Trojaner-Board - White Screen nach Computerstart Windows Vista

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - White Screen nach Computerstart Windows Vista (https://www.trojaner-board.de/125745-white-screen-computerstart-windows-vista.html)

White Screen nach Computerstart Windows Vista

Hallo,

Ich habe seit gestern das Problem das nachdem Computerstart mein Bildschirm einfach Weiß wird und ich nichts machen kann auser durch strg/alt/entf den Computer wieder auszuschalten. Ich habe herausgefunden das wenn die Dienste von Avira und von Hp beim Computerstart deaktiviert sind der White Screen nicht auftritt und ich normal arbeiten kann ...

Ich habe Malewarebytes Anti-Maleware durchlaufen lassen und bekam folgendes Ergebnis :

Malwarebytes Anti-Malware (Test) 1.65.0.1400
www.malwarebytes.org

Datenbank Version: v2012.10.16.04

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Jan :: JAN-PC [Administrator]

Schutz: Aktiviert

16.10.2012 11:23:16
mbam-log-2012-10-16 (11-23-16).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 482340
Laufzeit: 58 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 1
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent) -> Daten: explorer.exe,C:\Users\Jan\AppData\Roaming\msconfig.dat -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Jan\AppData\Local\Temp\b1e1m9uf08glv4ym.exe (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jan\AppData\Roaming\msconfig.dat (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Ist der Virus oder was das auch immer ist somit beseitigt ? kann ich die Avira und Hp Dienste nun wieder sorglos einschalten ? Ich würde mich über eine schnelle Antwort freuen.

Lg Freddy

Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Das heute war mein erster Malewarebytes scann ...

Ich habe nochmal nach dem ersten einen 2. durchlauf gemacht.

1.

Code:

 Malwarebytes Anti-Malware (Test) 1.65.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.10.16.04
 

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Jan :: JAN-PC [Administrator]
 

Schutz: Aktiviert
 

16.10.2012 11:23:16

mbam-log-2012-10-16 (11-23-16).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 482340

Laufzeit: 58 Minute(n), 20 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 1

HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon|shell (Trojan.Agent) -> Daten: explorer.exe,C:\Users\Jan\AppData\Roaming\msconfig.dat -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 2

C:\Users\Jan\AppData\Local\Temp\b1e1m9uf08glv4ym.exe (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.

C:\Users\Jan\AppData\Roaming\msconfig.dat (Backdoor.Bot) -> Erfolgreich gelöscht und in Quarantäne gestellt.
 

(Ende)

Code:

 Malwarebytes Anti-Malware (Test) 1.65.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.10.16.04
 

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Jan :: JAN-PC [Administrator]
 

Schutz: Aktiviert
 

16.10.2012 13:27:21

mbam-log-2012-10-16 (13-27-21).txt
 

Art des Suchlaufs: Quick-Scan

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 221970

Laufzeit: 3 Minute(n), 14 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Ich habe die Dienste von Avira und Hp jetzt immer noch ausgeschaltet, ist der Fehler/Virus/Trojaner nun entfernt worden ? Kann ich die Dienste wieder sorglos einschalten ?

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Hier ist der Log von Eset :

Code:

 ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=95a58276dffb8546a6d84d2ab7ff6c70

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-10-17 12:33:00

# local_time=2012-10-17 02:33:00 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=1792 16777215 100 0 26788659 26788659 0 0

# compatibility_mode=5892 16776573 100 56 88186 187990947 0 0

# compatibility_mode=8192 67108863 100 0 80 80 0 0

# scanned=282395

# found=1

# cleaned=0

# scan_time=10138

C:\Users\Jan\AppData\Local\Temp\main.html        Win32/LockScreen.ALY.Gen trojan (unable to clean)        00000000000000000000000000000000        I

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Inhalt der Textdatei :

Code:

 # AdwCleaner v2.005 - Datei am 17/10/2012 um 17:10:34 erstellt

# Aktualisiert am 14/10/2012 von Xplode

# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)

# Benutzer : Jan - JAN-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Jan\Desktop\adwcleaner.exe

# Option [Suche]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

Ordner Gefunden : C:\ProgramData\Ask

Ordner Gefunden : C:\Users\Jan\AppData\Roaming\OpenCandy
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Schlüssel Gefunden : HKU\S-1-5-21-811366215-729495537-3258659292-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v8.0.1 (de)
 

Profilname : default 

Datei : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0thepgu7.default\prefs.js
 

[OK] Die Datei ist sauber.
 

-\\ Google Chrome v22.0.1229.94
 

Datei : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

-\\ Opera v11.60.1185.0
 

Datei : C:\Users\Jan\AppData\Roaming\Opera\Opera\operaprefs.ini
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R1].txt - [1815 octets] - [17/10/2012 17:07:32]

AdwCleaner[R2].txt - [1873 octets] - [17/10/2012 17:09:37]

AdwCleaner[R3].txt - [1806 octets] - [17/10/2012 17:10:34]
 

########## EOF - C:\AdwCleaner[R3].txt - [1866 octets] ##########

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Nach Löschen und Computer Neustart :

Code:

 # AdwCleaner v2.005 - Datei am 17/10/2012 um 17:25:15 erstellt

# Aktualisiert am 14/10/2012 von Xplode

# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)

# Benutzer : Jan - JAN-PC

# Bootmodus : Normal

# Ausgeführt unter : C:\Users\Jan\Desktop\adwcleaner.exe

# Option [Löschen]
 
 

**** [Dienste] ****
 
 

***** [Dateien / Ordner] *****
 

Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

Gelöscht mit Neustart : C:\ProgramData\Ask

Gelöscht mit Neustart : C:\Users\Jan\AppData\Roaming\OpenCandy
 

***** [Registrierungsdatenbank] *****
 

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
 

***** [Internet Browser] *****
 

-\\ Internet Explorer v9.0.8112.16421
 

[OK] Die Registrierungsdatenbank ist sauber.
 

-\\ Mozilla Firefox v8.0.1 (de)
 

Profilname : default 

Datei : C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0thepgu7.default\prefs.js
 

[OK] Die Datei ist sauber.
 

-\\ Google Chrome v22.0.1229.94
 

Datei : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences
 

[OK] Die Datei ist sauber.
 

-\\ Opera v11.60.1185.0
 

Datei : C:\Users\Jan\AppData\Roaming\Opera\Opera\operaprefs.ini
 

[OK] Die Datei ist sauber.
 

*************************
 

AdwCleaner[R1].txt - [1815 octets] - [17/10/2012 17:07:32]

AdwCleaner[R2].txt - [1873 octets] - [17/10/2012 17:09:37]

AdwCleaner[R3].txt - [1933 octets] - [17/10/2012 17:10:34]

AdwCleaner[R4].txt - [1993 octets] - [17/10/2012 17:13:31]

AdwCleaner[S1].txt - [1780 octets] - [17/10/2012 17:25:15]
 

########## EOF - C:\AdwCleaner[S1].txt - [1840 octets] ##########

Hätte da mal zwei Fragen bevor es weiter geht (wir sind noch nicht fertig!)

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

Der normale Modus von Windows geht wieder ( wenn damit der normale Systemstart gemeint wurde) und im Startmenü ist auch noch alles wie vorher :)

Wie gehts nun weiter ?

Mach bitte einen CustomScan mit OTL . Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

hier steht das Log

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.

Starte bitte die OTL.exe.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Setze oben mittig den Haken bei Scanne alle Benutzer
Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die http://billy-oneal.com/Canned%20Spee.../customFix.png Textbox von OTL - wenn OTL auf deutsch ist wird sie mit http://larusso.trojaner-board.de/Images/otlfix.jpg beschriftet

Code:

netsvcs

msconfig

safebootminimal

safebootnetwork

activex

drivers32

%ALLUSERSPROFILE%\Application Data\*.

%ALLUSERSPROFILE%\Application Data\*.exe /s

%APPDATA%\*.

%APPDATA%\*.exe /s

%SYSTEMDRIVE%\*.exe

/md5start

wininit.exe

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\*. /mp /s

%systemroot%\system32\*.dll /lockedfiles

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Klick auf http://billy-oneal.com/Canned%20Spee.../OTL/btnOK.png.
Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread

OTL Logfile:

Code:

OTL logfile created on: 17.10.2012 20:50:59 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jan\Downloads

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,03 Gb Available Physical Memory | 67,19% Memory free

12,20 Gb Paging File | 9,74 Gb Available in Paging File | 79,80% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 581,74 Gb Total Space | 337,14 Gb Free Space | 57,95% Space Free | Partition Type: NTFS

Drive D: | 14,43 Gb Total Space | 1,83 Gb Free Space | 12,65% Space Free | Partition Type: NTFS

Drive E: | 596,17 Gb Total Space | 511,38 Gb Free Space | 85,78% Space Free | Partition Type: NTFS

 

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.17 20:49:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Downloads\OTL.exe

PRC - [2012.10.05 11:25:44 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.08.08 22:17:02 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.08.04 12:58:20 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.05.12 15:31:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012.05.08 15:39:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2012.05.08 15:39:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.01.17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

PRC - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.08.02 15:36:48 | 002,273,608 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\EXPERTool\TBPANEL.exe

PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2008.10.17 17:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

PRC - [2008.10.17 17:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

PRC - [2008.10.06 14:36:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2008.10.06 14:36:14 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

PRC - [2007.04.18 17:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll

MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll

MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll

MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll

MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll

MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll

MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll

MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll

MOD - [2012.10.05 11:25:43 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2012.10.05 11:25:41 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll

MOD - [2012.10.05 11:25:41 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll

MOD - [2012.10.05 11:25:41 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll

MOD - [2012.10.05 11:25:41 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll

MOD - [2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2008.10.17 17:57:20 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

MOD - [2006.12.10 22:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll

MOD - [2006.12.10 22:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll

MOD - [1998.10.31 10:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\EXPERTool\TBManage.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - [2012.10.05 11:25:44 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.05.12 15:31:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012.05.08 15:39:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.08 15:39:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.12.12 04:20:08 | 000,095,896 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe -- (SandraAgentSrv)

SRV - [2008.10.06 14:36:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)

SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.05.08 15:39:44 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)

DRV:64bit: - [2012.05.08 15:39:44 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.12.09 13:40:20 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.05.10 11:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011.03.28 11:52:52 | 000,053,840 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\uimx64.sys -- (UimBus)

DRV:64bit: - [2011.03.28 11:52:50 | 000,528,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Uim_IMx64.sys -- (Uim_IM)

DRV:64bit: - [2011.03.28 11:52:48 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hotcore3.sys -- (hotcore3)

DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)

DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008.12.04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)

DRV:64bit: - [2008.08.06 18:26:08 | 000,174,592 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)

DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\sandra.sys -- (SANDRA)

DRV - [2008.09.26 03:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE:64bit: - HKLM\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE:64bit: - HKLM\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE - HKLM\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE - HKLM\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\..\SearchScopes,DefaultScope = 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.12 10:57:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.29 07:59:24 | 000,000,000 | ---D | M]

 

[2011.12.12 10:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions

[2012.10.17 11:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions

[2012.10.17 11:28:24 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2012.06.14 17:48:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.05.12 15:57:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.11.21 06:30:13 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.11.21 03:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.11.21 03:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.11.21 03:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.11.21 03:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.11.21 03:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.11.21 03:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: hxxp://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.22 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Jan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Turn Off the Lights = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.12_0\

CHR - Extension: WOT = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.5_0\

CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Speed Dial = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.1_0\

CHR - Extension: AdBlock = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\

CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\

CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft)

O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [Spotify Web Helper] C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-21-811366215-729495537-3258659292-1004\..Trusted Ranges: Range1 ([http] in )

O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1C5A335-DCBA-4FAC-9CCF-1B38BC2D44C7}: NameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\##fritz.box#SanDisk-CruzerMicro-01\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

 

MsConfig:64bit - State: "services" - Reg Error: Key error.

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: WudfPf - Driver

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

System Restore Service not available.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.16 11:21:59 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2012.10.16 11:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.16 11:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.16 11:21:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.10.16 11:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.15 11:44:14 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012.10.03 20:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2012.10.03 20:50:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2012.09.30 20:17:05 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\Arbeit

[2012.09.30 00:34:59 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Template

[2012.09.28 18:55:48 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Spotify

[2012.09.28 18:55:33 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spotify

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.17 20:55:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.17 20:55:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.17 20:52:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.17 20:52:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.17 20:24:59 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000UA.job

[2012.10.17 18:53:55 | 000,016,504 | ---- | M] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat

[2012.10.17 18:52:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.17 17:07:23 | 000,538,941 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.17 16:25:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000Core.job

[2012.10.16 11:21:30 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.16 11:07:18 | 000,000,047 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\msconfig.ini

[2012.10.12 16:27:00 | 000,002,034 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk

[2012.10.06 23:53:41 | 001,341,859 | ---- | M] () -- C:\Users\Jan\AppData\Local\Tempmusic.ogg

[2012.09.30 21:29:03 | 000,000,696 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\wklnhst.dat

[2012.09.28 19:01:38 | 000,001,703 | ---- | M] () -- C:\Users\Jan\Desktop\Spotify.lnk

[2012.09.27 19:19:15 | 000,021,126 | ---- | M] () -- C:\Users\Jan\Documents\Praktikumsbericht.odt

[2012.09.19 17:44:50 | 000,005,632 | ---- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== Files Created - No Company Name ==========

 

[2012.10.17 17:07:22 | 000,538,941 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.16 11:21:30 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.15 12:56:55 | 000,002,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2012.10.15 12:56:55 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.10.15 11:02:32 | 000,000,047 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\msconfig.ini

[2012.10.05 20:04:04 | 001,341,859 | ---- | C] () -- C:\Users\Jan\AppData\Local\Tempmusic.ogg

[2012.10.03 20:50:47 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.03 20:50:47 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.09.30 00:34:59 | 000,000,696 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\wklnhst.dat

[2012.09.28 18:55:47 | 000,001,703 | ---- | C] () -- C:\Users\Jan\Desktop\Spotify.lnk

[2012.09.28 18:55:47 | 000,001,689 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

[2012.09.27 19:00:13 | 000,021,126 | ---- | C] () -- C:\Users\Jan\Documents\Praktikumsbericht.odt

[2012.05.25 13:06:51 | 000,005,632 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.05.12 13:18:23 | 000,000,552 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d8caps.dat

[2012.05.12 13:16:52 | 000,000,732 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps64.dat

[2012.01.15 16:21:23 | 000,163,350 | ---- | C] () -- C:\Windows\hpwins18.dat.temp

[2012.01.15 16:21:23 | 000,001,198 | ---- | C] () -- C:\Windows\hpwmdl18.dat.temp

[2012.01.15 16:19:43 | 000,111,544 | ---- | C] () -- C:\Windows\hpqins07.dat

[2012.01.15 16:06:06 | 000,162,843 | ---- | C] () -- C:\Windows\hpwins18.dat

[2012.01.15 16:05:25 | 000,011,418 | ---- | C] () -- C:\Windows\hpwscr18.dat

[2012.01.15 16:05:25 | 000,001,198 | ---- | C] () -- C:\Windows\hpwmdl18.dat

[2012.01.12 14:56:45 | 000,016,504 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat

[2011.12.27 17:25:20 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.12.27 17:25:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.12.22 20:10:59 | 011,296,768 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Sandra.mdb

[2011.12.19 20:35:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.12.12 11:34:16 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.001

[2011.12.12 11:33:50 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2011.12.12 10:41:39 | 000,000,091 | ---- | C] () -- C:\Users\Jan\AppData\Local\fusioncache.dat

[2011.12.12 10:24:59 | 001,568,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.12.12 09:25:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2011.12.12 09:24:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin

[2011.12.12 09:24:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011.08.11 04:06:32 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini

 
 ========== ZeroAccess Check ==========

 

[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.07.12 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft

[2012.08.23 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft

[2012.06.14 17:48:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.09.29 09:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Image Zone Express

[2012.02.11 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Leadertech

[2011.12.14 16:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient

[2012.06.16 12:42:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient2

[2012.03.04 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LOVE

[2012.01.07 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Might & Magic Heroes VI

[2011.12.12 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenOffice.org

[2011.12.12 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera

[2011.12.27 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin

[2012.01.15 16:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Printer Info Cache

[2012.03.09 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\RotMG.Production

[2011.12.25 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\smc

[2012.01.29 16:48:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SPORE Creature Creator

[2012.10.17 20:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spotify

[2012.09.30 00:34:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Template

[2012.02.14 00:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client

[2012.08.23 13:16:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TuneUpMedia

[2012.01.29 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WildTangent

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.07.12 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft

[2011.12.12 11:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Adobe

[2012.04.06 00:05:08 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Apple Computer

