Trojaner-Board - Avast-Virenscanner kann Datei " c:\progra~1\micros~2\shellext.dll "nicht scannen

Geschafft ! :-))

Hier OTL.txt :

Code:

OTL logfile created on: 27.07.2012 16:33:49 - Run 1

OTL by OldTimer - Version 3.2.55.0     Folder = C:\Users\Heinrich 2\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 8.0.7601.17514)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,88 Gb Total Physical Memory | 2,93 Gb Available Physical Memory | 75,56% Memory free

7,77 Gb Paging File | 6,40 Gb Available in Paging File | 82,37% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 234,38 Gb Total Space | 201,39 Gb Free Space | 85,93% Space Free | Partition Type: NTFS

Drive D: | 232,88 Gb Total Space | 150,48 Gb Free Space | 64,62% Space Free | Partition Type: NTFS

Drive G: | 231,28 Gb Total Space | 209,49 Gb Free Space | 90,58% Space Free | Partition Type: NTFS

 

Computer Name: HEINRICH2-PC | User Name: Heinrich 2 | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.07.27 16:26:44 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Heinrich 2\Desktop\OTL.exe

PRC - [2012.07.03 18:21:30 | 004,273,976 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastUI.exe

PRC - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Programme\AVAST Software\Avast\AvastSvc.exe

PRC - [2011.10.11 19:49:04 | 000,336,896 | ---- | M] (AVM Berlin) -- C:\Users\Heinrich 2\AppData\Local\Apps\2.0\BVOPMQ27.NBB\AJNG6PVA.HQO\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe

PRC - [2011.02.23 22:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe

PRC - [2011.01.17 18:50:34 | 011,322,880 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

PRC - [2011.01.17 18:50:34 | 011,314,688 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

PRC - [2010.10.05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

PRC - [2010.10.05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

PRC - [2010.04.27 10:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

PRC - [2009.01.26 15:31:10 | 001,153,368 | ---- | M] (Safer Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

PRC - [2007.12.03 11:26:02 | 000,498,792 | ---- | M] () -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

PRC - [2007.09.11 15:50:28 | 000,804,144 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\FRITZ!DSL\StCenter.EXE

PRC - [2007.09.07 11:06:46 | 001,070,384 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe

PRC - [2007.09.04 10:14:34 | 000,087,344 | ---- | M] (AVM Berlin) -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.06.22 10:04:00 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll

MOD - [2012.06.22 10:03:56 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\3421b96c2885b8e4137a376ff3d95fa5\System.Deployment.ni.dll

MOD - [2012.06.21 23:37:39 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll

MOD - [2012.06.21 23:37:19 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll

MOD - [2012.06.21 23:37:17 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll

MOD - [2012.05.11 17:26:41 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll

MOD - [2012.05.11 17:25:46 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll

MOD - [2012.05.11 17:25:42 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll

MOD - [2012.05.11 17:25:40 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll

MOD - [2012.05.11 17:25:39 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll

MOD - [2012.05.11 17:25:34 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll

MOD - [2011.10.11 19:48:23 | 000,368,640 | ---- | M] () -- C:\Users\Heinrich 2\AppData\Local\Apps\2.0\BVOPMQ27.NBB\AJNG6PVA.HQO\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\managedupnp.DLL

MOD - [2011.04.12 09:43:19 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll

MOD - [2010.11.13 01:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll

 

 
 ========== Win32 Services (SafeList) ==========

 

SRV - [2012.07.26 23:01:44 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.07.03 18:21:29 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Programme\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)

SRV - [2012.06.24 16:53:17 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2010.10.05 15:08:46 | 002,655,768 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)

SRV - [2010.10.05 15:08:42 | 000,325,656 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)

SRV - [2010.07.13 10:45:40 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2007.12.03 11:26:02 | 000,498,792 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe -- (TryAndDecideService)

SRV - [2007.12.03 11:06:42 | 000,599,320 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)

SRV - [2007.09.04 10:14:34 | 000,087,344 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE -- (IGDCTRL)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)

DRV:64bit: - [2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)

DRV:64bit: - [2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)

DRV:64bit: - [2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)

DRV:64bit: - [2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)

DRV:64bit: - [2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.10.14 20:12:08 | 000,711,712 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)

DRV:64bit: - [2011.10.14 20:12:08 | 000,081,952 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\tifsfilt.sys -- (tifsfilter)

DRV:64bit: - [2011.10.14 20:12:05 | 000,229,408 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)

DRV:64bit: - [2011.10.14 20:12:04 | 000,593,952 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpman.sys -- (tdrpman)

DRV:64bit: - [2011.10.11 19:48:48 | 000,116,096 | ---- | M] (AVM Berlin) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avmaudio.sys -- (avmaudio)

DRV:64bit: - [2011.08.31 19:53:22 | 012,306,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010.09.30 13:00:06 | 000,180,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV:64bit: - [2010.09.30 13:00:06 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)

DRV:64bit: - [2010.09.03 07:59:26 | 000,349,800 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2009.10.26 17:54:22 | 000,032,768 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys -- (HTCAND64)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.07.14 02:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.02.20 20:09:18 | 000,054,272 | ---- | M] (Siemens Home and Office Communication Devices GmbH & Co. KG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GigasetGenericUSB_x64.sys -- (GigasetGenericUSB_x64)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 

 

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 8F 06 CA 5A C7 05 CD 01  [binary data]

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1004\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKU\S-1-5-21-1308444173-748348572-3176675349-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.update: false

FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig"

FF - prefs.js..extensions.enabledItems: {3d7eb24f-2740-49df-8937-200b1cc08f8a}:1.5.15.1

FF - prefs.js..extensions.enabledItems: {446c03e0-2c35-11db-a98b-0800200c9a66}:0.6.2.15

FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.10

FF - prefs.js..extensions.enabledItems: {53A03D43-5363-4669-8190-99061B2DEBA5}:1.4.7

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA}:7.0

FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF:64bit: - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()

FF - HKLM\Software\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf: C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products Ltd.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.07.19 15:33:20 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.24 16:53:19 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.23 21:05:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.07.21 20:26:24 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.24 16:53:19 | 000,000,000 | ---D | M]

FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.12.23 21:05:01 | 000,000,000 | ---D | M]

 

[2011.10.11 15:19:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heinrich 2\AppData\Roaming\mozilla\Extensions

[2012.07.05 19:27:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Heinrich 2\AppData\Roaming\mozilla\Firefox\Profiles\wndjemli.default\extensions

[2011.10.11 17:36:41 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Heinrich 2\AppData\Roaming\mozilla\Firefox\Profiles\wndjemli.default\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}

[2011.10.11 17:36:41 | 000,000,000 | ---D | M] (Favicon Picker 2) -- C:\Users\Heinrich 2\AppData\Roaming\mozilla\Firefox\Profiles\wndjemli.default\extensions\{446c03e0-2c35-11db-a98b-0800200c9a66}

[2011.12.04 18:00:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.04.05 17:53:14 | 000,399,561 | ---- | M] () (No name found) -- C:\USERS\HEINRICH 2\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WNDJEMLI.DEFAULT\EXTENSIONS\{53A03D43-5363-4669-8190-99061B2DEBA5}.XPI

[2012.06.24 16:53:18 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.10.11 20:53:03 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

[2011.12.14 11:45:24 | 000,170,080 | ---- | M] (Tracker Software Products Ltd.) -- C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll

[2012.06.24 16:53:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.06.24 16:53:15 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.06.24 16:53:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.06.24 16:53:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.06.24 16:53:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.06.24 16:53:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2011.10.16 14:55:47 | 000,437,925 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1        www.007guard.com

O1 - Hosts: 127.0.0.1        007guard.com

O1 - Hosts: 127.0.0.1        008i.com

O1 - Hosts: 127.0.0.1        www.008k.com

O1 - Hosts: 127.0.0.1        008k.com

O1 - Hosts: 127.0.0.1        www.00hq.com

O1 - Hosts: 127.0.0.1        00hq.com

O1 - Hosts: 127.0.0.1        010402.com

O1 - Hosts: 127.0.0.1        www.032439.com

O1 - Hosts: 127.0.0.1        032439.com

O1 - Hosts: 127.0.0.1        www.0scan.com

O1 - Hosts: 127.0.0.1        0scan.com

O1 - Hosts: 127.0.0.1        1000gratisproben.com

O1 - Hosts: 127.0.0.1        www.1000gratisproben.com

O1 - Hosts: 127.0.0.1        1001namen.com

O1 - Hosts: 127.0.0.1        www.1001namen.com

O1 - Hosts: 127.0.0.1        100888290cs.com

O1 - Hosts: 127.0.0.1        www.100888290cs.com

O1 - Hosts: 127.0.0.1        www.100sexlinks.com

O1 - Hosts: 127.0.0.1        100sexlinks.com

O1 - Hosts: 127.0.0.1        10sek.com

O1 - Hosts: 127.0.0.1        www.10sek.com

O1 - Hosts: 127.0.0.1        www.1-2005-search.com

O1 - Hosts: 127.0.0.1        1-2005-search.com

O1 - Hosts: 127.0.0.1        123fporn.info

O1 - Hosts: 15060 more lines...

