64.sys
  0x070AC000 \SystemRoot\system32\drivers\portcls.sys
  0x070E9000 \SystemRoot\system32\drivers\drmk.sys
  0x0710B000 \SystemRoot\system32\drivers\ksthunk.sys
  0x07111000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
  0x07158000 \SystemRoot\System32\Drivers\crashdmp.sys
  0x0429C000 \SystemRoot\System32\Drivers\dump_iaStor.sys
  0x07166000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
  0x07179000 \SystemRoot\system32\drivers\hidusb.sys
  0x07187000 \SystemRoot\system32\drivers\HIDCLASS.SYS
  0x071A0000 \SystemRoot\system32\drivers\HIDPARSE.SYS
  0x071A9000 \SystemRoot\system32\DRIVERS\mouhid.sys
  0x000E0000 \SystemRoot\System32\win32k.sys
  0x071B6000 \SystemRoot\System32\drivers\Dxapi.sys
  0x071C2000 \SystemRoot\system32\DRIVERS\monitor.sys
  0x005B0000 \SystemRoot\System32\TSDDD.dll
  0x007B0000 \SystemRoot\System32\cdd.dll
  0x00940000 \SystemRoot\System32\ATMFD.DLL
  0x071D0000 \SystemRoot\system32\drivers\luafv.sys
  0x06E00000 \??\C:\windows\system32\drivers\aswMonFlt.sys
  0x06E21000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
  0x06E2A000 \SystemRoot\system32\drivers\WudfPf.sys
  0x06E4B000 \SystemRoot\system32\DRIVERS\lltdio.sys
  0x06E60000 \SystemRoot\system32\DRIVERS\rspndr.sys
  0x028DA000 \SystemRoot\system32\drivers\HTTP.sys
  0x029A3000 \SystemRoot\system32\DRIVERS\bowser.sys
  0x029C1000 \SystemRoot\System32\drivers\mpsdrv.sys
  0x02800000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
  0x0282D000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
  0x0287B000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
  0x05618000 \SystemRoot\system32\drivers\peauth.sys
  0x056BE000 \SystemRoot\System32\Drivers\secdrv.SYS
  0x056C9000 \SystemRoot\System32\DRIVERS\srvnet.sys
  0x056FA000 \SystemRoot\System32\drivers\tcpipreg.sys
  0x0570C000 \SystemRoot\System32\DRIVERS\srv2.sys
  0x06C77000 \SystemRoot\System32\DRIVERS\srv.sys
  0x76EC0000 \Windows\System32\ntdll.dll
  0x47750000 \Windows\System32\smss.exe
  0xFF1E0000 \Windows\System32\apisetschema.dll
  0xFFB50000 \Windows\System32\autochk.exe