[2011.12.12 11:31:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Avira

[2012.08.23 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft

[2012.06.14 17:48:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.12.11 23:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Hewlett-Packard

[2012.01.15 16:22:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\HP

[2011.12.11 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\HP TCS

[2011.12.11 23:06:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Identities

[2012.09.29 09:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Image Zone Express

[2011.12.11 23:01:55 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\InstallShield

[2012.02.11 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Leadertech

[2012.02.11 22:27:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Logishrd

[2012.02.11 22:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Logitech

[2011.12.14 16:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient

[2012.06.16 12:42:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient2

[2012.03.04 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LOVE

[2011.12.12 09:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Macromedia

[2012.10.16 11:21:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Media Center Programs

[2012.09.30 00:34:58 | 000,000,000 | --SD | M] -- C:\Users\Jan\AppData\Roaming\Microsoft

[2012.01.07 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Might & Magic Heroes VI

[2012.08.23 13:16:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla

[2012.03.04 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\NVIDIA

[2011.12.12 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenOffice.org

[2011.12.12 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera

[2011.12.27 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin

[2012.01.15 16:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Printer Info Cache

[2012.03.09 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\RotMG.Production

[2011.12.25 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\smc

[2012.01.29 16:48:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SPORE Creature Creator

[2012.10.17 20:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spotify

[2012.09.30 00:34:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Template

[2012.02.14 00:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client

[2012.08.23 13:16:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TuneUpMedia

[2012.01.29 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WildTangent

[2012.08.01 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinRAR

 
 < %APPDATA%\*.exe /s >

[2012.02.11 22:28:35 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2011.12.14 15:36:03 | 000,802,816 | ---- | M] (Acresso Software Inc.                                        ) -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LeagueOfLegends\setup.exe

[2012.09.28 19:01:37 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\Jan\AppData\Roaming\Spotify\spotify.exe

[2012.09.28 19:01:37 | 000,114,904 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\SpotifyLauncher.exe

[2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\SysNative\drivers\atapi.sys

[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys

[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll

[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll

 
 < MD5 for: IASTOR.SYS  >

[2008.12.04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Windows\SysNative\drivers\iaStor.sys

[2008.10.06 14:03:22 | 000,327,704 | ---- | M] (Intel Corporation) MD5=9FD8B9BBD067B0FCAABBEA166A794A4B -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2008.10.06 15:18:02 | 000,405,528 | ---- | M] (Intel Corporation) MD5=E411B4D01DE654CF1A4F8BCA28FA5076 -- C:\hp\DRIVERS\Intel_Storage\IaStor.sys

[2008.10.06 14:18:02 | 000,405,528 | ---- | M] (Intel Corporation) MD5=E411B4D01DE654CF1A4F8BCA28FA5076 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll

[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll

[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll

[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys

[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll

[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll

[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll

[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll

[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll

[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll

[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll

[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe

[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe

[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe

[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe

[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe

[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe

[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

 
 <           >

[2006.11.02 17:42:03 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2006.11.02 17:42:03 | 000,032,510 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011.12.12 11:00:13 | 000,001,060 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000Core.job

[2011.12.12 11:00:13 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000UA.job

[2012.10.03 20:50:47 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2012.10.03 20:50:47 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 

< End of report >

--- --- ---

OTL Logfile:

Code:

OTL logfile created on: 17.10.2012 20:50:59 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jan\Downloads

64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

6,00 Gb Total Physical Memory | 4,03 Gb Available Physical Memory | 67,19% Memory free

12,20 Gb Paging File | 9,74 Gb Available in Paging File | 79,80% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 581,74 Gb Total Space | 337,14 Gb Free Space | 57,95% Space Free | Partition Type: NTFS

Drive D: | 14,43 Gb Total Space | 1,83 Gb Free Space | 12,65% Space Free | Partition Type: NTFS

Drive E: | 596,17 Gb Total Space | 511,38 Gb Free Space | 85,78% Space Free | Partition Type: NTFS

 

Computer Name: JAN-PC | User Name: Jan | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.10.17 20:49:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jan\Downloads\OTL.exe

PRC - [2012.10.05 11:25:44 | 000,529,744 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe

PRC - [2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

PRC - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2012.08.08 22:17:02 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

PRC - [2012.08.04 12:58:20 | 001,353,080 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe

PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.05.12 15:31:09 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012.05.08 15:39:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

PRC - [2012.05.08 15:39:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

PRC - [2012.01.17 11:07:58 | 000,505,736 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

PRC - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

PRC - [2011.08.02 15:36:48 | 002,273,608 | ---- | M] (Gainward Co.) -- C:\Program Files (x86)\EXPERTool\TBPANEL.exe

PRC - [2010.01.15 14:49:20 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe

PRC - [2008.10.17 17:57:18 | 000,189,736 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

PRC - [2008.10.17 17:56:54 | 001,152,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe

PRC - [2008.10.06 14:36:16 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

PRC - [2008.10.06 14:36:14 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

PRC - [2008.09.26 03:36:40 | 001,148,200 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

PRC - [2007.04.18 17:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.10.10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll

MOD - [2012.10.10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll

MOD - [2012.10.10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll

MOD - [2012.10.10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll

MOD - [2012.10.10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll

MOD - [2012.10.10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll

MOD - [2012.10.10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll

MOD - [2012.10.10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll

MOD - [2012.10.05 11:25:43 | 020,317,008 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll

MOD - [2012.10.05 11:25:41 | 001,099,616 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll

MOD - [2012.10.05 11:25:41 | 000,902,480 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.dll

MOD - [2012.10.05 11:25:41 | 000,190,816 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll

MOD - [2012.10.05 11:25:41 | 000,123,232 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll

MOD - [2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

MOD - [2011.11.02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.11.02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2008.10.17 17:57:20 | 000,881,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMediaLibrary.dll

MOD - [2006.12.10 22:51:08 | 000,077,824 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmltok.dll

MOD - [2006.12.10 22:51:08 | 000,065,536 | R--- | M] () -- C:\Program Files (x86)\HP\Digital Imaging\bin\crm\xmlparse.dll

MOD - [1998.10.31 10:55:56 | 000,005,120 | ---- | M] () -- C:\Program Files (x86)\EXPERTool\TBManage.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - [2012.10.05 11:25:44 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.09.07 17:04:46 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2012.09.07 17:04:46 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.05.12 15:31:09 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012.05.08 15:39:44 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.05.08 15:39:43 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2011.10.15 10:53:00 | 002,253,120 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)

SRV - [2011.09.27 21:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)

SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.01.15 14:49:20 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe -- (McComponentHostService)

SRV - [2009.03.30 06:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008.12.12 04:20:08 | 000,095,896 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe -- (SandraAgentSrv)

SRV - [2008.10.06 14:36:16 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)

SRV - [2008.02.03 13:00:00 | 000,129,992 | ---- | M] (EasyBits Sofware AS) [Auto | Running] -- C:\Windows\SysWOW64\ezsvc7.dll -- (ezSharedSvc)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.09.07 17:04:46 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)

DRV:64bit: - [2012.05.08 15:39:44 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avipbb.sys -- (avipbb)

DRV:64bit: - [2012.05.08 15:39:44 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\DRIVERS\avgntflt.sys -- (avgntflt)

DRV:64bit: - [2012.02.29 15:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011.12.09 13:40:20 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\avkmgr.sys -- (avkmgr)

DRV:64bit: - [2011.09.02 08:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LMouFilt.Sys -- (LMouFilt)

DRV:64bit: - [2011.09.02 08:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\LHidFilt.Sys -- (LHidFilt)

DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011.05.10 11:41:27 | 000,174,184 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2011.03.28 11:52:52 | 000,053,840 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\DRIVERS\uimx64.sys -- (UimBus)

DRV:64bit: - [2011.03.28 11:52:50 | 000,528,464 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Uim_IMx64.sys -- (Uim_IM)

DRV:64bit: - [2011.03.28 11:52:48 | 000,037,456 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\hotcore3.sys -- (hotcore3)

DRV:64bit: - [2009.10.01 02:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)

DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2008.12.04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)

DRV:64bit: - [2008.08.06 18:26:08 | 000,174,592 | ---- | M] (Realtek Corporation                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)

DRV - [2009.08.07 23:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\sandra.sys -- (SANDRA)

DRV - [2008.09.26 03:36:34 | 000,027,632 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl -- ({55662437-DA8C-40c0-AADA-2C816A897A49})

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 

IE:64bit: - HKLM\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE:64bit: - HKLM\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE:64bit: - HKLM\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKLM\..\SearchScopes,DefaultScope = 

IE - HKLM\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE - HKLM\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE - HKLM\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

 

 

IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 

 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes,DefaultScope = 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{18413396-D8E1-4A1B-9CC2-CA7008EB3424}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{B366DC19-3350-43E2-BB71-A2159F3B9E78}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..\SearchScopes\{E0082DCB-3733-4F68-9875-CA7CA0E78A2E}: "URL" = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

IE - HKU\S-1-5-21-811366215-729495537-3258659292-1004\..\SearchScopes,DefaultScope = 

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "about:home"

FF - prefs.js..extensions.enabledAddons: {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}:20120827

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jan\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2011.12.12 10:57:13 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.08.29 07:59:24 | 000,000,000 | ---D | M]

 

[2011.12.12 10:57:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Extensions

[2012.10.17 11:28:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions

[2012.10.17 11:28:24 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

[2012.06.14 17:48:46 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jan\AppData\Roaming\mozilla\Firefox\Profiles\0thepgu7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2012.05.12 15:57:14 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2011.11.21 06:30:13 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2011.11.21 03:17:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2011.11.21 03:09:48 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2011.11.21 03:17:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2011.11.21 03:17:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2011.11.21 03:17:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2011.11.21 03:17:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 
 ========== Chrome  ==========

 

CHR - homepage: hxxp://www.google.com/

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}

CHR - homepage: hxxp://www.google.com/

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Jan\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll

CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll

CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll

CHR - plugin: Java Deployment Toolkit 7.0.40.22 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll

CHR - plugin: Java(TM) Platform SE 7 U4 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Jan\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

CHR - Extension: Turn Off the Lights = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.12_0\

CHR - Extension: WOT = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.5_0\

CHR - Extension: YouTube = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google-Suche = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: Speed Dial = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.5.1_0\

CHR - Extension: AdBlock = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\

CHR - Extension: DVDVideoSoft Browser Extension = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.0_0\

CHR - Extension: Google Mail = C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

 

O1 HOSTS File: ([2006.09.18 23:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts

O1 - Hosts: 127.0.0.1       localhost

O1 - Hosts: ::1             localhost

O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)

O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)

O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [SmartMenu] C:\Programme\Hewlett-Packard\HP MediaSmart\SmartMenu.exe (Hewlett-Packard)

O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [CLMLServer for HP TouchSmart] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [DVDAgent] c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)

O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)

O4 - HKLM..\Run: [KBD] C:\Program Files (x86)\Hewlett-Packard\KBD\KbdStub.EXE (Microsoft)

O4 - HKLM..\Run: [TSMAgent] c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdateP2GoShortCut] c:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePDIRShortCut] c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKLM..\Run: [UpdatePSTShortCut] c:\Program Files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)

O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [GAINWARD] C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [Spotify Web Helper] C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1000..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe File not found

O4 - HKU\S-1-5-21-811366215-729495537-3258659292-1004..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKU\.DEFAULT\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-18\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-21-811366215-729495537-3258659292-1000\..Trusted Ranges: Range1 ([http] in Local intranet)

O15 - HKU\S-1-5-21-811366215-729495537-3258659292-1004\..Trusted Ranges: Range1 ([http] in )

O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B1C5A335-DCBA-4FAC-9CCF-1B38BC2D44C7}: NameServer = 192.168.178.1

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg

O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\##fritz.box#SanDisk-CruzerMicro-01\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNdLl32.ExE  .\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx,ahaezedrn

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

 

NetSvcs: ezSharedSvc - C:\Windows\SysWOW64\ezsvc7.dll (EasyBits Sofware AS)

 

MsConfig:64bit - State: "services" - Reg Error: Key error.

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

SafeBootMin:64bit: AppMgmt - Service

SafeBootMin:64bit: Base - Driver Group

SafeBootMin:64bit: Boot Bus Extender - Driver Group

SafeBootMin:64bit: Boot file system - Driver Group

SafeBootMin:64bit: File system - Driver Group

SafeBootMin:64bit: Filter - Driver Group

SafeBootMin:64bit: HelpSvc - Service

SafeBootMin:64bit: PCI Configuration - Driver Group

SafeBootMin:64bit: PNP Filter - Driver Group

SafeBootMin:64bit: Primary disk - Driver Group

SafeBootMin:64bit: sacsvr - Service

SafeBootMin:64bit: SCSI Class - Driver Group

SafeBootMin:64bit: System Bus Extender - Driver Group

SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootMin: AppMgmt - Service

SafeBootMin: Base - Driver Group

SafeBootMin: Boot Bus Extender - Driver Group

SafeBootMin: Boot file system - Driver Group

SafeBootMin: File system - Driver Group

SafeBootMin: Filter - Driver Group

SafeBootMin: HelpSvc - Service

SafeBootMin: PCI Configuration - Driver Group

SafeBootMin: PNP Filter - Driver Group

SafeBootMin: Primary disk - Driver Group

SafeBootMin: sacsvr - Service

SafeBootMin: SCSI Class - Driver Group

SafeBootMin: System Bus Extender - Driver Group

SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

SafeBootNet:64bit: AppMgmt - Service

SafeBootNet:64bit: Base - Driver Group

SafeBootNet:64bit: Boot Bus Extender - Driver Group

SafeBootNet:64bit: Boot file system - Driver Group

SafeBootNet:64bit: File system - Driver Group

SafeBootNet:64bit: Filter - Driver Group

SafeBootNet:64bit: HelpSvc - Service

SafeBootNet:64bit: Messenger - Service

SafeBootNet:64bit: NDIS Wrapper - Driver Group

SafeBootNet:64bit: NetBIOSGroup - Driver Group

SafeBootNet:64bit: NetDDEGroup - Driver Group

SafeBootNet:64bit: Network - Driver Group

SafeBootNet:64bit: NetworkProvider - Driver Group

SafeBootNet:64bit: PCI Configuration - Driver Group

SafeBootNet:64bit: PNP Filter - Driver Group

SafeBootNet:64bit: PNP_TDI - Driver Group

SafeBootNet:64bit: Primary disk - Driver Group

SafeBootNet:64bit: rdsessmgr - Service

SafeBootNet:64bit: sacsvr - Service

SafeBootNet:64bit: SCSI Class - Driver Group

SafeBootNet:64bit: Streams Drivers - Driver Group

SafeBootNet:64bit: System Bus Extender - Driver Group

SafeBootNet:64bit: TDI - Driver Group

SafeBootNet:64bit: WudfPf - Driver

SafeBootNet:64bit: WudfUsbccidDriver - Driver

SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: AppMgmt - Service

SafeBootNet: Base - Driver Group

SafeBootNet: Boot Bus Extender - Driver Group

SafeBootNet: Boot file system - Driver Group

SafeBootNet: File system - Driver Group

SafeBootNet: Filter - Driver Group

SafeBootNet: HelpSvc - Service

SafeBootNet: Messenger - Service

SafeBootNet: NDIS Wrapper - Driver Group

SafeBootNet: NetBIOSGroup - Driver Group

SafeBootNet: NetDDEGroup - Driver Group

SafeBootNet: Network - Driver Group

SafeBootNet: NetworkProvider - Driver Group

SafeBootNet: PCI Configuration - Driver Group

SafeBootNet: PNP Filter - Driver Group

SafeBootNet: PNP_TDI - Driver Group

SafeBootNet: Primary disk - Driver Group

SafeBootNet: rdsessmgr - Service

SafeBootNet: sacsvr - Service

SafeBootNet: SCSI Class - Driver Group

SafeBootNet: Streams Drivers - Driver Group

SafeBootNet: System Bus Extender - Driver Group

SafeBootNet: TDI - Driver Group

SafeBootNet: WudfPf - Driver

SafeBootNet: WudfUsbccidDriver - Driver

SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers

SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive

SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive

SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller

SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc

SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard

SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse

SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net

SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient

SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService

SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans

SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters

SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter

SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System

SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive

SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers

SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy

SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers

SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume

SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices

SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices

SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

 

ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {0213C6AF-5562-4D09-884C-2ADCFC8C2F35} - Microsoft .NET Framework 1.1 Security Update (KB2656353)

ActiveX: {1897C549-AE52-4571-8996-44854F5612B2} - Microsoft .NET Framework 1.1 Security Update (KB2656370)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework

ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E78BFA60-5393-4C38-82AB-E8019E464EB4} - .NET Framework

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)

Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)

 

CREATERESTOREPOINT

System Restore Service not available.