O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Programme\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programme\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)

O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)

O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-1308444173-748348572-3176675349-1000..\Run: [AVMUSBFernanschluss] C:\Users\Heinrich 2\AppData\Local\Apps\2.0\BVOPMQ27.NBB\AJNG6PVA.HQO\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - Startup: C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

O4 - Startup: C:\Users\Heinrich 2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FRITZ!DSL Protect.lnk = C:\Program Files (x86)\FRITZ!DSL\FwebProt.exe (AVM Berlin)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll (Safer Networking Limited)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\FRITZ!DSL\\sarah.dll ()

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\FRITZ!DSL\sarah.dll (AVM Berlin)

O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files (x86)\FRITZ!DSL\sarah.dll (AVM Berlin)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\..Trusted Domains: fritz.box ([]* in Lokales Intranet)

O15 - HKU\S-1-5-21-1308444173-748348572-3176675349-1000\..Trusted Ranges: Range37 ([*] in Lokales Intranet)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)

O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)

O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.7.0)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4ECB92F0-EB53-4CFD-AE76-580891123905}: DhcpNameServer = 192.168.178.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0BE11CC-00C8-4FB5-B8CE-06B072F832A8}: DhcpNameServer = 192.168.42.129

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O30:64bit: - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysNative\relog_ap.dll (Acronis)

O30 - LSA: Authentication Packages - (relog_ap) - C:\Windows\SysWow64\relog_ap.dll (Acronis)

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

 

MsConfig:64bit - StartUpFolder: C:^Users^Heinrich 2^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()

MsConfig:64bit - StartUpReg: Acronis Scheduler2 Service - hkey= - key= - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)

MsConfig:64bit - StartUpReg: AcronisTimounterMonitor - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TimounterMonitor.exe (Acronis)

MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: avgnt - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: AVMUSBFernanschluss - hkey= - key= - C:\Users\Heinrich 2\AppData\Local\Apps\2.0\BVOPMQ27.NBB\AJNG6PVA.HQO\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\AVMAutoStart.exe (AVM Berlin)

MsConfig:64bit - StartUpReg: CanonMyPrinter - hkey= - key= - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)

MsConfig:64bit - StartUpReg: FreePDF Assistant - hkey= - key= - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)

MsConfig:64bit - StartUpReg: NBAgent - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: OpwareSE4 - hkey= - key= - C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)

MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)

MsConfig:64bit - StartUpReg: TrueImageMonitor.exe - hkey= - key= - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: vmms - Service

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: vmms - Service

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: vmms - Service

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: vmms - Service

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.07.27 16:26:40 | 000,597,504 | ---- | C] (OldTimer Tools) -- C:\Users\Heinrich 2\Desktop\OTL.exe

[2012.07.25 16:58:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET

[2012.07.21 11:43:20 | 000,000,000 | ---D | C] -- C:\Users\Heinrich 2\Desktop\Köln 12.-18.07.2012

[2012.07.20 13:36:11 | 000,000,000 | ---D | C] -- C:\Users\Heinrich 2\AppData\Roaming\TuneUp Software

[2012.07.20 13:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software

[2012.07.20 13:34:44 | 000,000,000 | -HSD | C] -- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936}

[2012.07.20 13:34:44 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files

[2012.07.20 12:28:44 | 000,000,000 | ---D | C] -- C:\Users\Heinrich 2\Desktop\shell.dll

[2012.07.19 15:33:40 | 000,025,232 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2012.07.19 15:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus

[2012.07.19 15:33:39 | 000,355,856 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2012.07.19 15:33:37 | 000,054,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2012.07.19 15:33:35 | 000,059,728 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2012.07.19 15:33:34 | 000,958,400 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2012.07.19 15:33:31 | 000,071,064 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2012.07.19 15:33:30 | 000,285,328 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2012.07.19 15:33:12 | 000,227,648 | ---- | C] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2012.07.19 15:33:12 | 000,041,224 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr

[2012.07.19 15:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software

[2012.07.19 15:33:00 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software

[2012.07.15 15:14:56 | 000,000,000 | ---D | C] -- C:\Users\Heinrich 2\AppData\Roaming\kock

[2012.07.13 16:22:44 | 000,000,000 | ---D | C] -- C:\Users\Heinrich 2\AppData\Roaming\xmldm

[1 C:\Users\Heinrich 2\AppData\Roaming\*.tmp files -> C:\Users\Heinrich 2\AppData\Roaming\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.07.27 16:29:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.07.27 16:26:44 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\Heinrich 2\Desktop\OTL.exe

[2012.07.27 15:21:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.07.27 13:31:32 | 000,005,110 | ---- | M] () -- C:\Users\Heinrich 2\Desktop\Musterbrief_Rueckkaufswert.odt

[2012.07.27 13:23:30 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.07.27 13:23:30 | 000,021,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.07.27 13:23:19 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.07.27 13:23:19 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.07.27 13:23:19 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.07.27 13:23:19 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.07.27 13:23:19 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.07.27 13:15:50 | 3127,357,440 | -HS- | M] () -- C:\hiberfil.sys

[2012.07.24 09:45:51 | 000,020,451 | ---- | M] () -- C:\Users\Heinrich 2\Desktop\Einladung Mitgliederversammlung 2011.pdf

[2012.07.22 16:16:22 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt

[2012.07.20 16:57:48 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012.07.19 16:49:28 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.07.19 15:33:40 | 000,001,922 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2012.07.19 15:30:15 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif

[2012.07.13 16:31:40 | 000,000,051 | ---- | M] () -- C:\Users\Heinrich 2\AppData\Roaming\blckdom.res

[2012.07.11 15:12:53 | 000,292,872 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2012.07.03 18:21:52 | 000,958,400 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys

[2012.07.03 18:21:52 | 000,355,856 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys

[2012.07.03 18:21:52 | 000,071,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys

[2012.07.03 18:21:52 | 000,059,728 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswTdi.sys

[2012.07.03 18:21:52 | 000,054,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys

[2012.07.03 18:21:51 | 000,025,232 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswFsBlk.sys

[2012.07.03 18:21:32 | 000,041,224 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr

[2012.07.03 18:21:28 | 000,227,648 | ---- | M] (AVAST Software) -- C:\Windows\SysWow64\aswBoot.exe

[2012.07.03 18:21:18 | 000,285,328 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe

[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[1 C:\Users\Heinrich 2\AppData\Roaming\*.tmp files -> C:\Users\Heinrich 2\AppData\Roaming\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.07.27 13:31:32 | 000,005,110 | ---- | C] () -- C:\Users\Heinrich 2\Desktop\Musterbrief_Rueckkaufswert.odt

[2012.07.24 09:45:51 | 000,020,451 | ---- | C] () -- C:\Users\Heinrich 2\Desktop\Einladung Mitgliederversammlung 2011.pdf

[2012.07.20 16:57:48 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2012.07.19 15:33:40 | 000,001,922 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk

[2012.07.19 15:33:30 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\config.nt

[2012.07.13 16:22:56 | 000,000,051 | ---- | C] () -- C:\Users\Heinrich 2\AppData\Roaming\blckdom.res

[2012.06.08 20:51:32 | 000,000,052 | ---- | C] () -- C:\ProgramData\ibxrowufdfirozd