Processes (total 55):
      0 System Idle Process
      4 System
    344 C:\Windows\System32\smss.exe
    488 csrss.exe
    548 C:\Windows\System32\wininit.exe
    576 csrss.exe
    608 C:\Windows\System32\services.exe
    632 C:\Windows\System32\lsass.exe
    640 C:\Windows\System32\lsm.exe
    740 C:\Windows\System32\svchost.exe
    836 C:\Windows\System32\svchost.exe
    884 C:\Windows\System32\atiesrxx.exe
    932 C:\Windows\System32\winlogon.exe
    972 C:\Windows\System32\svchost.exe
    1016 C:\Windows\System32\svchost.exe
    376 C:\Windows\System32\svchost.exe
    1036 C:\Windows\System32\svchost.exe
    1140 C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    1224 C:\Windows\System32\atieclxx.exe
    1380 C:\Program Files\AVAST Software\Avast\afwServ.exe
    1524 C:\Windows\System32\spoolsv.exe
    1564 C:\Windows\System32\svchost.exe
    1728 C:\Windows\System32\taskhost.exe
    1816 C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
    1948 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    1968 C:\Windows\System32\dwm.exe
    2028 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    1160 C:\Windows\explorer.exe
    1668 C:\Program Files (x86)\System Control Manager\MSIService.exe
    2076 C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    2168 C:\Windows\System32\svchost.exe
    3068 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    1244 C:\Program Files\Windows Sidebar\sidebar.exe
    1240 C:\Program Files (x86)\NirSoft\Volumouse\volumouse.exe
    2124 C:\Windows\System32\StikyNot.exe
    2316 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    2284 C:\Program Files\AVAST Software\Avast\AvastUI.exe
    1984 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    1204 C:\Windows\System32\SearchIndexer.exe
    3324 C:\Program Files\Windows Media Player\wmpnetwk.exe
    3560 C:\Windows\System32\svchost.exe
    1620 C:\Windows\System32\svchost.exe
    4036 C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
    2812 C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    4756 C:\Windows\System32\wuauclt.exe
    1356 C:\Windows\SysWOW64\ctfmon.exe
    3432 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    4568 C:\Windows\System32\SearchProtocolHost.exe
    5028 C:\Windows\System32\SearchFilterHost.exe
    1268 C:\Windows\System32\igfxsrvc.exe
    3736 C:\Program Files (x86)\WinRAR 3.61 Multi\RarExtLoader.exe
    1192 C:\Users\Patrick\Desktop\MBRCheck.exe
    4740 C:\Windows\System32\svchost.exe
    4788 C:\Windows\System32\conhost.exe
    2308 C:\Windows\System32\dllhost.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000003`06500000  (NTFS)
\\.\D: --> \\.\PhysicalDrive0 at offset 0x0000002e`39300000  (NTFS)
\\.\W: --> \\.\PhysicalDrive0 at offset 0x00000000`00100000  (NTFS)

PhysicalDrive0 Model Number: WDCWD3200BEVT-22A23T0, Rev: 01.01A01

      Size  Device Name          MBR Status
  --------------------------------------------
    298 GB  \\.\PhysicalDrive0  MBR Code Faked!
            SHA1: E11644D9ED19FDC1C9757EA540FD8432A3ECA10E


Found non-standard or infected MBR.
Enter 'Y' and hit ENTER for more options, or 'N' to exit:

Chris4You 04.07.2012 13:31
Hi,

die Gretchenfrage ist, wird ein Standardbootblock verwendet oder hat der Notebookhersteller einen eigenen, geänderten.
Darum bin ich da immer extrem vorsichtig, nicht das der Rechner nachher nichtmehr bootet..

Bereite auf jeden Fall den Stick als Bootemedium vor...

Sicher ist, der MBR ist infiziert und muß platt gemacht werden... Entweder lässt Du den Killer den Code überschreiben oder drückst bei MBR-Check "y" und lässt folgst den weiteren Anweisungen und lässt ihn dann bügeln (win7)...

Dabei sicherheitshalber Avast ausschalten, der könnte die Zugriffe der Tools stören/blocken (das was Avat gemeldet hat, liegt in der Quarantäne des Killers (der hat sich schon ein Backup des aktuellen MBRs gemacht ;o))...

Wir können auch eine Win7-ReparaturDVD erstellen und von der den MBR fixen lassen:
Beheben und Reparieren von Startproblemen in Windows Vista mit dem Hilfsprogramm "Bootrec.exe" in der Windows-Wiederherstellungsumgebung

Reparatur unter der Recovery-Konsole Win 7 -> siehe weiter unten
Wie im Link beschrieben vorgehen und dann in der Konsole bootrec.exe /FixMbr eingeben.
Tipparchiv - MBR unter Vista oder Windows 7 reparieren - WinTotal.de

Falls keine WIN7-Boot-DVD vorhanden:
Lade folgendes Abbild runter und brenne es via Nero etc. (ImageBurn:ImgBurn Download - ImgBurn 2.5.6.0) auf DVD (64 Bit):
Windows_7_64
(32 Bit):Windows_7_32-bit
Dann von dieser DVD starten und wie beschrieben vorgehen!