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.10.16 11:21:59 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2012.10.16 11:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2012.10.16 11:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes

[2012.10.16 11:21:29 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2012.10.16 11:21:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2012.10.15 11:44:14 | 000,000,000 | ---D | C] -- C:\Windows\pss

[2012.10.03 20:51:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

[2012.10.03 20:50:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2012.09.30 20:17:05 | 000,000,000 | ---D | C] -- C:\Users\Jan\Desktop\Arbeit

[2012.09.30 00:34:59 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Template

[2012.09.28 18:55:48 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Local\Spotify

[2012.09.28 18:55:33 | 000,000,000 | ---D | C] -- C:\Users\Jan\AppData\Roaming\Spotify

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.10.17 20:55:00 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.17 20:55:00 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.10.17 20:52:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

[2012.10.17 20:52:15 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

[2012.10.17 20:24:59 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000UA.job

[2012.10.17 18:53:55 | 000,016,504 | ---- | M] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat

[2012.10.17 18:52:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.10.17 17:07:23 | 000,538,941 | ---- | M] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.17 16:25:00 | 000,001,060 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000Core.job

[2012.10.16 11:21:30 | 000,000,950 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.16 11:07:18 | 000,000,047 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\msconfig.ini

[2012.10.12 16:27:00 | 000,002,034 | ---- | M] () -- C:\Users\Jan\Desktop\Google Chrome.lnk

[2012.10.06 23:53:41 | 001,341,859 | ---- | M] () -- C:\Users\Jan\AppData\Local\Tempmusic.ogg

[2012.09.30 21:29:03 | 000,000,696 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\wklnhst.dat

[2012.09.28 19:01:38 | 000,001,703 | ---- | M] () -- C:\Users\Jan\Desktop\Spotify.lnk

[2012.09.27 19:19:15 | 000,021,126 | ---- | M] () -- C:\Users\Jan\Documents\Praktikumsbericht.odt

[2012.09.19 17:44:50 | 000,005,632 | ---- | M] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

 
 ========== Files Created - No Company Name ==========

 

[2012.10.17 17:07:22 | 000,538,941 | ---- | C] () -- C:\Users\Jan\Desktop\adwcleaner.exe

[2012.10.16 11:21:30 | 000,000,950 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2012.10.15 12:56:55 | 000,002,004 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

[2012.10.15 12:56:55 | 000,001,771 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

[2012.10.15 11:02:32 | 000,000,047 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\msconfig.ini

[2012.10.05 20:04:04 | 001,341,859 | ---- | C] () -- C:\Users\Jan\AppData\Local\Tempmusic.ogg

[2012.10.03 20:50:47 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.10.03 20:50:47 | 000,001,100 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.09.30 00:34:59 | 000,000,696 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\wklnhst.dat

[2012.09.28 18:55:47 | 000,001,703 | ---- | C] () -- C:\Users\Jan\Desktop\Spotify.lnk

[2012.09.28 18:55:47 | 000,001,689 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

[2012.09.27 19:00:13 | 000,021,126 | ---- | C] () -- C:\Users\Jan\Documents\Praktikumsbericht.odt

[2012.05.25 13:06:51 | 000,005,632 | ---- | C] () -- C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.05.12 13:18:23 | 000,000,552 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d8caps.dat

[2012.05.12 13:16:52 | 000,000,732 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps64.dat

[2012.01.15 16:21:23 | 000,163,350 | ---- | C] () -- C:\Windows\hpwins18.dat.temp

[2012.01.15 16:21:23 | 000,001,198 | ---- | C] () -- C:\Windows\hpwmdl18.dat.temp

[2012.01.15 16:19:43 | 000,111,544 | ---- | C] () -- C:\Windows\hpqins07.dat

[2012.01.15 16:06:06 | 000,162,843 | ---- | C] () -- C:\Windows\hpwins18.dat

[2012.01.15 16:05:25 | 000,011,418 | ---- | C] () -- C:\Windows\hpwscr18.dat

[2012.01.15 16:05:25 | 000,001,198 | ---- | C] () -- C:\Windows\hpwmdl18.dat

[2012.01.12 14:56:45 | 000,016,504 | ---- | C] () -- C:\Users\Jan\AppData\Local\d3d9caps.dat

[2011.12.27 17:25:20 | 000,283,304 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.12.27 17:25:19 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.12.22 20:10:59 | 011,296,768 | ---- | C] () -- C:\Users\Jan\AppData\Roaming\Sandra.mdb

[2011.12.19 20:35:58 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

[2011.12.12 11:34:16 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.001

[2011.12.12 11:33:50 | 000,034,705 | ---- | C] () -- C:\ProgramData\nvModes.dat

[2011.12.12 10:41:39 | 000,000,091 | ---- | C] () -- C:\Users\Jan\AppData\Local\fusioncache.dat

[2011.12.12 10:24:59 | 001,568,022 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.12.12 09:25:07 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll

[2011.12.12 09:24:32 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin

[2011.12.12 09:24:03 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll

[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2011.08.11 04:06:32 | 000,007,764 | ---- | C] () -- C:\Windows\cadx2.ini

 
 ========== ZeroAccess Check ==========

 

[2006.11.02 17:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 19:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 19:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 09:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 08:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 04:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.07.12 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft

[2012.08.23 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft

[2012.06.14 17:48:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.09.29 09:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Image Zone Express

[2012.02.11 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Leadertech

[2011.12.14 16:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient

[2012.06.16 12:42:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient2

[2012.03.04 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LOVE

[2012.01.07 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Might & Magic Heroes VI

[2011.12.12 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenOffice.org

[2011.12.12 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera

[2011.12.27 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin

[2012.01.15 16:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Printer Info Cache

[2012.03.09 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\RotMG.Production

[2011.12.25 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\smc

[2012.01.29 16:48:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SPORE Creature Creator

[2012.10.17 20:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spotify

[2012.09.30 00:34:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Template

[2012.02.14 00:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client

[2012.08.23 13:16:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TuneUpMedia

[2012.01.29 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WildTangent

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %ALLUSERSPROFILE%\Application Data\*. >

 
 < %ALLUSERSPROFILE%\Application Data\*.exe /s >

 
 < %APPDATA%\*. >

[2012.07.12 12:24:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\.minecraft

[2011.12.12 11:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Adobe

[2012.04.06 00:05:08 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Apple Computer

[2011.12.12 11:31:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Avira

[2012.08.23 11:46:49 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoft

[2012.06.14 17:48:43 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers

[2011.12.11 23:10:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Hewlett-Packard

[2012.01.15 16:22:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\HP

[2011.12.11 23:03:09 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\HP TCS

[2011.12.11 23:06:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Identities

[2012.09.29 09:49:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Image Zone Express

[2011.12.11 23:01:55 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\InstallShield

[2012.02.11 22:28:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Leadertech

[2012.02.11 22:27:24 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Logishrd

[2012.02.11 22:28:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Logitech

[2011.12.14 16:11:05 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient

[2012.06.16 12:42:19 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LolClient2

[2012.03.04 18:12:11 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\LOVE

[2011.12.12 09:00:15 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Macromedia

[2012.10.16 11:21:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Malwarebytes

[2006.11.02 17:07:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Media Center Programs

[2012.09.30 00:34:58 | 000,000,000 | --SD | M] -- C:\Users\Jan\AppData\Roaming\Microsoft

[2012.01.07 23:14:36 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Might & Magic Heroes VI

[2012.08.23 13:16:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Mozilla

[2012.03.04 18:12:12 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\NVIDIA

[2011.12.12 11:11:28 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\OpenOffice.org

[2011.12.12 10:59:14 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Opera

[2011.12.27 16:53:45 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Origin

[2012.01.15 16:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Printer Info Cache

[2012.03.09 18:34:53 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\RotMG.Production

[2011.12.25 21:01:41 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\smc

[2012.01.29 16:48:22 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\SPORE Creature Creator

[2012.10.17 20:05:31 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Spotify

[2012.09.30 00:34:59 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\Template

[2012.02.14 00:01:25 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TS3Client

[2012.08.23 13:16:32 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\TuneUpMedia

[2012.01.29 16:46:52 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WildTangent

[2012.08.01 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\Jan\AppData\Roaming\WinRAR

 
 < %APPDATA%\*.exe /s >

[2012.02.11 22:28:35 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\Jan\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

[2011.12.14 15:36:03 | 000,802,816 | ---- | M] (Acresso Software Inc.                                        ) -- C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LeagueOfLegends\setup.exe

[2012.09.28 19:01:37 | 005,576,408 | ---- | M] (Spotify Ltd) -- C:\Users\Jan\AppData\Roaming\Spotify\spotify.exe

[2012.09.28 19:01:37 | 000,114,904 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\SpotifyLauncher.exe

[2012.09.28 19:01:37 | 001,193,176 | ---- | M] () -- C:\Users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

 
 < %SYSTEMDRIVE%\*.exe >

 
 < MD5 for: AGP440.SYS  >

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\SysNative\drivers\AGP440.sys

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6001.18000_none_163188bf770e4ab0\AGP440.sys

[2008.01.21 04:46:51 | 000,064,568 | ---- | M] (Microsoft Corporation) MD5=F6F6793B7F17B550ECFDBD3B229173F7 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.0.6002.18005_none_181d01cb743015fc\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\SysNative\drivers\atapi.sys

[2008.01.21 04:46:50 | 000,022,584 | ---- | M] (Microsoft Corporation) MD5=1898FAE8E07D97F2F6C2D5326C633FAC -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6001.18000_none_3956c39dd9e73fd2\atapi.sys

[2009.04.11 09:15:00 | 000,020,952 | ---- | M] (Microsoft Corporation) MD5=E68D9B3A3905619732F7FE039466A623 -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.0.6002.18005_none_3b423ca9d7090b1e\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\SysNative\cngaudit.dll

[2006.11.02 13:16:48 | 000,014,848 | ---- | M] (Microsoft Corporation) MD5=21322B1A2AD337C579F4A65EA0D25193 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_424bc4aceb06de1c\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\SysWOW64\cngaudit.dll

[2006.11.02 11:46:03 | 000,011,776 | ---- | M] (Microsoft Corporation) MD5=7F15B4953378C8B5161D65C26D5FED4D -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.0.6000.16386_none_e62d292932a96ce6\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2007.05.17 22:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\Cyberlink\PowerDirector\EventLog.dll

 
 < MD5 for: IASTOR.SYS  >

[2008.12.04 21:48:52 | 000,407,064 | ---- | M] (Intel Corporation) MD5=8EACF469269FB1509561961A3188F670 -- C:\Windows\SysNative\drivers\iaStor.sys

[2008.10.06 14:03:22 | 000,327,704 | ---- | M] (Intel Corporation) MD5=9FD8B9BBD067B0FCAABBEA166A794A4B -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver\IaStor.sys

[2008.10.06 15:18:02 | 000,405,528 | ---- | M] (Intel Corporation) MD5=E411B4D01DE654CF1A4F8BCA28FA5076 -- C:\hp\DRIVERS\Intel_Storage\IaStor.sys

[2008.10.06 14:18:02 | 000,405,528 | ---- | M] (Intel Corporation) MD5=E411B4D01DE654CF1A4F8BCA28FA5076 -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2008.01.21 04:46:59 | 000,290,872 | ---- | M] (Intel Corporation) MD5=3E3BF3627D886736D0B4E90054F929F6 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.0.6001.18000_none_0b2fedfc40256bc5\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2008.01.21 04:51:03 | 000,716,800 | ---- | M] (Microsoft Corporation) MD5=5D0A4891F8CD0E9E64FF57A6A34044F5 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_59d652c6f057598d\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\SysWOW64\netlogon.dll

[2009.04.11 08:28:23 | 000,592,896 | ---- | M] (Microsoft Corporation) MD5=95DAECF0FB120A7B5DA679CC54E37DDE -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_6616762521d9e6d4\netlogon.dll

[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\SysNative\netlogon.dll

[2009.04.11 09:11:16 | 000,717,312 | ---- | M] (Microsoft Corporation) MD5=A3F1B171702CA04744EE514243B45BFB -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6002.18005_none_5bc1cbd2ed7924d9\netlogon.dll

[2008.01.21 04:48:28 | 000,592,384 | ---- | M] (Microsoft Corporation) MD5=A8EFC0B6E75B789F7FD3BA5025D4E37F -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.0.6001.18000_none_642afd1924b81b88\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\SysNative\drivers\nvstor.sys

[2008.01.21 04:46:54 | 000,054,328 | ---- | M] (NVIDIA Corporation) MD5=F7EA0FE82842D05EDA3EFDD376DBFDBA -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.0.6001.18000_none_95f95eab775c159d\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2008.01.21 04:50:28 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=28B84EB538F7E8A0FE8B9299D591E0B9 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_9e812831c5d9a243\scecli.dll

[2008.01.21 04:49:49 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=35F1DD99F9903BC267C2AF16B09F9BF7 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6001.18000_none_942c7ddf9178e048\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\SysWOW64\scecli.dll

[2009.04.11 08:28:24 | 000,177,152 | ---- | M] (Microsoft Corporation) MD5=8FC182167381E9915651267044105EE1 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_a06ca13dc2fb6d8f\scecli.dll

[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\SysNative\scecli.dll

[2009.04.11 09:11:23 | 000,235,520 | ---- | M] (Microsoft Corporation) MD5=9922ADB6DCA8F0F5EA038BEFF339C08B -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.0.6002.18005_none_9617f6eb8e9aab94\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2008.01.21 04:48:29 | 000,820,224 | ---- | M] (Microsoft Corporation) MD5=32B87D215905F648EBE36A621978442C -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_295707c525b9f068\user32.dll

[2008.01.21 04:49:14 | 000,648,192 | ---- | M] (Microsoft Corporation) MD5=3D691030DBD3BD75DE1501BE54F0D425 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6001.18000_none_33abb2175a1ab263\user32.dll

[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\SysWOW64\user32.dll

[2009.04.11 08:26:45 | 000,648,704 | ---- | M] (Microsoft Corporation) MD5=D29FDB5DEDBDC1BD882164DC6DC4DD53 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_35972b23573c7daf\user32.dll

[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysNative\user32.dll

[2009.04.11 09:11:27 | 000,820,224 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.0.6002.18005_none_2b4280d122dbbbb4\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\SysWOW64\userinit.exe

[2008.01.21 04:50:36 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E135526E9785D085BCD9AEDE6FBCBF9 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_dc28ba15d1aff80b\userinit.exe

[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\SysNative\userinit.exe

[2008.01.21 04:49:46 | 000,028,160 | ---- | M] (Microsoft Corporation) MD5=A0AB2BB9A92293D9CE66E252719AB5FE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.0.6001.18000_none_384755998a0d6941\userinit.exe

 
 < MD5 for: WININIT.EXE  >

[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\SysWOW64\wininit.exe

[2008.01.21 04:48:04 | 000,096,768 | ---- | M] (Microsoft Corporation) MD5=101BA3EA053480BB5D957EF37C06B5ED -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_30f2b8cf0450a6a2\wininit.exe

[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\SysNative\wininit.exe

[2008.01.21 04:50:23 | 000,123,904 | ---- | M] (Microsoft Corporation) MD5=117EA87DF785CA1B9D821F6F213DCE07 -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.0.6001.18000_none_8d115452bcae17d8\wininit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.09.07 17:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\SysNative\winlogon.exe

[2009.04.11 09:11:08 | 000,405,504 | ---- | M] (Microsoft Corporation) MD5=6D0773A3A65D28B663F334C90441D01A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_cdcd15a68a70b877\winlogon.exe

[2008.01.21 04:49:47 | 000,406,016 | ---- | M] (Microsoft Corporation) MD5=856491FCED98093D824B9EB2892F564A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_cbe19c9a8d4eed2b\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\SysWOW64\winlogon.exe

[2009.04.11 08:28:13 | 000,314,368 | ---- | M] (Microsoft Corporation) MD5=898E7C06A350D4A1A64A9EA264D55452 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6002.18005_none_71ae7a22d2134741\winlogon.exe

[2008.01.21 04:50:38 | 000,314,880 | ---- | M] (Microsoft Corporation) MD5=C2610B6BDBEFC053BBDAB4F1B965CB24 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.0.6001.18000_none_6fc30116d4f17bf5\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2008.01.21 04:49:42 | 000,020,992 | ---- | M] (Microsoft Corporation) MD5=8A900348370E359B6BFF6A550E4649E1 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.0.6001.18000_none_aba53c58802b1777\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\*. /mp /s >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2012.08.24 09:03:49 | 009,738,240 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\ieframe.dll