[2012.06.03 21:58:31 | 000,000,052 | ---- | C] () -- C:\ProgramData\iexmowgfsforfzd

[2012.05.23 11:28:59 | 000,000,000 | ---- | C] () -- C:\Windows\DbgOut.INI

[2011.10.30 12:58:46 | 000,000,000 | ---- | C] () -- C:\Users\Heinrich 2\.gtk-bookmarks

[2011.10.30 12:58:03 | 000,614,911 | ---- | C] () -- C:\Users\Heinrich 2\.fonts.cache-1

[2011.10.16 11:20:11 | 000,000,017 | ---- | C] () -- C:\Users\Heinrich 2\AppData\Local\resmon.resmoncfg

[2011.10.11 15:18:40 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat

[2011.10.11 15:15:40 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI

[2011.10.11 13:47:50 | 001,526,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.11 13:32:52 | 000,008,192 | R--- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll

[2011.10.11 13:24:54 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.08.31 19:51:16 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2011.08.31 19:51:16 | 000,216,000 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2011.08.31 19:46:00 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2011.08.31 19:26:20 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll

[2011.01.19 13:34:42 | 003,003,392 | ---- | C] () -- C:\Program Files (x86)\openofficeorg33.msi

[2011.01.19 13:33:04 | 000,475,016 | ---- | C] () -- C:\Program Files (x86)\setup.exe

[2011.01.19 13:30:10 | 142,700,671 | ---- | C] () -- C:\Program Files (x86)\openofficeorg1.cab

[2011.01.19 12:15:26 | 000,000,290 | ---- | C] () -- C:\Program Files (x86)\setup.ini

 
 ========== LOP Check ==========

 

[2012.07.12 22:42:45 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\13001.023

[2012.07.13 21:23:35 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\13001.024

[2012.07.14 22:50:52 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\13001.025

[2012.07.11 22:23:23 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\ImgBurn

[2012.07.12 22:23:24 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\kock

[2012.06.24 10:41:11 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\OpenOffice.org

[2012.07.20 14:09:04 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\TuneUp Software

[2012.07.12 22:42:25 | 000,000,000 | ---D | M] -- C:\Users\Hans-Jörg.Heinrich2-PC\AppData\Roaming\xmldm

[2011.12.12 17:17:46 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Acronis

[2011.10.12 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Canon

[2011.10.27 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FreePDF

[2012.07.27 13:15:00 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FRITZ!

[2011.10.11 15:24:37 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2012.06.11 12:48:49 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\ImgBurn

[2012.07.15 15:14:56 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\kock

[2011.10.11 21:07:02 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\OpenOffice.org

[2011.10.13 16:32:44 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\PhotoFiltre

[2011.10.11 15:15:36 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\ScanSoft

[2012.05.23 11:29:06 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Teleca

[2011.10.11 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Thunderbird

[2012.07.20 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\TuneUp Software

[2012.07.13 16:22:44 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\xmldm

[2012.06.11 14:34:34 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2011.12.12 17:17:46 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Acronis

[2011.10.12 21:16:43 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Adobe

[2011.10.12 17:17:34 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Canon

[2011.10.27 19:45:31 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FreePDF

[2012.07.27 13:15:00 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FRITZ!

[2011.10.11 15:24:37 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\FRITZ!fax für FRITZ!Box

[2011.10.11 13:19:11 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Identities

[2012.06.11 12:48:49 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\ImgBurn

[2012.07.15 15:14:56 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\kock

[2011.10.11 20:42:21 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Macromedia

[2011.10.21 16:31:02 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Malwarebytes

[2011.04.12 09:54:43 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Media Center Programs

[2011.11.09 20:04:42 | 000,000,000 | --SD | M] -- C:\Users\Heinrich 2\AppData\Roaming\Microsoft

[2011.10.11 15:19:06 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Mozilla

[2012.05.15 20:50:51 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Nero

[2011.10.11 21:07:02 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\OpenOffice.org

[2011.10.13 16:32:44 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\PhotoFiltre

[2011.10.11 15:15:36 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\ScanSoft

[2012.05.23 11:29:06 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Teleca

[2011.10.11 17:27:29 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\Thunderbird

[2012.07.20 13:36:11 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\TuneUp Software

[2012.04.17 20:44:36 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\vlc

[2011.10.11 21:17:59 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\WinRAR

[2012.07.13 16:22:44 | 000,000,000 | ---D | M] -- C:\Users\Heinrich 2\AppData\Roaming\xmldm

 
 < %APPDATA%\*.exe /s >

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: IASTORV.SYS  >

[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe

[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe

[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >
 

< End of report >

So, hoffe das hab ich auch hingekriegt. Hab auch noch nichts gelöscht, 2 Funde
Hier das Log:

Code:

13:35:48.0660 3308        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32

13:35:48.0956 3308        ============================================================

13:35:48.0956 3308        Current date / time: 2012/07/29 13:35:48.0956

13:35:48.0956 3308        SystemInfo:

13:35:48.0956 3308        

13:35:48.0956 3308        OS Version: 6.1.7601 ServicePack: 1.0

13:35:48.0956 3308        Product type: Workstation

13:35:48.0972 3308        ComputerName: HEINRICH2-PC

13:35:48.0972 3308        UserName: Heinrich 2

13:35:48.0972 3308        Windows directory: C:\Windows

13:35:48.0972 3308        System windows directory: C:\Windows

13:35:48.0972 3308        Running under WOW64

13:35:48.0972 3308        Processor architecture: Intel x64

13:35:48.0972 3308        Number of processors: 4

13:35:48.0972 3308        Page size: 0x1000

13:35:48.0972 3308        Boot type: Normal boot

13:35:48.0972 3308        ============================================================

13:35:50.0844 3308        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

13:35:50.0844 3308        Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

13:35:50.0844 3308        ============================================================

13:35:50.0844 3308        \Device\Harddisk0\DR0:

13:35:50.0844 3308        MBR partitions:

13:35:50.0844 3308        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

13:35:50.0844 3308        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1D4C3000

13:35:50.0844 3308        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D4F5800, BlocksNum 0x1CE8F800

13:35:50.0844 3308        \Device\Harddisk1\DR1:

13:35:50.0844 3308        MBR partitions:

13:35:50.0844 3308        \Device\Harddisk1\DR1\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800

13:35:50.0844 3308        ============================================================

13:35:50.0859 3308        C: <-> \Device\Harddisk0\DR0\Partition1

13:35:50.0890 3308        G: <-> \Device\Harddisk0\DR0\Partition2

13:35:50.0922 3308        D: <-> \Device\Harddisk1\DR1\Partition0

13:35:50.0922 3308        ============================================================

13:35:50.0922 3308        Initialize success

13:35:50.0922 3308        ============================================================

13:36:30.0062 3840        ============================================================

13:36:30.0062 3840        Scan started

13:36:30.0062 3840        Mode: Manual; SigCheck; TDLFS; 

13:36:30.0062 3840        ============================================================

13:36:30.0920 3840        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys

13:36:31.0029 3840        1394ohci - ok

13:36:31.0076 3840        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys

13:36:31.0092 3840        ACPI - ok

13:36:31.0107 3840        AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys

13:36:31.0138 3840        AcpiPmi - ok

13:36:31.0248 3840        AcrSch2Svc      (ed990d05c5189ce96c98625ea182467e) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

13:36:31.0279 3840        AcrSch2Svc - ok

13:36:31.0388 3840        AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

13:36:31.0404 3840        AdobeFlashPlayerUpdateSvc - ok

13:36:31.0513 3840        adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys

13:36:31.0544 3840        adp94xx - ok

13:36:31.0575 3840        adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys

13:36:31.0606 3840        adpahci - ok

13:36:31.0638 3840        adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys

13:36:31.0653 3840        adpu320 - ok

13:36:31.0684 3840        AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll

13:36:31.0731 3840        AeLookupSvc - ok

13:36:31.0794 3840        AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys

13:36:31.0840 3840        AFD - ok

13:36:31.0872 3840        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys

13:36:31.0887 3840        agp440 - ok

13:36:31.0903 3840        ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe

13:36:31.0950 3840        ALG - ok

13:36:31.0965 3840        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys

13:36:31.0981 3840        aliide - ok

13:36:31.0981 3840        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys

13:36:31.0996 3840        amdide - ok

13:36:32.0012 3840        AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys

13:36:32.0043 3840        AmdK8 - ok

13:36:32.0059 3840        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys

13:36:32.0090 3840        AmdPPM - ok

13:36:32.0121 3840        amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys

13:36:32.0137 3840        amdsata - ok

13:36:32.0168 3840        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys

13:36:32.0184 3840        amdsbs - ok

13:36:32.0199 3840        amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys

13:36:32.0215 3840        amdxata - ok

13:36:32.0230 3840        AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys

13:36:32.0293 3840        AppID - ok

13:36:32.0308 3840        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll

13:36:32.0355 3840        AppIDSvc - ok

13:36:32.0386 3840        Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll

13:36:32.0449 3840        Appinfo - ok

13:36:32.0464 3840        arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys

13:36:32.0480 3840        arc - ok

13:36:32.0511 3840        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys

13:36:32.0527 3840        arcsas - ok

13:36:32.0558 3840        aswFsBlk        (df59b8e8df0bd2e0e303778a3806a17d) C:\Windows\system32\drivers\aswFsBlk.sys

13:36:33.0369 3840        aswFsBlk - ok

13:36:33.0416 3840        aswMonFlt       (f8e6ab4f876feff69250f2e0c29ef004) C:\Windows\system32\drivers\aswMonFlt.sys

13:36:33.0432 3840        aswMonFlt - ok

13:36:33.0463 3840        aswRdr          (aa92bc4bcba40ca3aa3ffd1be24f0c09) C:\Windows\System32\Drivers\aswrdr2.sys

13:36:33.0463 3840        aswRdr - ok

13:36:33.0525 3840        aswSnx          (f06e230e1e8ca9437a6474b7b551cd37) C:\Windows\system32\drivers\aswSnx.sys

13:36:33.0556 3840        aswSnx - ok

13:36:33.0619 3840        aswSP           (3610ca74a69e380424f0452dec5c1317) C:\Windows\system32\drivers\aswSP.sys

13:36:33.0634 3840        aswSP - ok

13:36:33.0666 3840        aswTdi          (87de3e31cb0091d22351349869324065) C:\Windows\system32\drivers\aswTdi.sys

13:36:33.0681 3840        aswTdi - ok

13:36:33.0697 3840        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys

13:36:33.0759 3840        AsyncMac - ok

13:36:33.0775 3840        atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys

13:36:33.0791 3840        atapi - ok

13:36:33.0853 3840        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:36:33.0931 3840        AudioEndpointBuilder - ok

13:36:33.0931 3840        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll

13:36:33.0993 3840        AudioSrv - ok

13:36:34.0040 3840        avast! Antivirus (2f7c0f3e39c45e0127fb78b2f18a41f3) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

13:36:34.0056 3840        avast! Antivirus - ok

13:36:34.0087 3840        avmaudio        (bd39d7cfd9d6a73396b618113a8e8d57) C:\Windows\system32\DRIVERS\avmaudio.sys

13:36:34.0118 3840        avmaudio - ok

13:36:34.0134 3840        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll

13:36:34.0181 3840        AxInstSV - ok

13:36:34.0227 3840        b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys

13:36:34.0259 3840        b06bdrv - ok

13:36:34.0290 3840        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys

13:36:34.0321 3840        b57nd60a - ok

13:36:34.0368 3840        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll

13:36:34.0383 3840        BDESVC - ok

13:36:34.0399 3840        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys

13:36:34.0461 3840        Beep - ok

13:36:34.0524 3840        BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll

13:36:34.0586 3840        BFE - ok

13:36:34.0633 3840        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll

13:36:34.0727 3840        BITS - ok

13:36:34.0773 3840        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys

13:36:34.0805 3840        blbdrive - ok

13:36:34.0836 3840        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys

13:36:34.0867 3840        bowser - ok

13:36:34.0883 3840        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys

13:36:34.0914 3840        BrFiltLo - ok

13:36:34.0914 3840        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys

13:36:34.0945 3840        BrFiltUp - ok

13:36:34.0976 3840        Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll

13:36:35.0039 3840        Browser - ok

13:36:35.0054 3840        Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys

13:36:35.0101 3840        Brserid - ok

13:36:35.0117 3840        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys

13:36:35.0148 3840        BrSerWdm - ok

13:36:35.0163 3840        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys

13:36:35.0195 3840        BrUsbMdm - ok

13:36:35.0195 3840        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys

13:36:35.0210 3840        BrUsbSer - ok

13:36:35.0241 3840        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\drivers\bthmodem.sys

13:36:35.0273 3840        BTHMODEM - ok

13:36:35.0304 3840        bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll

13:36:35.0351 3840        bthserv - ok

13:36:35.0429 3840        cbVSCService    (ed5411a69c5bac78d245c893af64352a) C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe

13:36:35.0444 3840        cbVSCService ( UnsignedFile.Multi.Generic ) - warning

13:36:35.0444 3840        cbVSCService - detected UnsignedFile.Multi.Generic (1)

13:36:35.0491 3840        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys

13:36:35.0538 3840        cdfs - ok

13:36:35.0569 3840        cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\DRIVERS\cdrom.sys

13:36:35.0585 3840        cdrom - ok

13:36:35.0631 3840        CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:36:35.0678 3840        CertPropSvc - ok

13:36:35.0709 3840        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys

13:36:35.0741 3840        circlass - ok

13:36:35.0772 3840        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys

13:36:35.0787 3840        CLFS - ok

13:36:35.0850 3840        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

13:36:35.0865 3840        clr_optimization_v2.0.50727_32 - ok

13:36:35.0897 3840        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

13:36:35.0912 3840        clr_optimization_v2.0.50727_64 - ok

13:36:35.0990 3840        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

13:36:36.0006 3840        clr_optimization_v4.0.30319_32 - ok

13:36:36.0037 3840        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

13:36:36.0053 3840        clr_optimization_v4.0.30319_64 - ok

13:36:36.0084 3840        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys

13:36:36.0099 3840        CmBatt - ok

13:36:36.0115 3840        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys

13:36:36.0131 3840        cmdide - ok

13:36:36.0193 3840        CNG             (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys

13:36:36.0255 3840        CNG - ok

13:36:36.0271 3840        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys

13:36:36.0287 3840        Compbatt - ok

13:36:36.0302 3840        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\DRIVERS\CompositeBus.sys

13:36:36.0333 3840        CompositeBus - ok

13:36:36.0333 3840        COMSysApp - ok

13:36:36.0349 3840        crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys

13:36:36.0365 3840        crcdisk - ok

13:36:36.0411 3840        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll

13:36:36.0427 3840        CryptSvc - ok

13:36:36.0474 3840        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:36:36.0552 3840        DcomLaunch - ok

13:36:36.0567 3840        defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll

13:36:36.0630 3840        defragsvc - ok

13:36:36.0645 3840        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys

13:36:36.0692 3840        DfsC - ok

13:36:36.0739 3840        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll

13:36:36.0786 3840        Dhcp - ok

13:36:36.0817 3840        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys

13:36:36.0879 3840        discache - ok

13:36:36.0895 3840        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys

13:36:36.0911 3840        Disk - ok

13:36:36.0957 3840        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll

13:36:36.0989 3840        Dnscache - ok

13:36:37.0035 3840        dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll

13:36:37.0082 3840        dot3svc - ok

13:36:37.0113 3840        DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll

13:36:37.0160 3840        DPS - ok

13:36:37.0191 3840        drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys

13:36:37.0223 3840        drmkaud - ok

13:36:37.0269 3840        DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys

13:36:37.0301 3840        DXGKrnl - ok

13:36:37.0332 3840        EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll

13:36:37.0394 3840        EapHost - ok

13:36:37.0519 3840        ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys

13:36:37.0613 3840        ebdrv - ok

13:36:37.0691 3840        EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe

13:36:37.0722 3840        EFS - ok

13:36:37.0800 3840        ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe

13:36:37.0847 3840        ehRecvr - ok

13:36:37.0878 3840        ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe

13:36:37.0893 3840        ehSched - ok

13:36:37.0971 3840        elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys

13:36:38.0003 3840        elxstor - ok

13:36:38.0003 3840        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys

13:36:38.0034 3840        ErrDev - ok

13:36:38.0081 3840        EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll

13:36:38.0143 3840        EventSystem - ok

13:36:38.0159 3840        exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys

13:36:38.0221 3840        exfat - ok

13:36:38.0237 3840        fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys

13:36:38.0299 3840        fastfat - ok

13:36:38.0346 3840        Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe

13:36:38.0393 3840        Fax - ok

13:36:38.0408 3840        fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys

13:36:38.0424 3840        fdc - ok

13:36:38.0439 3840        fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll

13:36:38.0486 3840        fdPHost - ok

13:36:38.0502 3840        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll

13:36:38.0549 3840        FDResPub - ok

13:36:38.0580 3840        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys

13:36:38.0595 3840        FileInfo - ok

13:36:38.0611 3840        Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys

13:36:38.0673 3840        Filetrace - ok

13:36:38.0689 3840        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys

13:36:38.0705 3840        flpydisk - ok

13:36:38.0720 3840        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys

13:36:38.0751 3840        FltMgr - ok

13:36:38.0814 3840        FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll

13:36:38.0861 3840        FontCache - ok

13:36:38.0907 3840        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

13:36:38.0923 3840        FontCache3.0.0.0 - ok

13:36:38.0954 3840        FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys

13:36:38.0970 3840        FsDepends - ok

13:36:39.0001 3840        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys

13:36:39.0017 3840        Fs_Rec - ok

13:36:39.0048 3840        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys

13:36:39.0063 3840        fvevol - ok

13:36:39.0079 3840        FXDrv32 - ok

13:36:39.0095 3840        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys

13:36:39.0110 3840        gagp30kx - ok

13:36:39.0141 3840        GigasetGenericUSB_x64 (b93252c4c5a3733ecd5522caf88de02d) C:\Windows\system32\DRIVERS\GigasetGenericUSB_x64.sys

13:36:39.0173 3840        GigasetGenericUSB_x64 - ok

13:36:39.0219 3840        gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll

13:36:39.0297 3840        gpsvc - ok

13:36:39.0297 3840        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys

13:36:39.0329 3840        hcw85cir - ok

13:36:39.0360 3840        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys

13:36:39.0407 3840        HdAudAddService - ok

13:36:39.0422 3840        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\DRIVERS\HDAudBus.sys

13:36:39.0453 3840        HDAudBus - ok

13:36:39.0469 3840        HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys

13:36:39.0485 3840        HidBatt - ok

13:36:39.0500 3840        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys

13:36:39.0531 3840        HidBth - ok

13:36:39.0563 3840        HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys

13:36:39.0578 3840        HidIr - ok

13:36:39.0594 3840        hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll

13:36:39.0641 3840        hidserv - ok

13:36:39.0656 3840        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\DRIVERS\hidusb.sys

13:36:39.0687 3840        HidUsb - ok

13:36:39.0703 3840        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll

13:36:39.0750 3840        hkmsvc - ok

13:36:39.0781 3840        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll

13:36:39.0812 3840        HomeGroupListener - ok

13:36:39.0843 3840        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll

13:36:39.0875 3840        HomeGroupProvider - ok

13:36:39.0906 3840        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys

13:36:39.0921 3840        HpSAMD - ok

13:36:39.0937 3840        HTCAND64        (cf44b25ae808765d7308f412ad492ddb) C:\Windows\system32\Drivers\ANDROIDUSB.sys

13:36:39.0968 3840        HTCAND64 ( UnsignedFile.Multi.Generic ) - warning

13:36:39.0968 3840        HTCAND64 - detected UnsignedFile.Multi.Generic (1)

13:36:40.0015 3840        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys

13:36:40.0093 3840        HTTP - ok

13:36:40.0093 3840        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys

13:36:40.0109 3840        hwpolicy - ok

13:36:40.0140 3840        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys

13:36:40.0155 3840        i8042prt - ok

13:36:40.0202 3840        iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys

13:36:40.0218 3840        iaStorV - ok

13:36:40.0311 3840        idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

13:36:40.0343 3840        idsvc - ok

13:36:40.0421 3840        IGDCTRL         (e28602c9e17b0ddce9f5deb3b3e2a635) C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE

13:36:40.0452 3840        IGDCTRL - ok

13:36:40.0873 3840        igfx            (0d1b8c64bdf0e5cdc523a1409ffb5ef0) C:\Windows\system32\DRIVERS\igdkmd64.sys

13:36:41.0169 3840        igfx - ok

13:36:41.0263 3840        iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys

13:36:41.0279 3840        iirsp - ok

13:36:41.0325 3840        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll

13:36:41.0403 3840        IKEEXT - ok

13:36:41.0528 3840        IntcAzAudAddService (491dadcc74327fabc85e0ab80af8f204) C:\Windows\system32\drivers\RTKVHD64.sys

13:36:41.0591 3840        IntcAzAudAddService - ok

13:36:41.0669 3840        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys

13:36:41.0684 3840        intelide - ok

13:36:41.0700 3840        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys

13:36:41.0731 3840        intelppm - ok

13:36:41.0762 3840        IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll

13:36:41.0825 3840        IPBusEnum - ok

13:36:41.0840 3840        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys

13:36:41.0887 3840        IpFilterDriver - ok

13:36:41.0934 3840        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll

13:36:42.0012 3840        iphlpsvc - ok

13:36:42.0027 3840        IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys

13:36:42.0043 3840        IPMIDRV - ok

13:36:42.0059 3840        IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys

13:36:42.0121 3840        IPNAT - ok

13:36:42.0137 3840        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys

13:36:42.0168 3840        IRENUM - ok

13:36:42.0183 3840        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys

13:36:42.0199 3840        isapnp - ok

13:36:42.0230 3840        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys

13:36:42.0261 3840        iScsiPrt - ok

13:36:42.0277 3840        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys

13:36:42.0293 3840        kbdclass - ok

13:36:42.0308 3840        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\DRIVERS\kbdhid.sys

13:36:42.0339 3840        kbdhid - ok

13:36:42.0355 3840        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:36:42.0371 3840        KeyIso - ok

13:36:42.0402 3840        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys

13:36:42.0417 3840        KSecDD - ok

13:36:42.0433 3840        KSecPkg         (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys

13:36:42.0449 3840        KSecPkg - ok

13:36:42.0464 3840        ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys

13:36:42.0511 3840        ksthunk - ok

13:36:42.0542 3840        KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll

13:36:42.0620 3840        KtmRm - ok

13:36:42.0651 3840        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll

13:36:42.0729 3840        LanmanServer - ok

13:36:42.0745 3840        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll

13:36:42.0807 3840        LanmanWorkstation - ok

13:36:42.0839 3840        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys

13:36:42.0885 3840        lltdio - ok

13:36:42.0917 3840        lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll

13:36:42.0995 3840        lltdsvc - ok

13:36:43.0010 3840        lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll

13:36:43.0073 3840        lmhosts - ok

13:36:43.0151 3840        LMS             (926eba26a8b49d1597751ced06b50862) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

13:36:43.0166 3840        LMS - ok

13:36:43.0197 3840        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys

13:36:43.0213 3840        LSI_FC - ok

13:36:43.0244 3840        LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys

13:36:43.0260 3840        LSI_SAS - ok

13:36:43.0275 3840        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys

13:36:43.0291 3840        LSI_SAS2 - ok

13:36:43.0291 3840        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys

13:36:43.0307 3840        LSI_SCSI - ok

13:36:43.0338 3840        luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys

13:36:43.0400 3840        luafv - ok

13:36:43.0416 3840        Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll

13:36:43.0447 3840        Mcx2Svc - ok

13:36:43.0463 3840        megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys

13:36:43.0478 3840        megasas - ok

13:36:43.0509 3840        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys

13:36:43.0525 3840        MegaSR - ok

13:36:43.0556 3840        MEIx64          (a6518dcc42f7a6e999bb3bea8fd87567) C:\Windows\system32\DRIVERS\HECIx64.sys