Falls der MBR zerschossen wird, kannst Du ja noch vom Stick booten und so Datenretten...

chris

firstLINE 04.07.2012 14:32
Könnte ich auch einfach Win7 neu aufsetzen?
Ich hab mir die ISO-Datei von Chip heruntergeladen und auf meinen USB-Stick gezogen (bootfähig). Würde es reichen, wenn ich damit mein Windows neu installiere? Oder steckt der Virus dann immernoch im System?

Und noch eine Frage: Was passiert im Moment mit meinem Laptop? Sind irgendwelche Keylogger aktiv oder werden ständig Daten ausgelesen (welche Websiten ich besuche etc.)?

Danke für die Anleitungen!

Chris4You 04.07.2012 14:36
Hi,

Nein, TDSS leitet Internet (Google) um...
Was sich sonst unter dem Tarnschirm versteckt wird man sehen...

Mach einfach den MBR mal platt und boote dann neu...
TDSS infiziert normalerweise noch einen Treiber, d.h. nach dem neuschreiben und reboot mus das hier noch getan werden:

Combofix
Lade Combo Fix von http://download.bleepingcomputer.com/sUBs/ComboFix.exe und speichert es auf den Desktop.

Achtung: In einigen wenigen Fällen kann es vorkommen, das der Rechner nicht mehr booten kann und Neuaufgesetzt werden muß!

Alle Fenster schliessen und combofix.exe starten und bestätige die folgende Abfrage mit 1 und drücke Enter.

Der Scan mit Combofix kann einige Zeit in Anspruch nehmen, also habe etwas Geduld. Während des Scans bitte nichts am Rechner unternehmen
Es kann möglich sein, dass der Rechner zwischendurch neu gestartet wird.
Nach Scanende wird ein Report (ComboFix.txt) angezeigt, den bitte kopieren und in deinem Thread einfuegen. Das Log solltest Du unter C:\ComboFix.txt finden...

chris

firstLINE 04.07.2012 20:30
MBR ist plattgemacht (zumindest erscheint keine Meldung mehr, wenn ich mit dem TDSS-Killer scannen lasse)

#Edit: Das Laden von Websiten geht jetzt deutlich schneller vonstatten!