 
 <           >

[2006.11.02 17:42:03 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2006.11.02 17:42:03 | 000,032,510 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011.12.12 11:00:13 | 000,001,060 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000Core.job

[2011.12.12 11:00:13 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000UA.job

[2012.10.03 20:50:47 | 000,001,100 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2012.10.03 20:50:47 | 000,001,104 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
 

< End of report >

--- --- ---

Ist unauffällig

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtg4nzy0ywy5/settings_2012-09-04.png

Code:

 04:05:24.0738 5556  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

04:05:24.0794 5556  ============================================================

04:05:24.0794 5556  Current date / time: 2012/10/18 04:05:24.0794

04:05:24.0794 5556  SystemInfo:

04:05:24.0794 5556  

04:05:24.0794 5556  OS Version: 6.0.6002 ServicePack: 2.0

04:05:24.0794 5556  Product type: Workstation

04:05:24.0794 5556  ComputerName: JAN-PC

04:05:24.0794 5556  UserName: Jan

04:05:24.0794 5556  Windows directory: C:\Windows

04:05:24.0794 5556  System windows directory: C:\Windows

04:05:24.0794 5556  Running under WOW64

04:05:24.0794 5556  Processor architecture: Intel x64

04:05:24.0794 5556  Number of processors: 4

04:05:24.0794 5556  Page size: 0x1000

04:05:24.0794 5556  Boot type: Normal boot

04:05:24.0794 5556  ============================================================

04:05:30.0804 5556  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

04:05:30.0804 5556  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

04:05:30.0823 5556  ============================================================

04:05:30.0823 5556  \Device\Harddisk0\DR0:

04:05:30.0823 5556  MBR partitions:

04:05:30.0823 5556  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B79A26

04:05:30.0823 5556  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B79A65, BlocksNum 0x1CDD45C

04:05:30.0823 5556  \Device\Harddisk1\DR1:

04:05:30.0823 5556  MBR partitions:

04:05:30.0823 5556  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82

04:05:30.0823 5556  ============================================================

04:05:30.0842 5556  C: <-> \Device\Harddisk0\DR0\Partition1

04:05:30.0854 5556  E: <-> \Device\Harddisk1\DR1\Partition1

04:05:30.0909 5556  D: <-> \Device\Harddisk0\DR0\Partition2

04:05:30.0909 5556  ============================================================

04:05:30.0909 5556  Initialize success

04:05:30.0909 5556  ============================================================

04:06:08.0901 5228  ============================================================

04:06:08.0901 5228  Scan started

04:06:08.0901 5228  Mode: Manual; SigCheck; TDLFS; 

04:06:08.0901 5228  ============================================================

04:06:09.0305 5228  ================ Scan system memory ========================

04:06:09.0305 5228  System memory - ok

04:06:09.0305 5228  ================ Scan services =============================

04:06:09.0450 5228  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys

04:06:09.0541 5228  ACPI - ok

04:06:09.0645 5228  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

04:06:09.0658 5228  AdobeARMservice - ok

04:06:09.0690 5228  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

04:06:09.0714 5228  adp94xx - ok

04:06:09.0748 5228  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys

04:06:09.0767 5228  adpahci - ok

04:06:09.0772 5228  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

04:06:09.0786 5228  adpu160m - ok

04:06:09.0813 5228  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

04:06:09.0826 5228  adpu320 - ok

04:06:09.0856 5228  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

04:06:09.0954 5228  AeLookupSvc - ok

04:06:10.0004 5228  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys

04:06:10.0096 5228  AFD - ok

04:06:10.0118 5228  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys

04:06:10.0131 5228  agp440 - ok

04:06:10.0149 5228  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

04:06:10.0161 5228  aic78xx - ok

04:06:10.0177 5228  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe

04:06:10.0219 5228  ALG - ok

04:06:10.0224 5228  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys

04:06:10.0235 5228  aliide - ok

04:06:10.0239 5228  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys

04:06:10.0250 5228  amdide - ok

04:06:10.0255 5228  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

04:06:10.0302 5228  AmdK8 - ok

04:06:10.0437 5228  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

04:06:10.0450 5228  AntiVirSchedulerService - ok

04:06:10.0461 5228  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

04:06:10.0472 5228  AntiVirService - ok

04:06:10.0506 5228  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll

04:06:10.0534 5228  Appinfo - ok

04:06:10.0613 5228  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

04:06:10.0624 5228  Apple Mobile Device - ok

04:06:10.0629 5228  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys

04:06:10.0642 5228  arc - ok

04:06:10.0647 5228  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

04:06:10.0660 5228  arcsas - ok

04:06:10.0773 5228  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

04:06:10.0784 5228  aspnet_state - ok

04:06:10.0793 5228  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

04:06:10.0824 5228  AsyncMac - ok

04:06:10.0835 5228  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys

04:06:10.0847 5228  atapi - ok

04:06:10.0897 5228  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

04:06:10.0971 5228  AudioEndpointBuilder - ok

04:06:10.0988 5228  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

04:06:11.0016 5228  AudioSrv - ok

04:06:11.0060 5228  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

04:06:11.0076 5228  avgntflt - ok

04:06:11.0086 5228  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

04:06:11.0098 5228  avipbb - ok

04:06:11.0112 5228  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

04:06:11.0122 5228  avkmgr - ok

04:06:11.0179 5228  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll

04:06:11.0248 5228  BFE - ok

04:06:11.0330 5228  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll

04:06:11.0428 5228  BITS - ok

04:06:11.0435 5228  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

04:06:11.0468 5228  blbdrive - ok

04:06:11.0556 5228  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

04:06:11.0573 5228  Bonjour Service - ok

04:06:11.0604 5228  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

04:06:11.0635 5228  bowser - ok

04:06:11.0643 5228  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

04:06:11.0678 5228  BrFiltLo - ok

04:06:11.0682 5228  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

04:06:11.0706 5228  BrFiltUp - ok

04:06:11.0728 5228  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll

04:06:11.0766 5228  Browser - ok

04:06:11.0774 5228  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys

04:06:11.0921 5228  Brserid - ok

04:06:11.0926 5228  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

04:06:12.0021 5228  BrSerWdm - ok

04:06:12.0026 5228  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

04:06:12.0090 5228  BrUsbMdm - ok

04:06:12.0094 5228  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

04:06:12.0141 5228  BrUsbSer - ok

04:06:12.0146 5228  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

04:06:12.0196 5228  BTHMODEM - ok

04:06:12.0212 5228  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

04:06:12.0252 5228  cdfs - ok

04:06:12.0295 5228  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

04:06:12.0332 5228  cdrom - ok

04:06:12.0380 5228  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll

04:06:12.0418 5228  CertPropSvc - ok

04:06:12.0431 5228  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys

04:06:12.0466 5228  circlass - ok

04:06:12.0524 5228  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys

04:06:12.0545 5228  CLFS - ok

04:06:12.0651 5228  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

04:06:12.0662 5228  clr_optimization_v2.0.50727_32 - ok

04:06:12.0721 5228  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

04:06:12.0732 5228  clr_optimization_v2.0.50727_64 - ok

04:06:12.0791 5228  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

04:06:12.0802 5228  clr_optimization_v4.0.30319_32 - ok

04:06:12.0812 5228  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

04:06:12.0823 5228  clr_optimization_v4.0.30319_64 - ok

04:06:12.0827 5228  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

04:06:12.0838 5228  cmdide - ok

04:06:12.0842 5228  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

04:06:12.0854 5228  Compbatt - ok

04:06:12.0858 5228  COMSysApp - ok

04:06:12.0874 5228  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

04:06:12.0886 5228  crcdisk - ok

04:06:12.0951 5228  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

04:06:12.0986 5228  CryptSvc - ok

04:06:13.0053 5228  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll

04:06:13.0119 5228  DcomLaunch - ok

04:06:13.0189 5228  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

04:06:13.0233 5228  DfsC - ok

04:06:13.0347 5228  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe

04:06:13.0507 5228  DFSR - ok

04:06:13.0590 5228  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

04:06:13.0616 5228  Dhcp - ok

04:06:13.0637 5228  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys

04:06:13.0650 5228  disk - ok

04:06:13.0673 5228  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

04:06:13.0720 5228  Dnscache - ok

04:06:13.0753 5228  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll

04:06:13.0790 5228  dot3svc - ok

04:06:13.0822 5228  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

04:06:13.0861 5228  Dot4 - ok

04:06:13.0887 5228  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

04:06:13.0936 5228  Dot4Print - ok

04:06:13.0966 5228  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

04:06:13.0997 5228  dot4usb - ok

04:06:14.0043 5228  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll

04:06:14.0083 5228  DPS - ok

04:06:14.0119 5228  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

04:06:14.0175 5228  drmkaud - ok

04:06:14.0227 5228  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

04:06:14.0265 5228  DXGKrnl - ok

04:06:14.0288 5228  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys

04:06:14.0325 5228  E1G60 - ok

04:06:14.0336 5228  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll

04:06:14.0367 5228  EapHost - ok

04:06:14.0443 5228  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys

04:06:14.0457 5228  Ecache - ok

04:06:14.0510 5228  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

04:06:14.0559 5228  ehRecvr - ok

04:06:14.0596 5228  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe

04:06:14.0622 5228  ehSched - ok

04:06:14.0646 5228  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll

04:06:14.0665 5228  ehstart - ok

04:06:14.0692 5228  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

04:06:14.0711 5228  elxstor - ok

04:06:14.0772 5228  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

04:06:14.0791 5228  EMDMgmt - ok

04:06:14.0795 5228  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

04:06:14.0837 5228  ErrDev - ok

04:06:14.0911 5228  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll

04:06:14.0947 5228  EventSystem - ok

04:06:15.0007 5228  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys

04:06:15.0053 5228  exfat - ok

04:06:15.0057 5228  ezSharedSvc - ok

04:06:15.0098 5228  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

04:06:15.0139 5228  fastfat - ok

04:06:15.0143 5228  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

04:06:15.0174 5228  fdc - ok

04:06:15.0184 5228  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll

04:06:15.0230 5228  fdPHost - ok

04:06:15.0244 5228  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll

04:06:15.0304 5228  FDResPub - ok

04:06:15.0319 5228  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

04:06:15.0332 5228  FileInfo - ok

04:06:15.0348 5228  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

04:06:15.0379 5228  Filetrace - ok

04:06:15.0384 5228  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

04:06:15.0415 5228  flpydisk - ok

04:06:15.0462 5228  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

04:06:15.0479 5228  FltMgr - ok

04:06:15.0549 5228  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll

04:06:15.0641 5228  FontCache - ok

04:06:15.0706 5228  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

04:06:15.0715 5228  FontCache3.0.0.0 - ok

04:06:15.0744 5228  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

04:06:15.0779 5228  Fs_Rec - ok

04:06:15.0799 5228  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

04:06:15.0811 5228  gagp30kx - ok

04:06:15.0865 5228  [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe

04:06:15.0878 5228  GameConsoleService - ok

04:06:15.0920 5228  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

04:06:15.0930 5228  GEARAspiWDM - ok

04:06:15.0975 5228  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll

04:06:16.0022 5228  gpsvc - ok

04:06:16.0155 5228  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:06:16.0165 5228  gupdate - ok

04:06:16.0170 5228  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:06:16.0179 5228  gupdatem - ok

04:06:16.0208 5228  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

04:06:16.0223 5228  HdAudAddService - ok

04:06:16.0272 5228  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

04:06:16.0361 5228  HDAudBus - ok

04:06:16.0373 5228  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys

04:06:16.0436 5228  HidBth - ok

04:06:16.0441 5228  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys

04:06:16.0489 5228  HidIr - ok

04:06:16.0507 5228  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll

04:06:16.0567 5228  hidserv - ok

04:06:16.0595 5228  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

04:06:16.0626 5228  HidUsb - ok

04:06:16.0648 5228  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll

04:06:16.0682 5228  hkmsvc - ok

04:06:16.0741 5228  [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys

04:06:16.0751 5228  hotcore3 - ok

04:06:16.0808 5228  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

04:06:16.0819 5228  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0819 5228  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

04:06:16.0829 5228  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

04:06:16.0842 5228  HpCISSs - ok

04:06:16.0933 5228  [ AF81F7BA6A09119006FE041A2F2F3ECE ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

04:06:16.0950 5228  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0950 5228  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

04:06:16.0974 5228  [ 7244F63DB8EA883B3DC8E730C645D073 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

04:06:16.0988 5228  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0988 5228  hpqddsvc - detected UnsignedFile.Multi.Generic (1)

04:06:17.0025 5228  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

04:06:17.0085 5228  HTTP - ok

04:06:17.0141 5228  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

04:06:17.0153 5228  i2omp - ok

04:06:17.0178 5228  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

04:06:17.0225 5228  i8042prt - ok

04:06:17.0276 5228  [ EEF0C78D403F213289067F3861C3AF4F ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

04:06:17.0292 5228  IAANTMON - ok

04:06:17.0344 5228  [ 8EACF469269FB1509561961A3188F670 ] iaStor          C:\Windows\system32\drivers\iastor.sys

04:06:17.0359 5228  iaStor - ok

04:06:17.0426 5228  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

04:06:17.0441 5228  iaStorV - ok

04:06:17.0797 5228  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

04:06:17.0834 5228  idsvc - ok

04:06:17.0851 5228  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

04:06:17.0862 5228  iirsp - ok

04:06:17.0918 5228  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll

04:06:18.0001 5228  IKEEXT - ok

04:06:18.0065 5228  [ 5F885046A7F420989C8366324FD2EF60 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

04:06:18.0117 5228  IntcAzAudAddService - ok

04:06:18.0132 5228  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys

04:06:18.0144 5228  intelide - ok

04:06:18.0160 5228  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

04:06:18.0213 5228  intelppm - ok

04:06:18.0242 5228  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

04:06:18.0288 5228  IPBusEnum - ok

04:06:18.0339 5228  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

04:06:18.0363 5228  IpFilterDriver - ok

04:06:18.0414 5228  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

04:06:18.0475 5228  iphlpsvc - ok

04:06:18.0479 5228  IpInIp - ok

04:06:18.0486 5228  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

04:06:18.0517 5228  IPMIDRV - ok

04:06:18.0532 5228  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

04:06:18.0568 5228  IPNAT - ok

04:06:18.0615 5228  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

04:06:18.0668 5228  iPod Service - ok

04:06:18.0673 5228  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys

04:06:18.0725 5228  IRENUM - ok

04:06:18.0757 5228  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys

04:06:18.0769 5228  isapnp - ok

04:06:18.0796 5228  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

04:06:18.0810 5228  iScsiPrt - ok

04:06:18.0815 5228  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

04:06:18.0826 5228  iteatapi - ok

04:06:18.0839 5228  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

04:06:18.0851 5228  iteraid - ok

04:06:18.0867 5228  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

04:06:18.0878 5228  kbdclass - ok

04:06:18.0906 5228  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

04:06:18.0940 5228  kbdhid - ok

04:06:18.0972 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe

04:06:18.0986 5228  KeyIso - ok

04:06:19.0042 5228  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

04:06:19.0066 5228  KSecDD - ok

04:06:19.0105 5228  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

04:06:19.0145 5228  ksthunk - ok

04:06:19.0181 5228  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll

04:06:19.0281 5228  KtmRm - ok

04:06:19.0302 5228  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll

04:06:19.0330 5228  LanmanServer - ok

04:06:19.0371 5228  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

04:06:19.0387 5228  LanmanWorkstation - ok

04:06:19.0482 5228  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

04:06:19.0500 5228  LBTServ - ok

04:06:19.0560 5228  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

04:06:19.0570 5228  LHidFilt - ok

04:06:19.0611 5228  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

04:06:19.0636 5228  LightScribeService ( UnsignedFile.Multi.Generic ) - warning

04:06:19.0636 5228  LightScribeService - detected UnsignedFile.Multi.Generic (1)

04:06:19.0664 5228  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

04:06:19.0707 5228  lltdio - ok

04:06:19.0747 5228  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

04:06:19.0821 5228  lltdsvc - ok

04:06:19.0844 5228  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll

04:06:19.0875 5228  lmhosts - ok

04:06:19.0888 5228  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

04:06:19.0898 5228  LMouFilt - ok

04:06:19.0926 5228  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

04:06:19.0939 5228  LSI_FC - ok

04:06:19.0944 5228  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

04:06:19.0957 5228  LSI_SAS - ok

04:06:19.0965 5228  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

04:06:19.0978 5228  LSI_SCSI - ok

04:06:19.0995 5228  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys

04:06:20.0039 5228  luafv - ok

04:06:20.0109 5228  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

04:06:20.0121 5228  MBAMProtector - ok

04:06:20.0173 5228  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

04:06:20.0194 5228  MBAMScheduler - ok

04:06:20.0236 5228  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

04:06:20.0269 5228  MBAMService - ok

04:06:20.0356 5228  [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

04:06:20.0369 5228  McComponentHostService - ok

04:06:20.0394 5228  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

04:06:20.0410 5228  Mcx2Svc - ok

04:06:20.0473 5228  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

04:06:20.0493 5228  MDM ( UnsignedFile.Multi.Generic ) - warning

04:06:20.0493 5228  MDM - detected UnsignedFile.Multi.Generic (1)