13:36:43.0572 3840        MEIx64 - ok

13:36:43.0587 3840        MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:36:43.0634 3840        MMCSS - ok

13:36:43.0650 3840        Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys

13:36:43.0697 3840        Modem - ok

13:36:43.0712 3840        monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys

13:36:43.0743 3840        monitor - ok

13:36:43.0775 3840        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys

13:36:43.0790 3840        mouclass - ok

13:36:43.0806 3840        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys

13:36:43.0821 3840        mouhid - ok

13:36:43.0853 3840        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys

13:36:43.0868 3840        mountmgr - ok

13:36:43.0946 3840        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

13:36:43.0962 3840        MozillaMaintenance - ok

13:36:43.0977 3840        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys

13:36:44.0009 3840        mpio - ok

13:36:44.0024 3840        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys

13:36:44.0071 3840        mpsdrv - ok

13:36:44.0118 3840        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll

13:36:44.0180 3840        MpsSvc - ok

13:36:44.0211 3840        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys

13:36:44.0243 3840        MRxDAV - ok

13:36:44.0274 3840        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys

13:36:44.0289 3840        mrxsmb - ok

13:36:44.0321 3840        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys

13:36:44.0336 3840        mrxsmb10 - ok

13:36:44.0367 3840        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys

13:36:44.0383 3840        mrxsmb20 - ok

13:36:44.0399 3840        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys

13:36:44.0414 3840        msahci - ok

13:36:44.0414 3840        msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys

13:36:44.0445 3840        msdsm - ok

13:36:44.0461 3840        MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe

13:36:44.0508 3840        MSDTC - ok

13:36:44.0508 3840        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys

13:36:44.0570 3840        Msfs - ok

13:36:44.0586 3840        mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys

13:36:44.0633 3840        mshidkmdf - ok

13:36:44.0648 3840        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys

13:36:44.0664 3840        msisadrv - ok

13:36:44.0695 3840        MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll

13:36:44.0757 3840        MSiSCSI - ok

13:36:44.0757 3840        msiserver - ok

13:36:44.0773 3840        MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys

13:36:44.0835 3840        MSKSSRV - ok

13:36:44.0851 3840        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys

13:36:44.0898 3840        MSPCLOCK - ok

13:36:44.0898 3840        MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys

13:36:44.0960 3840        MSPQM - ok

13:36:44.0991 3840        MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys

13:36:45.0007 3840        MsRPC - ok

13:36:45.0023 3840        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys

13:36:45.0038 3840        mssmbios - ok

13:36:45.0054 3840        MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys

13:36:45.0101 3840        MSTEE - ok

13:36:45.0116 3840        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys

13:36:45.0132 3840        MTConfig - ok

13:36:45.0147 3840        Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys

13:36:45.0163 3840        Mup - ok

13:36:45.0194 3840        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll

13:36:45.0272 3840        napagent - ok

13:36:45.0319 3840        NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys

13:36:45.0350 3840        NativeWifiP - ok

13:36:45.0397 3840        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys

13:36:45.0444 3840        NDIS - ok

13:36:45.0459 3840        NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys

13:36:45.0506 3840        NdisCap - ok

13:36:45.0522 3840        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys

13:36:45.0569 3840        NdisTapi - ok

13:36:45.0584 3840        Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys

13:36:45.0631 3840        Ndisuio - ok

13:36:45.0647 3840        NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys

13:36:45.0725 3840        NdisWan - ok

13:36:45.0740 3840        NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys

13:36:45.0787 3840        NDProxy - ok

13:36:45.0803 3840        NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys

13:36:45.0849 3840        NetBIOS - ok

13:36:45.0881 3840        NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys

13:36:45.0927 3840        NetBT - ok

13:36:45.0959 3840        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:36:45.0974 3840        Netlogon - ok

13:36:46.0021 3840        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll

13:36:46.0083 3840        Netman - ok

13:36:46.0099 3840        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll

13:36:46.0161 3840        netprofm - ok

13:36:46.0224 3840        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

13:36:46.0239 3840        NetTcpPortSharing - ok

13:36:46.0271 3840        nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys

13:36:46.0286 3840        nfrd960 - ok

13:36:46.0317 3840        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll

13:36:46.0380 3840        NlaSvc - ok

13:36:46.0395 3840        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys

13:36:46.0442 3840        Npfs - ok

13:36:46.0458 3840        nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll

13:36:46.0520 3840        nsi - ok

13:36:46.0520 3840        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys

13:36:46.0567 3840        nsiproxy - ok

13:36:46.0676 3840        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys

13:36:46.0739 3840        Ntfs - ok

13:36:46.0801 3840        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys

13:36:46.0848 3840        Null - ok

13:36:46.0895 3840        nusb3hub        (786db821bfd57c0551dbbe4f75384a7d) C:\Windows\system32\DRIVERS\nusb3hub.sys

13:36:46.0910 3840        nusb3hub - ok

13:36:46.0926 3840        nusb3xhc        (daa8005caf745042bb427a1ed7433354) C:\Windows\system32\DRIVERS\nusb3xhc.sys

13:36:46.0957 3840        nusb3xhc - ok

13:36:47.0004 3840        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys

13:36:47.0019 3840        nvraid - ok

13:36:47.0051 3840        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys

13:36:47.0082 3840        nvstor - ok

13:36:47.0113 3840        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys

13:36:47.0129 3840        nv_agp - ok

13:36:47.0144 3840        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys

13:36:47.0175 3840        ohci1394 - ok

13:36:47.0207 3840        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:36:47.0253 3840        p2pimsvc - ok

13:36:47.0285 3840        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll

13:36:47.0316 3840        p2psvc - ok

13:36:47.0331 3840        Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys

13:36:47.0363 3840        Parport - ok

13:36:47.0378 3840        partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys

13:36:47.0394 3840        partmgr - ok

13:36:47.0425 3840        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll

13:36:47.0456 3840        PcaSvc - ok

13:36:47.0487 3840        pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys

13:36:47.0503 3840        pci - ok

13:36:47.0519 3840        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys

13:36:47.0534 3840        pciide - ok

13:36:47.0550 3840        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys

13:36:47.0581 3840        pcmcia - ok

13:36:47.0581 3840        pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys

13:36:47.0597 3840        pcw - ok

13:36:47.0643 3840        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys

13:36:47.0706 3840        PEAUTH - ok

13:36:47.0784 3840        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe

13:36:47.0799 3840        PerfHost - ok

13:36:47.0877 3840        pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll

13:36:47.0955 3840        pla - ok

13:36:48.0018 3840        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll

13:36:48.0049 3840        PlugPlay - ok

13:36:48.0065 3840        PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll

13:36:48.0096 3840        PNRPAutoReg - ok

13:36:48.0111 3840        PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll

13:36:48.0143 3840        PNRPsvc - ok

13:36:48.0189 3840        PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll

13:36:48.0252 3840        PolicyAgent - ok

13:36:48.0283 3840        Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll

13:36:48.0345 3840        Power - ok

13:36:48.0408 3840        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys

13:36:48.0455 3840        PptpMiniport - ok

13:36:48.0470 3840        Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys

13:36:48.0501 3840        Processor - ok

13:36:48.0533 3840        ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll

13:36:48.0564 3840        ProfSvc - ok

13:36:48.0579 3840        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:36:48.0611 3840        ProtectedStorage - ok

13:36:48.0626 3840        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys

13:36:48.0673 3840        Psched - ok

13:36:48.0767 3840        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys

13:36:48.0829 3840        ql2300 - ok

13:36:48.0907 3840        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys

13:36:48.0923 3840        ql40xx - ok

13:36:48.0954 3840        QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll

13:36:48.0985 3840        QWAVE - ok

13:36:49.0016 3840        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys

13:36:49.0032 3840        QWAVEdrv - ok

13:36:49.0047 3840        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys

13:36:49.0110 3840        RasAcd - ok

13:36:49.0141 3840        RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys

13:36:49.0188 3840        RasAgileVpn - ok

13:36:49.0203 3840        RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll

13:36:49.0266 3840        RasAuto - ok

13:36:49.0281 3840        Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys

13:36:49.0344 3840        Rasl2tp - ok

13:36:49.0375 3840        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll

13:36:49.0437 3840        RasMan - ok

13:36:49.0453 3840        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys

13:36:49.0515 3840        RasPppoe - ok

13:36:49.0531 3840        RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys

13:36:49.0593 3840        RasSstp - ok

13:36:49.0609 3840        rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys

13:36:49.0671 3840        rdbss - ok

13:36:49.0687 3840        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys

13:36:49.0703 3840        rdpbus - ok

13:36:49.0734 3840        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys

13:36:49.0781 3840        RDPCDD - ok

13:36:49.0796 3840        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys

13:36:49.0843 3840        RDPENCDD - ok

13:36:49.0859 3840        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys

13:36:49.0905 3840        RDPREFMP - ok

13:36:49.0937 3840        RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys

13:36:49.0968 3840        RDPWD - ok

13:36:50.0015 3840        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys

13:36:50.0030 3840        rdyboost - ok

13:36:50.0061 3840        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll

13:36:50.0108 3840        RemoteAccess - ok

13:36:50.0124 3840        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll

13:36:50.0202 3840        RemoteRegistry - ok

13:36:50.0217 3840        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll

13:36:50.0280 3840        RpcEptMapper - ok

13:36:50.0295 3840        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe

13:36:50.0327 3840        RpcLocator - ok

13:36:50.0373 3840        RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll

13:36:50.0420 3840        RpcSs - ok

13:36:50.0451 3840        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys

13:36:50.0498 3840        rspndr - ok

13:36:50.0545 3840        RTL8167         (b15c021c2c9bb217a799d9532e8f04d4) C:\Windows\system32\DRIVERS\Rt64win7.sys

13:36:50.0561 3840        RTL8167 - ok

13:36:50.0576 3840        SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:36:50.0592 3840        SamSs - ok

13:36:50.0607 3840        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys

13:36:50.0623 3840        sbp2port - ok

13:36:50.0732 3840        SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

13:36:50.0763 3840        SBSDWSCService - ok

13:36:50.0795 3840        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll

13:36:50.0841 3840        SCardSvr - ok

13:36:50.0904 3840        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys

13:36:50.0951 3840        scfilter - ok

13:36:50.0997 3840        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll

13:36:51.0075 3840        Schedule - ok

13:36:51.0107 3840        SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll

13:36:51.0138 3840        SCPolicySvc - ok

13:36:51.0169 3840        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll

13:36:51.0200 3840        SDRSVC - ok

13:36:51.0247 3840        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys

13:36:51.0309 3840        secdrv - ok

13:36:51.0325 3840        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll

13:36:51.0372 3840        seclogon - ok

13:36:51.0387 3840        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll

13:36:51.0450 3840        SENS - ok

13:36:51.0450 3840        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll

13:36:51.0481 3840        SensrSvc - ok

13:36:51.0497 3840        Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys

13:36:51.0528 3840        Serenum - ok

13:36:51.0543 3840        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys

13:36:51.0575 3840        Serial - ok

13:36:51.0606 3840        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys

13:36:51.0621 3840        sermouse - ok

13:36:51.0653 3840        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll

13:36:51.0699 3840        SessionEnv - ok

13:36:51.0715 3840        sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys

13:36:51.0746 3840        sffdisk - ok

13:36:51.0746 3840        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys

13:36:51.0777 3840        sffp_mmc - ok

13:36:51.0793 3840        sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys

13:36:51.0824 3840        sffp_sd - ok

13:36:51.0824 3840        sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys

13:36:51.0855 3840        sfloppy - ok

13:36:51.0887 3840        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll

13:36:51.0949 3840        SharedAccess - ok

13:36:51.0996 3840        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll

13:36:52.0074 3840        ShellHWDetection - ok

13:36:52.0105 3840        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys

13:36:52.0121 3840        SiSRaid2 - ok

13:36:52.0136 3840        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys

13:36:52.0152 3840        SiSRaid4 - ok

13:36:52.0167 3840        Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys

13:36:52.0230 3840        Smb - ok

13:36:52.0277 3840        snapman         (d33f37dd403741982dbe99c7b6b6ff63) C:\Windows\system32\DRIVERS\snapman.sys

13:36:52.0292 3840        snapman - ok

13:36:52.0308 3840        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe

13:36:52.0339 3840        SNMPTRAP - ok

13:36:52.0355 3840        spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys

13:36:52.0370 3840        spldr - ok

13:36:52.0401 3840        Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe

13:36:52.0464 3840        Spooler - ok

13:36:52.0589 3840        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe

13:36:52.0729 3840        sppsvc - ok

13:36:52.0791 3840        sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll

13:36:52.0854 3840        sppuinotify - ok

13:36:52.0901 3840        srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys

13:36:52.0947 3840        srv - ok

13:36:52.0979 3840        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys

13:36:53.0010 3840        srv2 - ok

13:36:53.0041 3840        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys

13:36:53.0072 3840        srvnet - ok

13:36:53.0103 3840        SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll

13:36:53.0166 3840        SSDPSRV - ok

13:36:53.0166 3840        SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll

13:36:53.0228 3840        SstpSvc - ok

13:36:53.0244 3840        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys

13:36:53.0259 3840        stexstor - ok

13:36:53.0306 3840        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll

13:36:53.0353 3840        stisvc - ok

13:36:53.0369 3840        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys

13:36:53.0369 3840        swenum - ok

13:36:53.0415 3840        swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll

13:36:53.0478 3840        swprv - ok

13:36:53.0571 3840        SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll

13:36:53.0649 3840        SysMain - ok

13:36:53.0727 3840        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll

13:36:53.0743 3840        TabletInputService - ok

13:36:53.0774 3840        TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll

13:36:53.0837 3840        TapiSrv - ok

13:36:53.0852 3840        TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll

13:36:53.0899 3840        TBS - ok

13:36:54.0008 3840        Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys

13:36:54.0086 3840        Tcpip - ok

13:36:54.0227 3840        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys

13:36:54.0273 3840        TCPIP6 - ok

13:36:54.0320 3840        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys

13:36:54.0367 3840        tcpipreg - ok

13:36:54.0383 3840        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys

13:36:54.0414 3840        TDPIPE - ok

13:36:54.0461 3840        tdrpman         (ac1fc18d04b92bac16cbd85de2a08a0b) C:\Windows\system32\DRIVERS\tdrpman.sys

13:36:54.0492 3840        tdrpman - ok

13:36:54.0523 3840        TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys

13:36:54.0539 3840        TDTCP - ok

13:36:54.0570 3840        tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys

13:36:54.0601 3840        tdx - ok

13:36:54.0617 3840        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\DRIVERS\termdd.sys

13:36:54.0632 3840        TermDD - ok

13:36:54.0679 3840        TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll

13:36:54.0757 3840        TermService - ok

13:36:54.0773 3840        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll

13:36:54.0804 3840        Themes - ok

13:36:54.0835 3840        THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll

13:36:54.0882 3840        THREADORDER - ok

13:36:54.0929 3840        tifsfilter      (3e24b7fe52bc455da8d6e2cc2b4ca23f) C:\Windows\system32\DRIVERS\tifsfilt.sys

13:36:54.0929 3840        tifsfilter - ok

13:36:54.0975 3840        timounter       (ec4fd4d147985a97e881729e808e6f34) C:\Windows\system32\DRIVERS\timntr.sys

13:36:55.0007 3840        timounter - ok

13:36:55.0022 3840        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll

13:36:55.0085 3840        TrkWks - ok

13:36:55.0131 3840        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe

13:36:55.0194 3840        TrustedInstaller - ok

13:36:55.0287 3840        TryAndDecideService (abee0a9ed1e0eb558c60f0881132ae32) C:\Program Files (x86)\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe

13:36:55.0319 3840        TryAndDecideService - ok

13:36:55.0350 3840        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys

13:36:55.0412 3840        tssecsrv - ok

13:36:55.0428 3840        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys

13:36:55.0443 3840        TsUsbFlt - ok

13:36:55.0459 3840        TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys

13:36:55.0475 3840        TsUsbGD - ok

13:36:55.0506 3840        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys

13:36:55.0568 3840        tunnel - ok

13:36:55.0568 3840        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys

13:36:55.0584 3840        uagp35 - ok

13:36:55.0615 3840        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys

13:36:55.0693 3840        udfs - ok

13:36:55.0709 3840        UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe

13:36:55.0740 3840        UI0Detect - ok

13:36:55.0771 3840        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys

13:36:55.0787 3840        uliagpkx - ok

13:36:55.0802 3840        umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys

13:36:55.0818 3840        umbus - ok

13:36:55.0849 3840        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys

13:36:55.0865 3840        UmPass - ok

13:36:56.0083 3840        UNS             (fdf92ec84fecee834fb10a2a0a19bcda) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

13:36:56.0161 3840        UNS - ok

13:36:56.0255 3840        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll

13:36:56.0333 3840        upnphost - ok

13:36:56.0364 3840        usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys

13:36:56.0379 3840        usbccgp - ok

13:36:56.0411 3840        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys

13:36:56.0442 3840        usbcir - ok

13:36:56.0457 3840        usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys

13:36:56.0473 3840        usbehci - ok

13:36:56.0504 3840        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys

13:36:56.0551 3840        usbhub - ok

13:36:56.0567 3840        usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys

13:36:56.0598 3840        usbohci - ok

13:36:56.0613 3840        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys

13:36:56.0660 3840        usbprint - ok

13:36:56.0676 3840        usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys

13:36:56.0691 3840        usbscan - ok

13:36:56.0723 3840        USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS

13:36:56.0754 3840        USBSTOR - ok

13:36:56.0754 3840        usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys

13:36:56.0769 3840        usbuhci - ok

13:36:56.0801 3840        usb_rndisx      (70d05ee263568a742d14e1876df80532) C:\Windows\system32\DRIVERS\usb8023x.sys

13:36:56.0832 3840        usb_rndisx - ok

13:36:56.0847 3840        UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll

13:36:56.0910 3840        UxSms - ok

13:36:56.0925 3840        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe

13:36:56.0941 3840        VaultSvc - ok

13:36:56.0988 3840        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys

13:36:57.0003 3840        vdrvroot - ok

13:36:57.0035 3840        vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe

13:36:57.0113 3840        vds - ok

13:36:57.0175 3840        vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys

13:36:57.0237 3840        vga - ok

13:36:57.0300 3840        VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys

13:36:57.0409 3840        VgaSave - ok

13:36:57.0518 3840        vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys

13:36:57.0549 3840        vhdmp - ok

13:36:57.0643 3840        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys

13:36:57.0674 3840        viaide - ok

13:36:57.0799 3840        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys

13:36:57.0815 3840        volmgr - ok

13:36:57.0955 3840        volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys

13:36:57.0986 3840        volmgrx - ok

13:36:58.0017 3840        volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys

13:36:58.0033 3840        volsnap - ok

13:36:58.0064 3840        vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys

13:36:58.0095 3840        vsmraid - ok

13:36:58.0173 3840        VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe

13:36:58.0283 3840        VSS - ok

13:36:58.0345 3840        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\System32\drivers\vwifibus.sys

13:36:58.0376 3840        vwifibus - ok

13:36:58.0407 3840        W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll

13:36:58.0470 3840        W32Time - ok

13:36:58.0485 3840        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys

13:36:58.0501 3840        WacomPen - ok

13:36:58.0532 3840        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:36:58.0595 3840        WANARP - ok

13:36:58.0595 3840        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys

13:36:58.0641 3840        Wanarpv6 - ok

13:36:58.0719 3840        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe

13:36:58.0782 3840        wbengine - ok

13:36:58.0860 3840        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll

13:36:58.0891 3840        WbioSrvc - ok

13:36:58.0907 3840        wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll

13:36:58.0953 3840        wcncsvc - ok

13:36:58.0969 3840        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll

13:36:59.0000 3840        WcsPlugInService - ok

13:36:59.0031 3840        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys

13:36:59.0047 3840        Wd - ok

13:36:59.0078 3840        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys

13:36:59.0109 3840        Wdf01000 - ok

13:36:59.0141 3840        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:36:59.0172 3840        WdiServiceHost - ok

13:36:59.0172 3840        WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll

13:36:59.0203 3840        WdiSystemHost - ok

13:36:59.0219 3840        WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll

13:36:59.0281 3840        WebClient - ok

13:36:59.0297 3840        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll

13:36:59.0375 3840        Wecsvc - ok

13:36:59.0390 3840        wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll

13:36:59.0437 3840        wercplsupport - ok

13:36:59.0468 3840        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll

13:36:59.0515 3840        WerSvc - ok

13:36:59.0577 3840        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys

13:36:59.0624 3840        WfpLwf - ok

13:36:59.0640 3840        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys

13:36:59.0655 3840        WIMMount - ok

13:36:59.0671 3840        WinDefend - ok

13:36:59.0671 3840        WinHttpAutoProxySvc - ok

13:36:59.0718 3840        Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll

13:36:59.0780 3840        Winmgmt - ok

13:36:59.0874 3840        WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll

13:36:59.0967 3840        WinRM - ok

13:37:00.0092 3840        Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll

13:37:00.0155 3840        Wlansvc - ok

13:37:00.0201 3840        WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys

13:37:00.0217 3840        WmiAcpi - ok

13:37:00.0264 3840        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe

13:37:00.0311 3840        wmiApSrv - ok

13:37:00.0357 3840        WMPNetworkSvc - ok

13:37:00.0373 3840        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll

13:37:00.0389 3840        WPCSvc - ok

13:37:00.0404 3840        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll

13:37:00.0435 3840        WPDBusEnum - ok

13:37:00.0451 3840        ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys

13:37:00.0498 3840        ws2ifsl - ok

13:37:00.0513 3840        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll

13:37:00.0560 3840        wscsvc - ok

13:37:00.0560 3840        WSearch - ok

13:37:00.0669 3840        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll

13:37:00.0763 3840        wuauserv - ok

13:37:00.0841 3840        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys

13:37:00.0888 3840        WudfPf - ok

13:37:00.0919 3840        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys

13:37:00.0981 3840        WUDFRd - ok

13:37:01.0013 3840        wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll

13:37:01.0059 3840        wudfsvc - ok

13:37:01.0075 3840        WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll

13:37:01.0122 3840        WwanSvc - ok

13:37:01.0153 3840        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0

13:37:01.0387 3840        \Device\Harddisk0\DR0 - ok

13:37:01.0387 3840        MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk1\DR1

13:37:01.0465 3840        \Device\Harddisk1\DR1 - ok

13:37:01.0465 3840        Boot (0x1200)   (f4638989264ad1d365ea18868f3a0950) \Device\Harddisk0\DR0\Partition0

13:37:01.0465 3840        \Device\Harddisk0\DR0\Partition0 - ok

13:37:01.0496 3840        Boot (0x1200)   (e0c0c4f4239ad774549fa67f546f59da) \Device\Harddisk0\DR0\Partition1

13:37:01.0496 3840        \Device\Harddisk0\DR0\Partition1 - ok

13:37:01.0512 3840        Boot (0x1200)   (293d7da50a095c728b3f66c9fb91799b) \Device\Harddisk0\DR0\Partition2

13:37:01.0512 3840        \Device\Harddisk0\DR0\Partition2 - ok

13:37:01.0512 3840        Boot (0x1200)   (37a499a0a0aa04b0ff1611abe08286ff) \Device\Harddisk1\DR1\Partition0

13:37:01.0512 3840        \Device\Harddisk1\DR1\Partition0 - ok

13:37:01.0512 3840        ============================================================

13:37:01.0512 3840        Scan finished

13:37:01.0512 3840        ============================================================

13:37:01.0527 2020        Detected object count: 2

13:37:01.0527 2020        Actual detected object count: 2

13:38:30.0182 2020        cbVSCService ( UnsignedFile.Multi.Generic ) - skipped by user

13:38:30.0182 2020        cbVSCService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

13:38:30.0182 2020        HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user

13:38:30.0182 2020        HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

13:42:13.0570 2672        Deinitialize success