ComboFix.txt
Code:
ComboFix 12-07-04.01 - Patrick 04.07.2012  15:52:14.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.3886.2626 [GMT 2:00]
ausgeführt von:: c:\users\Patrick\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Family Keylogger 4
c:\programdata\Microsoft\Windows\Start Menu\Programs\Family Keylogger 4\Family Keylogger.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Family Keylogger 4\Help.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Family Keylogger 4\Quick Start.lnk
c:\programdata\Microsoft\Windows\Start Menu\Programs\Family Keylogger 4\Uninstall.lnk
c:\windows\IsUn0407.exe
c:\windows\system32\drivers\etc\hosts.ics
c:\windows\SysWow64\muzapp.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-04 bis 2012-07-04  ))))))))))))))))))))))))))))))
.
.
2012-07-04 08:53 . 2012-07-04 08:53        --------        d-----w-        C:\TDSS
2012-07-04 06:55 . 2012-07-04 06:55        --------        d-----w-        C:\_OTL
2012-07-04 00:10 . 2012-07-04 00:10        --------        d-----w-        c:\programdata\Martau
2012-07-04 00:09 . 2012-07-04 00:10        --------        d-----w-        c:\program files\Total Uninstall 6
2012-07-03 17:44 . 2012-07-03 16:21        142128        ----a-w-        c:\windows\system32\drivers\aswFW.sys
2012-07-03 17:44 . 2012-07-03 16:21        266776        ----a-w-        c:\windows\system32\drivers\aswNdis2.sys
2012-07-03 17:44 . 2012-07-03 16:21        19600        ----a-w-        c:\windows\system32\drivers\aswKbd.sys
2012-07-03 17:44 . 2012-06-27 20:33        12368        ----a-w-        c:\windows\system32\drivers\aswNdis.sys
2012-07-03 17:16 . 2012-07-03 16:21        355856        ----a-w-        c:\windows\system32\drivers\aswSP.sys
2012-07-03 17:16 . 2012-07-03 16:21        25232        ----a-w-        c:\windows\system32\drivers\aswFsBlk.sys
2012-07-03 17:16 . 2012-07-03 16:21        59728        ----a-w-        c:\windows\system32\drivers\aswTdi.sys
2012-07-03 17:16 . 2012-07-03 16:21        54072        ----a-w-        c:\windows\system32\drivers\aswRdr2.sys
2012-07-03 17:16 . 2012-07-03 16:21        958400        ----a-w-        c:\windows\system32\drivers\aswSnx.sys
2012-07-03 17:16 . 2012-07-03 16:21        71064        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys
2012-07-03 17:16 . 2012-07-03 16:21        285328        ----a-w-        c:\windows\system32\aswBoot.exe
2012-07-03 17:15 . 2012-07-03 16:21        41224        ----a-w-        c:\windows\avastSS.scr
2012-07-03 17:15 . 2012-07-03 16:21        227648        ----a-w-        c:\windows\SysWow64\aswBoot.exe
2012-07-03 17:15 . 2012-07-03 17:15        --------        d-----w-        c:\programdata\AVAST Software
2012-07-03 17:15 . 2012-07-03 17:15        --------        d-----w-        c:\program files\AVAST Software
2012-07-03 02:14 . 2012-07-03 02:14        --------        d-----w-        c:\users\Patrick\AppData\Roaming\Malwarebytes
2012-07-03 02:14 . 2012-07-03 02:14        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-03 02:14 . 2012-07-03 02:14        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-01 21:48 . 2012-07-02 20:57        --------        d-----w-        c:\users\Patrick\AppData\Local\Spotify
2012-07-01 21:48 . 2012-07-03 00:53        --------        d-----w-        c:\users\Patrick\AppData\Roaming\Spotify
2012-06-23 12:51 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-23 12:51 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-23 12:51 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll
2012-06-23 12:51 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-23 12:50 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll
2012-06-23 12:50 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-23 12:50 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-23 12:50 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-23 12:50 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-23 12:47 . 2012-06-23 12:47        --------        d-----w-        c:\users\Patrick\AppData\Local\Macromedia
2012-06-13 14:15 . 2012-04-26 05:41        77312        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-06-13 14:15 . 2012-04-26 05:41        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-06-13 14:15 . 2012-04-26 05:34        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe
2012-06-13 14:15 . 2012-05-04 11:06        5559664        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-06-13 14:15 . 2012-05-04 10:03        3968368        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-06-13 14:15 . 2012-05-04 10:03        3913072        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-06-13 14:15 . 2012-05-15 01:32        3146752        ----a-w-        c:\windows\system32\win32k.sys
2012-06-13 14:15 . 2012-04-28 03:55        210944        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-06-11 11:00 . 2012-06-11 11:00        770384        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcr100.dll
2012-06-11 11:00 . 2012-06-11 11:00        421200        ----a-w-        c:\program files (x86)\Mozilla Firefox\msvcp100.dll
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-23 12:40 . 2012-04-05 19:07        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-23 12:40 . 2011-05-16 09:39        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-29 18:51 . 2011-05-29 02:18        270240        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2012-05-29 18:51 . 2011-05-29 02:12        270240        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2012-05-28 23:20 . 2011-05-29 02:12        270240        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2012-05-05 00:31 . 2012-04-13 18:31        8744608        ----a-w-        c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        94208        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        94208        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        94208        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        94208        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"$Volumouse$"="c:\program files (x86)\NirSoft\Volumouse\volumouse.exe" [2012-01-08 35328]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]
.
c:\users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Patrick\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]
Firefox.lnk - c:\program files (x86)\Mozilla Firefox\firefox.exe [2010-9-15 913888]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux2"=wdmaud.drv
.
R1 vflt;Shrew Soft Lightweight Filter;c:\windows\system32\DRIVERS\vfilter.sys [2010-09-02 21504]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2011-12-08 36328]
R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys [2009-05-26 19968]
R3 Connectify;Connectify;c:\program files (x86)\Connectify\ConnectifyService.exe [2011-12-01 69632]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-24 99384]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys [x]
R3 EUCR;EUCR;c:\windows\system32\DRIVERS\EUCR6SK.SYS [2009-12-05 87888]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-18 113120]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-12-08 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-12-08 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-12-08 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-12-08 146920]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-24 203320]
R3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudserd.sys [2012-02-24 203320]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys [2011-01-04 16392]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-05-10 51712]
R3 vnet;Shrew Soft Virtual Adapter;c:\windows\system32\DRIVERS\virtualnet.sys [2010-09-02 17408]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-17 136176]
R4 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-17 136176]
R4 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [2011-12-16 25504]
R4 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [2011-12-16 27584]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys [2012-06-27 12368]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswKbd;aswKbd; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S1 cnnctfy2;Connectify LightWeight Filter;c:\windows\system32\DRIVERS\cnnctfy2.sys [2012-01-18 31344]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-01-08 202752]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2012-07-03 71064]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [2012-07-03 133912]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 Micro Star SCM;Micro Star SCM;c:\program files (x86)\System Control Manager\MSIService.exe [2009-07-09 160768]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2320920]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-01-08 6232064]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-01-08 160256]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-01-07 271872]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-01-08 7778176]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000Core.job
- c:\users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-25 00:26]
.
2012-07-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1234592865-2256707453-3612337758-1000UA.job
- c:\users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-25 00:26]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-17 23:28]
.
2012-07-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-09-17 23:28]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-07-03 16:21        133400        ----a-w-        c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        97792        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        97792        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        97792        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-01-18 18:49        97792        ----a-w-        c:\users\Patrick\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.msmiq.com/(S(cmjgqi45joflms55soqm2oiq))/default.aspx?language=de-de
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 143.93.128.7:3128
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.1.10 192.168.1.130
TCP: Interfaces\{DE079886-8D4C-4805-9951-B9B08F64DE77}: NameServer = 192.168.1.10 192.168.1.130
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\55rk036k.default\
FF - prefs.js: network.proxy.type - 0
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Notify-igfxcui - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\AVAST Software\Avast\AvastEmUpdate.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2012-07-04  21:09:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2012-07-04 19:09
.
Vor Suchlauf: 20 Verzeichnis(se), 108.266.381.312 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 108.561.534.976 Bytes frei
.
- - End Of File - - 4615FFA4919567713C363B24EB334F74