04:06:20.0506 5228  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys

04:06:20.0519 5228  megasas - ok

04:06:20.0538 5228  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

04:06:20.0558 5228  MegaSR - ok

04:06:20.0593 5228  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll

04:06:20.0633 5228  MMCSS - ok

04:06:20.0638 5228  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys

04:06:20.0673 5228  Modem - ok

04:06:20.0712 5228  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

04:06:20.0755 5228  monitor - ok

04:06:20.0773 5228  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

04:06:20.0785 5228  mouclass - ok

04:06:20.0796 5228  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

04:06:20.0838 5228  mouhid - ok

04:06:20.0854 5228  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

04:06:20.0867 5228  MountMgr - ok

04:06:20.0894 5228  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys

04:06:20.0907 5228  mpio - ok

04:06:20.0919 5228  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

04:06:20.0950 5228  mpsdrv - ok

04:06:20.0996 5228  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll

04:06:21.0040 5228  MpsSvc - ok

04:06:21.0044 5228  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

04:06:21.0057 5228  Mraid35x - ok

04:06:21.0105 5228  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

04:06:21.0131 5228  MRxDAV - ok

04:06:21.0144 5228  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

04:06:21.0198 5228  mrxsmb - ok

04:06:21.0224 5228  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

04:06:21.0250 5228  mrxsmb10 - ok

04:06:21.0268 5228  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

04:06:21.0282 5228  mrxsmb20 - ok

04:06:21.0295 5228  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys

04:06:21.0306 5228  msahci - ok

04:06:21.0312 5228  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

04:06:21.0324 5228  msdsm - ok

04:06:21.0343 5228  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe

04:06:21.0397 5228  MSDTC - ok

04:06:21.0419 5228  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys

04:06:21.0458 5228  Msfs - ok

04:06:21.0471 5228  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

04:06:21.0482 5228  msisadrv - ok

04:06:21.0507 5228  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

04:06:21.0545 5228  MSiSCSI - ok

04:06:21.0549 5228  msiserver - ok

04:06:21.0571 5228  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

04:06:21.0604 5228  MSKSSRV - ok

04:06:21.0626 5228  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

04:06:21.0658 5228  MSPCLOCK - ok

04:06:21.0663 5228  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

04:06:21.0703 5228  MSPQM - ok

04:06:21.0752 5228  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

04:06:21.0770 5228  MsRPC - ok

04:06:21.0778 5228  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

04:06:21.0789 5228  mssmbios - ok

04:06:21.0802 5228  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

04:06:21.0837 5228  MSTEE - ok

04:06:21.0855 5228  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys

04:06:21.0868 5228  Mup - ok

04:06:21.0922 5228  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll

04:06:22.0007 5228  napagent - ok

04:06:22.0077 5228  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

04:06:22.0122 5228  NativeWifiP - ok

04:06:22.0138 5228  NAVENG - ok

04:06:22.0141 5228  NAVEX15 - ok

04:06:22.0206 5228  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys

04:06:22.0242 5228  NDIS - ok

04:06:22.0279 5228  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

04:06:22.0315 5228  NdisTapi - ok

04:06:22.0324 5228  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

04:06:22.0358 5228  Ndisuio - ok

04:06:22.0400 5228  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

04:06:22.0431 5228  NdisWan - ok

04:06:22.0447 5228  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

04:06:22.0483 5228  NDProxy - ok

04:06:22.0507 5228  [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

04:06:22.0518 5228  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

04:06:22.0519 5228  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

04:06:22.0535 5228  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

04:06:22.0586 5228  NetBIOS - ok

04:06:22.0618 5228  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

04:06:22.0657 5228  netbt - ok

04:06:22.0672 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe

04:06:22.0685 5228  Netlogon - ok

04:06:22.0713 5228  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll

04:06:22.0806 5228  Netman - ok

04:06:22.0832 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0845 5228  NetMsmqActivator - ok

04:06:22.0849 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0860 5228  NetPipeActivator - ok

04:06:22.0877 5228  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll

04:06:22.0914 5228  netprofm - ok

04:06:22.0918 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0930 5228  NetTcpActivator - ok

04:06:22.0934 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0945 5228  NetTcpPortSharing - ok

04:06:22.0964 5228  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

04:06:22.0981 5228  nfrd960 - ok

04:06:22.0997 5228  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll

04:06:23.0037 5228  NlaSvc - ok

04:06:23.0050 5228  Norton Internet Security - ok

04:06:23.0082 5228  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

04:06:23.0122 5228  Npfs - ok

04:06:23.0141 5228  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll

04:06:23.0183 5228  nsi - ok

04:06:23.0193 5228  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

04:06:23.0238 5228  nsiproxy - ok

04:06:23.0301 5228  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

04:06:23.0357 5228  Ntfs - ok

04:06:23.0396 5228  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys

04:06:23.0434 5228  Null - ok

04:06:23.0478 5228  [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

04:06:23.0489 5228  NVHDA - ok

04:06:23.0735 5228  [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

04:06:24.0204 5228  nvlddmkm - ok

04:06:24.0231 5228  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

04:06:24.0244 5228  nvraid - ok

04:06:24.0249 5228  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys

04:06:24.0260 5228  nvstor - ok

04:06:24.0317 5228  [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc           C:\Windows\system32\nvvsvc.exe

04:06:24.0369 5228  nvsvc - ok

04:06:24.0443 5228  [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

04:06:24.0521 5228  nvUpdatusService - ok

04:06:24.0536 5228  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

04:06:24.0549 5228  nv_agp - ok

04:06:24.0553 5228  NwlnkFlt - ok

04:06:24.0558 5228  NwlnkFwd - ok

04:06:24.0614 5228  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

04:06:24.0648 5228  ohci1394 - ok

04:06:24.0713 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll

04:06:24.0746 5228  p2pimsvc - ok

04:06:24.0809 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll

04:06:24.0833 5228  p2psvc - ok

04:06:24.0858 5228  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys

04:06:24.0928 5228  Parport - ok

04:06:24.0977 5228  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

04:06:24.0991 5228  partmgr - ok

04:06:25.0012 5228  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll

04:06:25.0040 5228  PcaSvc - ok

04:06:25.0093 5228  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys

04:06:25.0109 5228  pci - ok

04:06:25.0123 5228  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys

04:06:25.0133 5228  pciide - ok

04:06:25.0145 5228  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

04:06:25.0159 5228  pcmcia - ok

04:06:25.0181 5228  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

04:06:25.0297 5228  PEAUTH - ok

04:06:25.0366 5228  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

04:06:25.0418 5228  PerfHost - ok

04:06:25.0469 5228  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll

04:06:25.0549 5228  pla - ok

04:06:25.0607 5228  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

04:06:25.0635 5228  PlugPlay - ok

04:06:25.0663 5228  [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

04:06:25.0675 5228  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

04:06:25.0675 5228  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

04:06:25.0693 5228  PnkBstrA - ok

04:06:25.0720 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

04:06:25.0743 5228  PNRPAutoReg - ok

04:06:25.0795 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll

04:06:25.0818 5228  PNRPsvc - ok

04:06:25.0885 5228  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

04:06:25.0959 5228  PolicyAgent - ok

04:06:25.0992 5228  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

04:06:26.0029 5228  PptpMiniport - ok

04:06:26.0048 5228  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys

04:06:26.0100 5228  Processor - ok

04:06:26.0130 5228  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll

04:06:26.0164 5228  ProfSvc - ok

04:06:26.0180 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe

04:06:26.0193 5228  ProtectedStorage - ok

04:06:26.0225 5228  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys

04:06:26.0235 5228  Ps2 - ok

04:06:26.0269 5228  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

04:06:26.0293 5228  PSched - ok

04:06:26.0324 5228  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys

04:06:26.0366 5228  ql2300 - ok

04:06:26.0372 5228  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

04:06:26.0384 5228  ql40xx - ok

04:06:26.0404 5228  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll

04:06:26.0434 5228  QWAVE - ok

04:06:26.0446 5228  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

04:06:26.0459 5228  QWAVEdrv - ok

04:06:26.0469 5228  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

04:06:26.0499 5228  RasAcd - ok

04:06:26.0525 5228  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll

04:06:26.0558 5228  RasAuto - ok

04:06:26.0573 5228  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

04:06:26.0615 5228  Rasl2tp - ok

04:06:26.0655 5228  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll

04:06:26.0684 5228  RasMan - ok

04:06:26.0733 5228  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

04:06:26.0756 5228  RasPppoe - ok

04:06:26.0809 5228  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

04:06:26.0822 5228  RasSstp - ok

04:06:26.0867 5228  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

04:06:26.0907 5228  rdbss - ok

04:06:26.0921 5228  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

04:06:26.0951 5228  RDPCDD - ok

04:06:26.0974 5228  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

04:06:27.0015 5228  rdpdr - ok

04:06:27.0019 5228  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

04:06:27.0049 5228  RDPENCDD - ok

04:06:27.0104 5228  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

04:06:27.0128 5228  RDPWD - ok

04:06:27.0163 5228  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll

04:06:27.0208 5228  RemoteAccess - ok

04:06:27.0257 5228  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

04:06:27.0296 5228  RemoteRegistry - ok

04:06:27.0320 5228  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe

04:06:27.0341 5228  RpcLocator - ok

04:06:27.0393 5228  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll

04:06:27.0426 5228  RpcSs - ok

04:06:27.0459 5228  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

04:06:27.0491 5228  rspndr - ok

04:06:27.0517 5228  [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys

04:06:27.0571 5228  RTL8169 - ok

04:06:27.0596 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe

04:06:27.0609 5228  SamSs - ok

04:06:27.0672 5228  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys

04:06:27.0684 5228  SANDRA - ok

04:06:27.0708 5228  [ 96F6F3E594D780B7E20FDC94504D4D89 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe

04:06:27.0722 5228  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning

04:06:27.0722 5228  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)

04:06:27.0730 5228  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

04:06:27.0744 5228  sbp2port - ok

04:06:27.0782 5228  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll

04:06:27.0819 5228  SCardSvr - ok

04:06:27.0849 5228  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll

04:06:27.0898 5228  Schedule - ok

04:06:27.0945 5228  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll

04:06:27.0968 5228  SCPolicySvc - ok

04:06:28.0012 5228  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

04:06:28.0026 5228  SDRSVC - ok

04:06:28.0044 5228  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

04:06:28.0098 5228  secdrv - ok

04:06:28.0114 5228  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll

04:06:28.0161 5228  seclogon - ok

04:06:28.0171 5228  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll

04:06:28.0213 5228  SENS - ok

04:06:28.0217 5228  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys

04:06:28.0266 5228  Serenum - ok

04:06:28.0278 5228  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys

04:06:28.0333 5228  Serial - ok

04:06:28.0337 5228  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys

04:06:28.0377 5228  sermouse - ok

04:06:28.0398 5228  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll

04:06:28.0430 5228  SessionEnv - ok

04:06:28.0435 5228  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

04:06:28.0465 5228  sffdisk - ok

04:06:28.0470 5228  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

04:06:28.0500 5228  sffp_mmc - ok

04:06:28.0505 5228  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

04:06:28.0536 5228  sffp_sd - ok

04:06:28.0540 5228  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

04:06:28.0586 5228  sfloppy - ok

04:06:28.0617 5228  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

04:06:28.0663 5228  SharedAccess - ok

04:06:28.0719 5228  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

04:06:28.0749 5228  ShellHWDetection - ok

04:06:28.0753 5228  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

04:06:28.0766 5228  SiSRaid2 - ok

04:06:28.0774 5228  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

04:06:28.0787 5228  SiSRaid4 - ok

04:06:28.0878 5228  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe

04:06:29.0015 5228  slsvc - ok

04:06:29.0059 5228  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll

04:06:29.0106 5228  SLUINotify - ok

04:06:29.0134 5228  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

04:06:29.0179 5228  Smb - ok

04:06:29.0219 5228  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

04:06:29.0243 5228  SNMPTRAP - ok

04:06:29.0289 5228  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys

04:06:29.0302 5228  spldr - ok

04:06:29.0324 5228  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe

04:06:29.0340 5228  Spooler - ok

04:06:29.0344 5228  SRTSP - ok

04:06:29.0350 5228  SRTSPX - ok

04:06:29.0384 5228  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys

04:06:29.0431 5228  srv - ok

04:06:29.0500 5228  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

04:06:29.0538 5228  srv2 - ok

04:06:29.0574 5228  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

04:06:29.0588 5228  srvnet - ok

04:06:29.0603 5228  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

04:06:29.0636 5228  SSDPSRV - ok

04:06:29.0664 5228  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll

04:06:29.0694 5228  SstpSvc - ok

04:06:29.0717 5228  Steam Client Service - ok

04:06:29.0765 5228  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll

04:06:29.0825 5228  stisvc - ok

04:06:29.0850 5228  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

04:06:29.0861 5228  swenum - ok

04:06:29.0923 5228  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll

04:06:29.0966 5228  swprv - ok

04:06:30.0012 5228  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

04:06:30.0023 5228  Symc8xx - ok

04:06:30.0030 5228  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

04:06:30.0041 5228  Sym_hi - ok

04:06:30.0046 5228  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

04:06:30.0057 5228  Sym_u3 - ok

04:06:30.0122 5228  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll

04:06:30.0208 5228  SysMain - ok

04:06:30.0230 5228  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll

04:06:30.0255 5228  TabletInputService - ok

04:06:30.0298 5228  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll

04:06:30.0328 5228  TapiSrv - ok

04:06:30.0343 5228  TBPanel - ok

04:06:30.0361 5228  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll

04:06:30.0394 5228  TBS - ok

04:06:30.0453 5228  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

04:06:30.0508 5228  Tcpip - ok

04:06:30.0534 5228  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

04:06:30.0570 5228  Tcpip6 - ok

04:06:30.0596 5228  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

04:06:30.0637 5228  tcpipreg - ok

04:06:30.0661 5228  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

04:06:30.0714 5228  TDPIPE - ok

04:06:30.0738 5228  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

04:06:30.0773 5228  TDTCP - ok

04:06:30.0823 5228  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

04:06:30.0859 5228  tdx - ok

04:06:30.0895 5228  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

04:06:30.0908 5228  TermDD - ok

04:06:30.0955 5228  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll

04:06:31.0040 5228  TermService - ok

04:06:31.0060 5228  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll

04:06:31.0076 5228  Themes - ok

04:06:31.0084 5228  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll

04:06:31.0116 5228  THREADORDER - ok

04:06:31.0128 5228  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll

04:06:31.0172 5228  TrkWks - ok

04:06:31.0244 5228  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

04:06:31.0274 5228  TrustedInstaller - ok

04:06:31.0281 5228  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

04:06:31.0311 5228  tssecsrv - ok

04:06:31.0325 5228  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

04:06:31.0350 5228  tunmp - ok

04:06:31.0403 5228  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

04:06:31.0426 5228  tunnel - ok

04:06:31.0436 5228  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

04:06:31.0448 5228  uagp35 - ok

04:06:31.0503 5228  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

04:06:31.0548 5228  udfs - ok

04:06:31.0566 5228  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe

04:06:31.0610 5228  UI0Detect - ok

04:06:31.0650 5228  [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys

04:06:31.0661 5228  UimBus - ok

04:06:31.0678 5228  [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys

04:06:31.0696 5228  Uim_IM - ok

04:06:31.0734 5228  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

04:06:31.0746 5228  uliagpkx - ok

04:06:31.0759 5228  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

04:06:31.0774 5228  uliahci - ok

04:06:31.0780 5228  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

04:06:31.0792 5228  UlSata - ok

04:06:31.0800 5228  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

04:06:31.0812 5228  ulsata2 - ok

04:06:31.0826 5228  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

04:06:31.0857 5228  umbus - ok

04:06:31.0875 5228  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll

04:06:31.0964 5228  upnphost - ok

04:06:32.0024 5228  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

04:06:32.0036 5228  USBAAPL64 - ok

04:06:32.0078 5228  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

04:06:32.0119 5228  usbaudio - ok

04:06:32.0153 5228  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

04:06:32.0183 5228  usbccgp - ok

04:06:32.0188 5228  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

04:06:32.0242 5228  usbcir - ok

04:06:32.0256 5228  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

04:06:32.0279 5228  usbehci - ok

04:06:32.0320 5228  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

04:06:32.0359 5228  usbhub - ok

04:06:32.0366 5228  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

04:06:32.0416 5228  usbohci - ok

04:06:32.0450 5228  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

04:06:32.0480 5228  usbprint - ok

04:06:32.0533 5228  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

04:06:32.0577 5228  usbscan - ok

04:06:32.0603 5228  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

04:06:32.0653 5228  USBSTOR - ok

04:06:32.0669 5228  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

04:06:32.0693 5228  usbuhci - ok

04:06:32.0728 5228  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll

04:06:32.0751 5228  UxSms - ok

04:06:32.0798 5228  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe

04:06:32.0851 5228  vds - ok

04:06:32.0860 5228  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

04:06:32.0909 5228  vga - ok

04:06:32.0934 5228  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys

04:06:32.0988 5228  VgaSave - ok

04:06:32.0992 5228  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys

04:06:33.0006 5228  viaide - ok

04:06:33.0035 5228  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys

04:06:33.0048 5228  volmgr - ok

04:06:33.0096 5228  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

04:06:33.0117 5228  volmgrx - ok

04:06:33.0153 5228  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap         C:\Windows\system32\drivers\volsnap.sys

04:06:33.0170 5228  volsnap - ok

04:06:33.0190 5228  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

04:06:33.0203 5228  vsmraid - ok

04:06:33.0260 5228  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe

04:06:33.0363 5228  VSS - ok

04:06:33.0412 5228  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll

04:06:33.0502 5228  W32Time - ok

04:06:33.0509 5228  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

04:06:33.0564 5228  WacomPen - ok

04:06:33.0627 5228  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

04:06:33.0664 5228  Wanarp - ok

04:06:33.0667 5228  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

04:06:33.0691 5228  Wanarpv6 - ok

04:06:33.0708 5228  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

04:06:33.0747 5228  wcncsvc - ok

04:06:33.0788 5228  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

04:06:33.0826 5228  WcsPlugInService - ok

04:06:33.0831 5228  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys

04:06:33.0842 5228  Wd - ok

04:06:33.0866 5228  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

04:06:33.0904 5228  Wdf01000 - ok

04:06:33.0915 5228  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll

04:06:33.0948 5228  WdiServiceHost - ok

04:06:33.0952 5228  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll

04:06:33.0984 5228  WdiSystemHost - ok

04:06:33.0999 5228  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll

04:06:34.0045 5228  WebClient - ok

04:06:34.0077 5228  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll

04:06:34.0107 5228  Wecsvc - ok

04:06:34.0123 5228  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

04:06:34.0148 5228  wercplsupport - ok

04:06:34.0158 5228  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll

04:06:34.0194 5228  WerSvc - ok

04:06:34.0207 5228  WinDefend - ok

04:06:34.0215 5228  WinHttpAutoProxySvc - ok

04:06:34.0267 5228  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

04:06:34.0303 5228  Winmgmt - ok

04:06:34.0355 5228  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll

04:06:34.0418 5228  WinRM - ok

04:06:34.0460 5228  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll

04:06:34.0493 5228  Wlansvc - ok

04:06:34.0542 5228  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

04:06:34.0562 5228  WmiAcpi - ok

04:06:34.0612 5228  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

04:06:34.0637 5228  wmiApSrv - ok

04:06:34.0646 5228  WMPNetworkSvc - ok

04:06:34.0661 5228  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

04:06:34.0688 5228  WPCSvc - ok

04:06:34.0743 5228  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

04:06:34.0758 5228  WPDBusEnum - ok

04:06:34.0816 5228  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

04:06:34.0829 5228  WpdUsb - ok

04:06:34.0960 5228  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

04:06:34.0997 5228  WPFFontCache_v0400 - ok

04:06:35.0001 5228  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

04:06:35.0055 5228  ws2ifsl - ok

04:06:35.0133 5228  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll

04:06:35.0148 5228  wscsvc - ok

04:06:35.0152 5228  WSearch - ok

04:06:35.0246 5228  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

04:06:35.0357 5228  wuauserv - ok

04:06:35.0396 5228  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

04:06:35.0435 5228  WUDFRd - ok

04:06:35.0462 5228  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

04:06:35.0494 5228  wudfsvc - ok

04:06:35.0537 5228  [ 15CC7077D2DC28776CD430ECABBFFD66 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

04:06:35.0547 5228  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

04:06:35.0549 5228  ================ Scan global ===============================

04:06:35.0573 5228  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll

04:06:35.0603 5228  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

04:06:35.0618 5228  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

04:06:35.0669 5228  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe

04:06:35.0673 5228  [Global] - ok

04:06:35.0673 5228  ================ Scan MBR ==================================

04:06:35.0682 5228  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0

04:06:36.0135 5228  \Device\Harddisk0\DR0 - ok

04:06:36.0160 5228  [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1

04:06:36.0234 5228  \Device\Harddisk1\DR1 - ok

04:06:36.0235 5228  ================ Scan VBR ==================================

04:06:36.0237 5228  [ 32D5755F512F873A9EBBE757A9ECFD5A ] \Device\Harddisk0\DR0\Partition1

04:06:36.0239 5228  \Device\Harddisk0\DR0\Partition1 - ok

04:06:36.0243 5228  [ 15611FB822DC703EA9C168C830976EB0 ] \Device\Harddisk0\DR0\Partition2

04:06:36.0244 5228  \Device\Harddisk0\DR0\Partition2 - ok

04:06:36.0248 5228  [ 960CDE92622C58C393F6E4FC501C8B8C ] \Device\Harddisk1\DR1\Partition1

04:06:36.0249 5228  \Device\Harddisk1\DR1\Partition1 - ok

04:06:36.0250 5228  ============================================================

04:06:36.0250 5228  Scan finished

04:06:36.0250 5228  ============================================================

04:06:36.0263 4300  Detected object count: 8

04:06:36.0263 4300  Actual detected object count: 8

Log ist unvollständig, die untere Zusammenfassung fehlt

Ist er so vollständig ?

Code:

 12:06:58.0166 5316  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

12:06:58.0222 5316  ============================================================

12:06:58.0222 5316  Current date / time: 2012/10/18 12:06:58.0222

12:06:58.0222 5316  SystemInfo:

12:06:58.0223 5316  

12:06:58.0223 5316  OS Version: 6.0.6002 ServicePack: 2.0

12:06:58.0223 5316  Product type: Workstation

12:06:58.0223 5316  ComputerName: JAN-PC

12:06:58.0223 5316  UserName: Jan

12:06:58.0223 5316  Windows directory: C:\Windows

12:06:58.0223 5316  System windows directory: C:\Windows

12:06:58.0223 5316  Running under WOW64

12:06:58.0223 5316  Processor architecture: Intel x64

12:06:58.0223 5316  Number of processors: 4

12:06:58.0223 5316  Page size: 0x1000

12:06:58.0223 5316  Boot type: Normal boot

12:06:58.0223 5316  ============================================================

12:06:59.0313 5316  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:06:59.0325 5316  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

12:06:59.0343 5316  ============================================================

12:06:59.0343 5316  \Device\Harddisk0\DR0:

12:06:59.0343 5316  MBR partitions:

12:06:59.0343 5316  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B79A26

12:06:59.0343 5316  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B79A65, BlocksNum 0x1CDD45C

12:06:59.0343 5316  \Device\Harddisk1\DR1:

12:06:59.0343 5316  MBR partitions:

12:06:59.0343 5316  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82

12:06:59.0343 5316  ============================================================

12:06:59.0376 5316  C: <-> \Device\Harddisk0\DR0\Partition1

12:06:59.0390 5316  E: <-> \Device\Harddisk1\DR1\Partition1

12:06:59.0460 5316  D: <-> \Device\Harddisk0\DR0\Partition2

12:06:59.0460 5316  ============================================================

12:06:59.0460 5316  Initialize success

12:06:59.0460 5316  ============================================================

12:07:58.0756 5932  ============================================================

12:07:58.0756 5932  Scan started

12:07:58.0756 5932  Mode: Manual; SigCheck; TDLFS; 

12:07:58.0756 5932  ============================================================

12:07:59.0095 5932  ================ Scan system memory ========================

12:07:59.0095 5932  System memory - ok

12:07:59.0096 5932  ================ Scan services =============================

12:07:59.0316 5932  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys

12:07:59.0441 5932  ACPI - ok

12:07:59.0518 5932  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

12:07:59.0529 5932  AdobeARMservice - ok

12:07:59.0572 5932  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

12:07:59.0594 5932  adp94xx - ok

12:07:59.0622 5932  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys

12:07:59.0640 5932  adpahci - ok

12:07:59.0647 5932  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

12:07:59.0660 5932  adpu160m - ok

12:07:59.0678 5932  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

12:07:59.0693 5932  adpu320 - ok

12:07:59.0730 5932  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

12:07:59.0828 5932  AeLookupSvc - ok

12:07:59.0894 5932  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys

12:07:59.0944 5932  AFD - ok

12:07:59.0994 5932  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys

12:08:00.0007 5932  agp440 - ok

12:08:00.0039 5932  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

12:08:00.0052 5932  aic78xx - ok

12:08:00.0067 5932  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe

12:08:00.0099 5932  ALG - ok

12:08:00.0156 5932  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys

12:08:00.0167 5932  aliide - ok

12:08:00.0172 5932  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys

12:08:00.0183 5932  amdide - ok

12:08:00.0188 5932  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

12:08:00.0219 5932  AmdK8 - ok

12:08:00.0419 5932  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

12:08:00.0431 5932  AntiVirSchedulerService - ok

12:08:00.0460 5932  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

12:08:00.0470 5932  AntiVirService - ok

12:08:00.0521 5932  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll

12:08:00.0571 5932  Appinfo - ok

12:08:00.0662 5932  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:08:00.0672 5932  Apple Mobile Device - ok

12:08:00.0691 5932  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys

12:08:00.0703 5932  arc - ok

12:08:00.0721 5932  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

12:08:00.0734 5932  arcsas - ok

12:08:00.0847 5932  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

12:08:00.0857 5932  aspnet_state - ok

12:08:00.0875 5932  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

12:08:00.0907 5932  AsyncMac - ok

12:08:00.0918 5932  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys

12:08:00.0929 5932  atapi - ok

12:08:01.0037 5932  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

12:08:01.0065 5932  AudioEndpointBuilder - ok

12:08:01.0095 5932  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

12:08:01.0123 5932  AudioSrv - ok

12:08:01.0176 5932  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

12:08:01.0190 5932  avgntflt - ok

12:08:01.0218 5932  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

12:08:01.0230 5932  avipbb - ok

12:08:01.0244 5932  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

12:08:01.0254 5932  avkmgr - ok

12:08:01.0336 5932  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll

12:08:01.0366 5932  BFE - ok

12:08:01.0437 5932  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll

12:08:01.0475 5932  BITS - ok

12:08:01.0492 5932  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

12:08:01.0525 5932  blbdrive - ok

12:08:01.0613 5932  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:08:01.0629 5932  Bonjour Service - ok

12:08:01.0653 5932  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

12:08:01.0675 5932  bowser - ok

12:08:01.0692 5932  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

12:08:01.0716 5932  BrFiltLo - ok

12:08:01.0720 5932  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

12:08:01.0744 5932  BrFiltUp - ok

12:08:01.0777 5932  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll

12:08:01.0808 5932  Browser - ok

12:08:01.0823 5932  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys

12:08:01.0978 5932  Brserid - ok

12:08:01.0984 5932  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

12:08:02.0031 5932  BrSerWdm - ok

12:08:02.0036 5932  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

12:08:02.0110 5932  BrUsbMdm - ok

12:08:02.0115 5932  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

12:08:02.0162 5932  BrUsbSer - ok

12:08:02.0167 5932  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

12:08:02.0241 5932  BTHMODEM - ok

12:08:02.0294 5932  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

12:08:02.0326 5932  cdfs - ok

12:08:02.0368 5932  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

12:08:02.0392 5932  cdrom - ok

12:08:02.0445 5932  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll

12:08:02.0468 5932  CertPropSvc - ok

12:08:02.0480 5932  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys

12:08:02.0513 5932  circlass - ok

12:08:02.0573 5932  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys

12:08:02.0594 5932  CLFS - ok

12:08:02.0642 5932  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:08:02.0653 5932  clr_optimization_v2.0.50727_32 - ok

12:08:02.0728 5932  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

12:08:02.0740 5932  clr_optimization_v2.0.50727_64 - ok

12:08:02.0790 5932  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

12:08:02.0801 5932  clr_optimization_v4.0.30319_32 - ok

12:08:02.0835 5932  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

12:08:02.0846 5932  clr_optimization_v4.0.30319_64 - ok

12:08:02.0851 5932  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

12:08:02.0863 5932  cmdide - ok

12:08:02.0868 5932  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

12:08:02.0880 5932  Compbatt - ok

12:08:02.0886 5932  COMSysApp - ok

12:08:02.0923 5932  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

12:08:02.0934 5932  crcdisk - ok

12:08:03.0000 5932  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

12:08:03.0027 5932  CryptSvc - ok

12:08:03.0093 5932  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll

12:08:03.0137 5932  DcomLaunch - ok

12:08:03.0204 5932  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

12:08:03.0240 5932  DfsC - ok

12:08:03.0354 5932  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe

12:08:03.0499 5932  DFSR - ok

12:08:03.0589 5932  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

12:08:03.0615 5932  Dhcp - ok

12:08:03.0634 5932  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys

12:08:03.0647 5932  disk - ok

12:08:03.0672 5932  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

12:08:03.0711 5932  Dnscache - ok

12:08:03.0744 5932  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll

12:08:03.0769 5932  dot3svc - ok

12:08:03.0804 5932  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

12:08:03.0836 5932  Dot4 - ok

12:08:03.0869 5932  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

12:08:03.0900 5932  Dot4Print - ok

12:08:03.0923 5932  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

12:08:03.0954 5932  dot4usb - ok

12:08:04.0000 5932  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll

12:08:04.0032 5932  DPS - ok

12:08:04.0067 5932  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

12:08:04.0090 5932  drmkaud - ok

12:08:04.0159 5932  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

12:08:04.0187 5932  DXGKrnl - ok

12:08:04.0221 5932  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys

12:08:04.0253 5932  E1G60 - ok

12:08:04.0269 5932  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll

12:08:04.0292 5932  EapHost - ok

12:08:04.0330 5932  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys

12:08:04.0345 5932  Ecache - ok

12:08:04.0417 5932  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

12:08:04.0439 5932  ehRecvr - ok

12:08:04.0461 5932  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe

12:08:04.0474 5932  ehSched - ok

12:08:04.0503 5932  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll

12:08:04.0539 5932  ehstart - ok

12:08:04.0566 5932  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

12:08:04.0587 5932  elxstor - ok

12:08:04.0645 5932  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

12:08:04.0686 5932  EMDMgmt - ok

12:08:04.0691 5932  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

12:08:04.0732 5932  ErrDev - ok

12:08:04.0768 5932  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll

12:08:04.0797 5932  EventSystem - ok

12:08:04.0831 5932  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys

12:08:04.0877 5932  exfat - ok

12:08:04.0881 5932  ezSharedSvc - ok

12:08:04.0922 5932  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

12:08:04.0948 5932  fastfat - ok

12:08:04.0953 5932  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

12:08:04.0985 5932  fdc - ok

12:08:05.0025 5932  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll

12:08:05.0056 5932  fdPHost - ok

12:08:05.0101 5932  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll

12:08:05.0148 5932  FDResPub - ok

12:08:05.0218 5932  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

12:08:05.0230 5932  FileInfo - ok

12:08:05.0247 5932  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

12:08:05.0279 5932  Filetrace - ok

12:08:05.0284 5932  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

12:08:05.0315 5932  flpydisk - ok

12:08:05.0361 5932  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

12:08:05.0378 5932  FltMgr - ok

12:08:05.0447 5932  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll

12:08:05.0550 5932  FontCache - ok

12:08:05.0621 5932  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

12:08:05.0631 5932  FontCache3.0.0.0 - ok

12:08:05.0659 5932  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

12:08:05.0695 5932  Fs_Rec - ok

12:08:05.0723 5932  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

12:08:05.0736 5932  gagp30kx - ok

12:08:05.0788 5932  [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe

12:08:05.0800 5932  GameConsoleService - ok

12:08:05.0852 5932  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

12:08:05.0862 5932  GEARAspiWDM - ok

12:08:05.0915 5932  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll

12:08:05.0959 5932  gpsvc - ok

12:08:06.0062 5932  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:08:06.0072 5932  gupdate - ok