Chris4You 05.07.2012 21:48
Hi,

gibt es noch Umleitungen in Google?
MAM updaten und nochmal Fullscan, Log posten...

Combofix deinstallieren:
Klicke auf Start (Windows 7 Start Button) und tippe dann in das Suchfeld combofix /uninstall, wie im Piktogram unter diesem Text mit dem blauen Pfeil. Bitte sicherstellen, dass ein Leerzeichen zwischen Combofix und /uninstall ist.
Combofix deinstallieren http://www.bleepstatic.com/combofix/en/run-box.jpg

chris

firstLINE 06.07.2012 00:51
Die Umleitungen bei Google sind verschwunden!
Combofix hab ich jetzt deinstalliert!

Code:
Malwarebytes Anti-Malware (PRO) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.05.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Patrick :: PATRICKS [Administrator]

Schutz: Deaktiviert

05.07.2012 23:30:59
mbam-log-2012-07-05 (23-30-59).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 416147
Laufzeit: 2 Stunde(n), 9 Minute(n), 7 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 5
C:\TDSSKiller_Quarantine\04.07.2012_15.40.34\mbr0000\tdlfs0000\tsk0007.dta (Rootkit.TDSS.64) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\04.07.2012_15.40.34\mbr0000\tdlfs0000\tsk0008.dta (Rootkit.TDSS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\04.07.2012_15.40.34\mbr0000\tdlfs0000\tsk0009.dta (Rootkit.TDSS) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\04.07.2012_15.40.34\mbr0000\tdlfs0000\tsk0010.dta (Rootkit.TDSS.64) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\TDSSKiller_Quarantine\04.07.2012_15.40.34\mbr0000\tdlfs0000\tsk0012.dta (Rootkit.TDSS.64) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:21 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131