12:08:06.0100 5932  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

12:08:06.0110 5932  gupdatem - ok

12:08:06.0140 5932  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

12:08:06.0178 5932  HdAudAddService - ok

12:08:06.0213 5932  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

12:08:06.0260 5932  HDAudBus - ok

12:08:06.0313 5932  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys

12:08:06.0360 5932  HidBth - ok

12:08:06.0365 5932  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys

12:08:06.0411 5932  HidIr - ok

12:08:06.0431 5932  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll

12:08:06.0454 5932  hidserv - ok

12:08:06.0510 5932  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

12:08:06.0533 5932  HidUsb - ok

12:08:06.0572 5932  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll

12:08:06.0604 5932  hkmsvc - ok

12:08:06.0648 5932  [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys

12:08:06.0658 5932  hotcore3 - ok

12:08:06.0740 5932  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

12:08:06.0744 5932  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

12:08:06.0744 5932  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

12:08:06.0753 5932  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

12:08:06.0766 5932  HpCISSs - ok

12:08:06.0882 5932  [ AF81F7BA6A09119006FE041A2F2F3ECE ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

12:08:06.0888 5932  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

12:08:06.0888 5932  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

12:08:07.0006 5932  [ 7244F63DB8EA883B3DC8E730C645D073 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

12:08:07.0011 5932  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

12:08:07.0011 5932  hpqddsvc - detected UnsignedFile.Multi.Generic (1)

12:08:07.0065 5932  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

12:08:07.0124 5932  HTTP - ok

12:08:07.0181 5932  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

12:08:07.0193 5932  i2omp - ok

12:08:07.0218 5932  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

12:08:07.0242 5932  i8042prt - ok

12:08:07.0291 5932  [ EEF0C78D403F213289067F3861C3AF4F ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

12:08:07.0306 5932  IAANTMON - ok

12:08:07.0410 5932  [ 8EACF469269FB1509561961A3188F670 ] iaStor          C:\Windows\system32\drivers\iastor.sys

12:08:07.0425 5932  iaStor - ok

12:08:07.0467 5932  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

12:08:07.0484 5932  iaStorV - ok

12:08:07.0570 5932  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

12:08:07.0610 5932  idsvc - ok

12:08:07.0617 5932  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

12:08:07.0629 5932  iirsp - ok

12:08:07.0683 5932  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll

12:08:07.0715 5932  IKEEXT - ok

12:08:07.0764 5932  [ 5F885046A7F420989C8366324FD2EF60 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

12:08:07.0800 5932  IntcAzAudAddService - ok

12:08:07.0805 5932  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys

12:08:07.0817 5932  intelide - ok

12:08:07.0833 5932  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

12:08:07.0864 5932  intelppm - ok

12:08:07.0882 5932  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

12:08:07.0916 5932  IPBusEnum - ok

12:08:07.0954 5932  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

12:08:07.0978 5932  IpFilterDriver - ok

12:08:08.0046 5932  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

12:08:08.0082 5932  iphlpsvc - ok

12:08:08.0086 5932  IpInIp - ok

12:08:08.0094 5932  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

12:08:08.0126 5932  IPMIDRV - ok

12:08:08.0131 5932  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

12:08:08.0164 5932  IPNAT - ok

12:08:08.0231 5932  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

12:08:08.0257 5932  iPod Service - ok

12:08:08.0315 5932  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys

12:08:08.0345 5932  IRENUM - ok

12:08:08.0357 5932  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys

12:08:08.0369 5932  isapnp - ok

12:08:08.0385 5932  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

12:08:08.0400 5932  iScsiPrt - ok

12:08:08.0405 5932  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

12:08:08.0417 5932  iteatapi - ok

12:08:08.0430 5932  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

12:08:08.0441 5932  iteraid - ok

12:08:08.0457 5932  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

12:08:08.0469 5932  kbdclass - ok

12:08:08.0546 5932  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

12:08:08.0569 5932  kbdhid - ok

12:08:08.0604 5932  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe

12:08:08.0641 5932  KeyIso - ok

12:08:08.0690 5932  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

12:08:08.0715 5932  KSecDD - ok

12:08:08.0762 5932  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

12:08:08.0793 5932  ksthunk - ok

12:08:08.0830 5932  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll

12:08:08.0867 5932  KtmRm - ok

12:08:08.0911 5932  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll

12:08:08.0939 5932  LanmanServer - ok

12:08:09.0028 5932  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

12:08:09.0046 5932  LanmanWorkstation - ok

12:08:09.0148 5932  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

12:08:09.0167 5932  LBTServ - ok

12:08:09.0217 5932  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

12:08:09.0227 5932  LHidFilt - ok

12:08:09.0310 5932  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

12:08:09.0314 5932  LightScribeService ( UnsignedFile.Multi.Generic ) - warning

12:08:09.0314 5932  LightScribeService - detected UnsignedFile.Multi.Generic (1)

12:08:09.0321 5932  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

12:08:09.0353 5932  lltdio - ok

12:08:09.0371 5932  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

12:08:09.0407 5932  lltdsvc - ok

12:08:09.0418 5932  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll

12:08:09.0449 5932  lmhosts - ok

12:08:09.0461 5932  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

12:08:09.0472 5932  LMouFilt - ok

12:08:09.0517 5932  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

12:08:09.0530 5932  LSI_FC - ok

12:08:09.0536 5932  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

12:08:09.0550 5932  LSI_SAS - ok

12:08:09.0564 5932  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

12:08:09.0578 5932  LSI_SCSI - ok

12:08:09.0594 5932  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys

12:08:09.0626 5932  luafv - ok

12:08:09.0683 5932  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

12:08:09.0695 5932  MBAMProtector - ok

12:08:09.0747 5932  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

12:08:09.0763 5932  MBAMScheduler - ok

12:08:09.0784 5932  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

12:08:09.0805 5932  MBAMService - ok

12:08:09.0929 5932  [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

12:08:09.0941 5932  McComponentHostService - ok

12:08:09.0959 5932  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

12:08:09.0973 5932  Mcx2Svc - ok

12:08:10.0022 5932  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

12:08:10.0030 5932  MDM ( UnsignedFile.Multi.Generic ) - warning

12:08:10.0030 5932  MDM - detected UnsignedFile.Multi.Generic (1)

12:08:10.0047 5932  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys

12:08:10.0060 5932  megasas - ok

12:08:10.0078 5932  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

12:08:10.0100 5932  MegaSR - ok

12:08:10.0142 5932  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll

12:08:10.0173 5932  MMCSS - ok

12:08:10.0178 5932  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys

12:08:10.0210 5932  Modem - ok

12:08:10.0252 5932  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

12:08:10.0283 5932  monitor - ok

12:08:10.0297 5932  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

12:08:10.0309 5932  mouclass - ok

12:08:10.0320 5932  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

12:08:10.0351 5932  mouhid - ok

12:08:10.0361 5932  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

12:08:10.0374 5932  MountMgr - ok

12:08:10.0402 5932  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys

12:08:10.0415 5932  mpio - ok

12:08:10.0434 5932  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

12:08:10.0459 5932  mpsdrv - ok

12:08:10.0520 5932  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll

12:08:10.0563 5932  MpsSvc - ok

12:08:10.0568 5932  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

12:08:10.0580 5932  Mraid35x - ok

12:08:10.0628 5932  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

12:08:10.0644 5932  MRxDAV - ok

12:08:10.0692 5932  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

12:08:10.0730 5932  mrxsmb - ok

12:08:10.0757 5932  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

12:08:10.0773 5932  mrxsmb10 - ok

12:08:10.0793 5932  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

12:08:10.0806 5932  mrxsmb20 - ok

12:08:10.0819 5932  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys

12:08:10.0831 5932  msahci - ok

12:08:10.0837 5932  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

12:08:10.0850 5932  msdsm - ok

12:08:10.0866 5932  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe

12:08:10.0899 5932  MSDTC - ok

12:08:10.0918 5932  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys

12:08:10.0950 5932  Msfs - ok

12:08:10.0961 5932  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

12:08:10.0973 5932  msisadrv - ok

12:08:10.0998 5932  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

12:08:11.0032 5932  MSiSCSI - ok

12:08:11.0036 5932  msiserver - ok

12:08:11.0069 5932  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

12:08:11.0101 5932  MSKSSRV - ok

12:08:11.0125 5932  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

12:08:11.0156 5932  MSPCLOCK - ok

12:08:11.0161 5932  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

12:08:11.0191 5932  MSPQM - ok

12:08:11.0242 5932  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

12:08:11.0261 5932  MsRPC - ok

12:08:11.0268 5932  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

12:08:11.0280 5932  mssmbios - ok

12:08:11.0293 5932  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

12:08:11.0323 5932  MSTEE - ok

12:08:11.0379 5932  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys

12:08:11.0392 5932  Mup - ok

12:08:11.0454 5932  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll

12:08:11.0484 5932  napagent - ok

12:08:11.0534 5932  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

12:08:11.0551 5932  NativeWifiP - ok

12:08:11.0603 5932  NAVENG - ok

12:08:11.0607 5932  NAVEX15 - ok

12:08:11.0680 5932  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys

12:08:11.0716 5932  NDIS - ok

12:08:11.0769 5932  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

12:08:11.0792 5932  NdisTapi - ok

12:08:11.0806 5932  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

12:08:11.0837 5932  Ndisuio - ok

12:08:11.0907 5932  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

12:08:11.0932 5932  NdisWan - ok

12:08:11.0937 5932  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

12:08:11.0961 5932  NDProxy - ok

12:08:12.0006 5932  [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

12:08:12.0011 5932  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

12:08:12.0011 5932  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

12:08:12.0050 5932  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

12:08:12.0082 5932  NetBIOS - ok

12:08:12.0125 5932  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

12:08:12.0151 5932  netbt - ok

12:08:12.0162 5932  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe

12:08:12.0175 5932  Netlogon - ok

12:08:12.0220 5932  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll

12:08:12.0258 5932  Netman - ok

12:08:12.0298 5932  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:08:12.0310 5932  NetMsmqActivator - ok

12:08:12.0315 5932  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:08:12.0326 5932  NetPipeActivator - ok

12:08:12.0350 5932  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll

12:08:12.0385 5932  netprofm - ok

12:08:12.0389 5932  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:08:12.0401 5932  NetTcpActivator - ok

12:08:12.0405 5932  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

12:08:12.0416 5932  NetTcpPortSharing - ok

12:08:12.0429 5932  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

12:08:12.0441 5932  nfrd960 - ok

12:08:12.0454 5932  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll

12:08:12.0487 5932  NlaSvc - ok

12:08:12.0499 5932  Norton Internet Security - ok

12:08:12.0523 5932  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

12:08:12.0546 5932  Npfs - ok

12:08:12.0573 5932  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll

12:08:12.0605 5932  nsi - ok

12:08:12.0617 5932  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

12:08:12.0647 5932  nsiproxy - ok

12:08:12.0699 5932  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

12:08:12.0772 5932  Ntfs - ok

12:08:12.0828 5932  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys

12:08:12.0858 5932  Null - ok

12:08:12.0893 5932  [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

12:08:12.0905 5932  NVHDA - ok

12:08:13.0183 5932  [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

12:08:13.0527 5932  nvlddmkm - ok

12:08:13.0563 5932  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

12:08:13.0577 5932  nvraid - ok

12:08:13.0582 5932  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys

12:08:13.0594 5932  nvstor - ok

12:08:13.0657 5932  [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc           C:\Windows\system32\nvvsvc.exe

12:08:13.0708 5932  nvsvc - ok

12:08:13.0784 5932  [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

12:08:13.0907 5932  nvUpdatusService - ok

12:08:13.0935 5932  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

12:08:13.0948 5932  nv_agp - ok

12:08:13.0953 5932  NwlnkFlt - ok

12:08:13.0959 5932  NwlnkFwd - ok

12:08:14.0012 5932  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

12:08:14.0035 5932  ohci1394 - ok

12:08:14.0102 5932  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll

12:08:14.0168 5932  p2pimsvc - ok

12:08:14.0192 5932  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll

12:08:14.0215 5932  p2psvc - ok

12:08:14.0232 5932  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys

12:08:14.0280 5932  Parport - ok

12:08:14.0326 5932  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

12:08:14.0338 5932  partmgr - ok

12:08:14.0386 5932  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll

12:08:14.0423 5932  PcaSvc - ok

12:08:14.0467 5932  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys

12:08:14.0482 5932  pci - ok

12:08:14.0496 5932  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys

12:08:14.0507 5932  pciide - ok

12:08:14.0519 5932  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

12:08:14.0534 5932  pcmcia - ok

12:08:14.0554 5932  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

12:08:14.0625 5932  PEAUTH - ok

12:08:14.0690 5932  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

12:08:14.0721 5932  PerfHost - ok

12:08:14.0776 5932  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll

12:08:14.0834 5932  pla - ok

12:08:14.0881 5932  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

12:08:14.0908 5932  PlugPlay - ok

12:08:14.0979 5932  [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

12:08:14.0984 5932  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

12:08:14.0984 5932  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

12:08:14.0993 5932  PnkBstrA - ok

12:08:15.0019 5932  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

12:08:15.0042 5932  PNRPAutoReg - ok

12:08:15.0095 5932  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll

12:08:15.0118 5932  PNRPsvc - ok

12:08:15.0184 5932  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

12:08:15.0217 5932  PolicyAgent - ok

12:08:15.0257 5932  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

12:08:15.0282 5932  PptpMiniport - ok

12:08:15.0305 5932  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys

12:08:15.0336 5932  Processor - ok

12:08:15.0379 5932  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll

12:08:15.0404 5932  ProfSvc - ok

12:08:15.0429 5932  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe

12:08:15.0441 5932  ProtectedStorage - ok

12:08:15.0557 5932  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys

12:08:15.0600 5932  Ps2 - ok

12:08:15.0642 5932  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

12:08:15.0665 5932  PSched - ok

12:08:15.0697 5932  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys

12:08:15.0749 5932  ql2300 - ok

12:08:15.0755 5932  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

12:08:15.0769 5932  ql40xx - ok

12:08:15.0803 5932  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll

12:08:15.0820 5932  QWAVE - ok

12:08:15.0828 5932  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

12:08:15.0841 5932  QWAVEdrv - ok

12:08:15.0851 5932  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

12:08:15.0881 5932  RasAcd - ok

12:08:15.0907 5932  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll

12:08:15.0940 5932  RasAuto - ok

12:08:16.0005 5932  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

12:08:16.0030 5932  Rasl2tp - ok

12:08:16.0053 5932  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll

12:08:16.0081 5932  RasMan - ok

12:08:16.0132 5932  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

12:08:16.0155 5932  RasPppoe - ok

12:08:16.0178 5932  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

12:08:16.0191 5932  RasSstp - ok

12:08:16.0224 5932  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

12:08:16.0251 5932  rdbss - ok

12:08:16.0261 5932  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

12:08:16.0293 5932  RDPCDD - ok

12:08:16.0323 5932  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

12:08:16.0358 5932  rdpdr - ok

12:08:16.0362 5932  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

12:08:16.0394 5932  RDPENCDD - ok

12:08:16.0444 5932  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

12:08:16.0468 5932  RDPWD - ok

12:08:16.0495 5932  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll

12:08:16.0528 5932  RemoteAccess - ok

12:08:16.0631 5932  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

12:08:16.0656 5932  RemoteRegistry - ok

12:08:16.0744 5932  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe

12:08:16.0782 5932  RpcLocator - ok

12:08:16.0858 5932  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll

12:08:16.0892 5932  RpcSs - ok

12:08:16.0933 5932  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

12:08:16.0965 5932  rspndr - ok

12:08:17.0024 5932  [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys

12:08:17.0070 5932  RTL8169 - ok

12:08:17.0095 5932  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe

12:08:17.0108 5932  SamSs - ok

12:08:17.0171 5932  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys

12:08:17.0180 5932  SANDRA - ok

12:08:17.0215 5932  [ 96F6F3E594D780B7E20FDC94504D4D89 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe

12:08:17.0221 5932  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning

12:08:17.0221 5932  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)

12:08:17.0237 5932  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

12:08:17.0249 5932  sbp2port - ok

12:08:17.0289 5932  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll

12:08:17.0314 5932  SCardSvr - ok

12:08:17.0448 5932  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll

12:08:17.0506 5932  Schedule - ok

12:08:17.0561 5932  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll

12:08:17.0583 5932  SCPolicySvc - ok

12:08:17.0644 5932  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

12:08:17.0692 5932  SDRSVC - ok

12:08:17.0726 5932  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

12:08:17.0773 5932  secdrv - ok

12:08:17.0787 5932  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll

12:08:17.0819 5932  seclogon - ok

12:08:17.0837 5932  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll

12:08:17.0868 5932  SENS - ok

12:08:17.0882 5932  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys

12:08:17.0929 5932  Serenum - ok

12:08:17.0934 5932  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys

12:08:17.0982 5932  Serial - ok

12:08:17.0987 5932  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys

12:08:18.0019 5932  sermouse - ok

12:08:18.0063 5932  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll

12:08:18.0095 5932  SessionEnv - ok

12:08:18.0101 5932  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

12:08:18.0132 5932  sffdisk - ok

12:08:18.0137 5932  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

12:08:18.0168 5932  sffp_mmc - ok

12:08:18.0172 5932  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

12:08:18.0204 5932  sffp_sd - ok

12:08:18.0228 5932  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

12:08:18.0274 5932  sfloppy - ok

12:08:18.0349 5932  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

12:08:18.0386 5932  SharedAccess - ok

12:08:18.0443 5932  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

12:08:18.0465 5932  ShellHWDetection - ok

12:08:18.0470 5932  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

12:08:18.0482 5932  SiSRaid2 - ok

12:08:18.0488 5932  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

12:08:18.0501 5932  SiSRaid4 - ok

12:08:18.0585 5932  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe

12:08:18.0697 5932  slsvc - ok

12:08:18.0741 5932  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll

12:08:18.0766 5932  SLUINotify - ok

12:08:18.0916 5932  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

12:08:18.0940 5932  Smb - ok

12:08:18.0984 5932  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

12:08:18.0997 5932  SNMPTRAP - ok

12:08:19.0121 5932  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys

12:08:19.0133 5932  spldr - ok

12:08:19.0223 5932  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe

12:08:19.0278 5932  Spooler - ok

12:08:19.0283 5932  SRTSP - ok

12:08:19.0289 5932  SRTSPX - ok

12:08:19.0324 5932  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys

12:08:19.0372 5932  srv - ok

12:08:19.0407 5932  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

12:08:19.0453 5932  srv2 - ok

12:08:19.0489 5932  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

12:08:19.0504 5932  srvnet - ok

12:08:19.0518 5932  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

12:08:19.0551 5932  SSDPSRV - ok

12:08:19.0579 5932  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll

12:08:19.0593 5932  SstpSvc - ok

12:08:19.0616 5932  Steam Client Service - ok

12:08:19.0664 5932  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll

12:08:19.0697 5932  stisvc - ok

12:08:19.0732 5932  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

12:08:19.0742 5932  swenum - ok

12:08:19.0830 5932  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll

12:08:19.0866 5932  swprv - ok

12:08:19.0911 5932  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

12:08:19.0922 5932  Symc8xx - ok

12:08:19.0929 5932  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

12:08:19.0941 5932  Sym_hi - ok

12:08:19.0946 5932  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

12:08:19.0958 5932  Sym_u3 - ok

12:08:20.0013 5932  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll

12:08:20.0056 5932  SysMain - ok

12:08:20.0071 5932  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll

12:08:20.0086 5932  TabletInputService - ok

12:08:20.0131 5932  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll

12:08:20.0158 5932  TapiSrv - ok

12:08:20.0182 5932  TBPanel - ok

12:08:20.0193 5932  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll

12:08:20.0225 5932  TBS - ok

12:08:20.0343 5932  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

12:08:20.0415 5932  Tcpip - ok

12:08:20.0444 5932  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

12:08:20.0481 5932  Tcpip6 - ok

12:08:20.0503 5932  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

12:08:20.0535 5932  tcpipreg - ok

12:08:20.0560 5932  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

12:08:20.0590 5932  TDPIPE - ok

12:08:20.0604 5932  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

12:08:20.0635 5932  TDTCP - ok

12:08:20.0688 5932  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

12:08:20.0712 5932  tdx - ok

12:08:20.0752 5932  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

12:08:20.0765 5932  TermDD - ok

12:08:20.0813 5932  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll

12:08:20.0847 5932  TermService - ok

12:08:20.0867 5932  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll

12:08:20.0883 5932  Themes - ok

12:08:20.0899 5932  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll

12:08:20.0932 5932  THREADORDER - ok

12:08:20.0993 5932  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll

12:08:21.0026 5932  TrkWks - ok

12:08:21.0135 5932  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

12:08:21.0157 5932  TrustedInstaller - ok

12:08:21.0164 5932  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

12:08:21.0196 5932  tssecsrv - ok

12:08:21.0207 5932  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

12:08:21.0220 5932  tunmp - ok

12:08:21.0276 5932  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

12:08:21.0289 5932  tunnel - ok

12:08:21.0301 5932  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

12:08:21.0314 5932  uagp35 - ok

12:08:21.0360 5932  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

12:08:21.0388 5932  udfs - ok

12:08:21.0423 5932  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe

12:08:21.0455 5932  UI0Detect - ok

12:08:21.0491 5932  [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys

12:08:21.0500 5932  UimBus - ok

12:08:21.0551 5932  [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys

12:08:21.0569 5932  Uim_IM - ok

12:08:21.0591 5932  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

12:08:21.0604 5932  uliagpkx - ok

12:08:21.0632 5932  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

12:08:21.0649 5932  uliahci - ok

12:08:21.0655 5932  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

12:08:21.0669 5932  UlSata - ok

12:08:21.0698 5932  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

12:08:21.0712 5932  ulsata2 - ok

12:08:21.0725 5932  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

12:08:21.0756 5932  umbus - ok

12:08:21.0774 5932  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll

12:08:21.0811 5932  upnphost - ok

12:08:21.0856 5932  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

12:08:21.0890 5932  USBAAPL64 - ok

12:08:21.0926 5932  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

12:08:21.0950 5932  usbaudio - ok

12:08:22.0001 5932  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

12:08:22.0026 5932  usbccgp - ok

12:08:22.0031 5932  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

12:08:22.0079 5932  usbcir - ok

12:08:22.0105 5932  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

12:08:22.0128 5932  usbehci - ok

12:08:22.0169 5932  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

12:08:22.0196 5932  usbhub - ok

12:08:22.0200 5932  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

12:08:22.0248 5932  usbohci - ok

12:08:22.0273 5932  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

12:08:22.0304 5932  usbprint - ok

12:08:22.0356 5932  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

12:08:22.0380 5932  usbscan - ok

12:08:22.0401 5932  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

12:08:22.0425 5932  USBSTOR - ok

12:08:22.0443 5932  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

12:08:22.0466 5932  usbuhci - ok

12:08:22.0510 5932  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll

12:08:22.0534 5932  UxSms - ok

12:08:22.0605 5932  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe

12:08:22.0639 5932  vds - ok

12:08:22.0684 5932  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

12:08:22.0714 5932  vga - ok

12:08:22.0733 5932  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys

12:08:22.0764 5932  VgaSave - ok

12:08:22.0768 5932  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys

12:08:22.0780 5932  viaide - ok

12:08:22.0792 5932  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys

12:08:22.0805 5932  volmgr - ok

12:08:22.0862 5932  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

12:08:22.0883 5932  volmgrx - ok

12:08:22.0952 5932  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap         C:\Windows\system32\drivers\volsnap.sys

12:08:22.0969 5932  volsnap - ok

12:08:23.0014 5932  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

12:08:23.0028 5932  vsmraid - ok

12:08:23.0092 5932  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe

12:08:23.0164 5932  VSS - ok

12:08:23.0211 5932  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll

12:08:23.0240 5932  W32Time - ok

12:08:23.0247 5932  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

12:08:23.0294 5932  WacomPen - ok

12:08:23.0351 5932  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

12:08:23.0375 5932  Wanarp - ok

12:08:23.0379 5932  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

12:08:23.0402 5932  Wanarpv6 - ok

12:08:23.0423 5932  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

12:08:23.0456 5932  wcncsvc - ok

12:08:23.0487 5932  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

12:08:23.0512 5932  WcsPlugInService - ok

12:08:23.0516 5932  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys

12:08:23.0529 5932  Wd - ok

12:08:23.0556 5932  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

12:08:23.0595 5932  Wdf01000 - ok

12:08:23.0656 5932  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll

12:08:23.0688 5932  WdiServiceHost - ok

12:08:23.0692 5932  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll

12:08:23.0724 5932  WdiSystemHost - ok

12:08:23.0747 5932  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll

12:08:23.0765 5932  WebClient - ok

12:08:23.0792 5932  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll

12:08:23.0832 5932  Wecsvc - ok

12:08:23.0855 5932  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

12:08:23.0880 5932  wercplsupport - ok

12:08:23.0890 5932  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll

12:08:23.0916 5932  WerSvc - ok

12:08:23.0972 5932  WinDefend - ok

12:08:23.0980 5932  WinHttpAutoProxySvc - ok

12:08:24.0057 5932  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

12:08:24.0081 5932  Winmgmt - ok

12:08:24.0145 5932  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll

12:08:24.0257 5932  WinRM - ok

12:08:24.0351 5932  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll

12:08:24.0397 5932  Wlansvc - ok

12:08:24.0457 5932  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

12:08:24.0468 5932  WmiAcpi - ok

12:08:24.0519 5932  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

12:08:24.0544 5932  wmiApSrv - ok

12:08:24.0587 5932  WMPNetworkSvc - ok

12:08:24.0627 5932  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

12:08:24.0682 5932  WPCSvc - ok

12:08:24.0733 5932  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

12:08:24.0764 5932  WPDBusEnum - ok

12:08:24.0798 5932  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

12:08:24.0811 5932  WpdUsb - ok

12:08:24.0925 5932  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

12:08:24.0960 5932  WPFFontCache_v0400 - ok

12:08:25.0008 5932  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

12:08:25.0039 5932  ws2ifsl - ok

12:08:25.0090 5932  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll

12:08:25.0105 5932  wscsvc - ok

12:08:25.0110 5932  WSearch - ok

12:08:25.0237 5932  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

12:08:25.0338 5932  wuauserv - ok

12:08:25.0353 5932  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

12:08:25.0386 5932  WUDFRd - ok

12:08:25.0410 5932  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

12:08:25.0443 5932  wudfsvc - ok

12:08:25.0494 5932  [ 15CC7077D2DC28776CD430ECABBFFD66 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

12:08:25.0503 5932  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

12:08:25.0506 5932  ================ Scan global ===============================

12:08:25.0547 5932  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll

12:08:25.0635 5932  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

12:08:25.0667 5932  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

12:08:25.0718 5932  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe

12:08:25.0721 5932  [Global] - ok

12:08:25.0721 5932  ================ Scan MBR ==================================

12:08:25.0739 5932  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0

12:08:26.0575 5932  \Device\Harddisk0\DR0 - ok

12:08:26.0594 5932  [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1

12:08:26.0660 5932  \Device\Harddisk1\DR1 - ok

12:08:26.0660 5932  ================ Scan VBR ==================================

12:08:26.0663 5932  [ 32D5755F512F873A9EBBE757A9ECFD5A ] \Device\Harddisk0\DR0\Partition1

12:08:26.0665 5932  \Device\Harddisk0\DR0\Partition1 - ok

12:08:26.0782 5932  [ 15611FB822DC703EA9C168C830976EB0 ] \Device\Harddisk0\DR0\Partition2

12:08:26.0784 5932  \Device\Harddisk0\DR0\Partition2 - ok

12:08:26.0787 5932  [ 960CDE92622C58C393F6E4FC501C8B8C ] \Device\Harddisk1\DR1\Partition1

12:08:26.0789 5932  \Device\Harddisk1\DR1\Partition1 - ok

12:08:26.0790 5932  ============================================================

12:08:26.0790 5932  Scan finished

12:08:26.0790 5932  ============================================================

12:08:26.0803 5924  Detected object count: 8

12:08:26.0803 5924  Actual detected object count: 8

Nein, unter der letzten Zeil bei dir also

12:08:26.0803 5924 Actual detected object count: 8

Müsste noch die untere Zusammenfassung kommen die aber in deinem Post leider fehlt

Ich habe jez öfters durchscannen lassen aber es gibt keine untere Zusammenfassung

Code:

 04:05:24.0738 5556  TDSS rootkit removing tool 2.8.13.0 Oct 12 2012 17:26:47

04:05:24.0794 5556  ============================================================

04:05:24.0794 5556  Current date / time: 2012/10/18 04:05:24.0794

04:05:24.0794 5556  SystemInfo:

04:05:24.0794 5556  

04:05:24.0794 5556  OS Version: 6.0.6002 ServicePack: 2.0

04:05:24.0794 5556  Product type: Workstation

04:05:24.0794 5556  ComputerName: JAN-PC

04:05:24.0794 5556  UserName: Jan

04:05:24.0794 5556  Windows directory: C:\Windows

04:05:24.0794 5556  System windows directory: C:\Windows

04:05:24.0794 5556  Running under WOW64

04:05:24.0794 5556  Processor architecture: Intel x64

04:05:24.0794 5556  Number of processors: 4

04:05:24.0794 5556  Page size: 0x1000

04:05:24.0794 5556  Boot type: Normal boot

04:05:24.0794 5556  ============================================================

04:05:30.0804 5556  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

04:05:30.0804 5556  Drive \Device\Harddisk1\DR1 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

04:05:30.0823 5556  ============================================================

04:05:30.0823 5556  \Device\Harddisk0\DR0:

04:05:30.0823 5556  MBR partitions:

04:05:30.0823 5556  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x48B79A26

04:05:30.0823 5556  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48B79A65, BlocksNum 0x1CDD45C

04:05:30.0823 5556  \Device\Harddisk1\DR1:

04:05:30.0823 5556  MBR partitions:

04:05:30.0823 5556  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A856E82

04:05:30.0823 5556  ============================================================

04:05:30.0842 5556  C: <-> \Device\Harddisk0\DR0\Partition1

04:05:30.0854 5556  E: <-> \Device\Harddisk1\DR1\Partition1

04:05:30.0909 5556  D: <-> \Device\Harddisk0\DR0\Partition2

04:05:30.0909 5556  ============================================================

04:05:30.0909 5556  Initialize success

04:05:30.0909 5556  ============================================================

04:06:08.0901 5228  ============================================================

04:06:08.0901 5228  Scan started

04:06:08.0901 5228  Mode: Manual; SigCheck; TDLFS; 

04:06:08.0901 5228  ============================================================

04:06:09.0305 5228  ================ Scan system memory ========================

04:06:09.0305 5228  System memory - ok

04:06:09.0305 5228  ================ Scan services =============================

04:06:09.0450 5228  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys

04:06:09.0541 5228  ACPI - ok

04:06:09.0645 5228  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

04:06:09.0658 5228  AdobeARMservice - ok

04:06:09.0690 5228  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

04:06:09.0714 5228  adp94xx - ok

04:06:09.0748 5228  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys

04:06:09.0767 5228  adpahci - ok

04:06:09.0772 5228  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

04:06:09.0786 5228  adpu160m - ok

04:06:09.0813 5228  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

04:06:09.0826 5228  adpu320 - ok

04:06:09.0856 5228  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

04:06:09.0954 5228  AeLookupSvc - ok

04:06:10.0004 5228  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys

04:06:10.0096 5228  AFD - ok

04:06:10.0118 5228  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys

04:06:10.0131 5228  agp440 - ok

04:06:10.0149 5228  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

04:06:10.0161 5228  aic78xx - ok

04:06:10.0177 5228  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe

04:06:10.0219 5228  ALG - ok

04:06:10.0224 5228  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys

04:06:10.0235 5228  aliide - ok

04:06:10.0239 5228  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys

04:06:10.0250 5228  amdide - ok

04:06:10.0255 5228  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

04:06:10.0302 5228  AmdK8 - ok

04:06:10.0437 5228  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

04:06:10.0450 5228  AntiVirSchedulerService - ok

04:06:10.0461 5228  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

04:06:10.0472 5228  AntiVirService - ok

04:06:10.0506 5228  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll

04:06:10.0534 5228  Appinfo - ok

04:06:10.0613 5228  [ 3DEBBECF665DCDDE3A95D9B902010817 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

04:06:10.0624 5228  Apple Mobile Device - ok

04:06:10.0629 5228  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys

04:06:10.0642 5228  arc - ok

04:06:10.0647 5228  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

04:06:10.0660 5228  arcsas - ok

04:06:10.0773 5228  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

04:06:10.0784 5228  aspnet_state - ok

04:06:10.0793 5228  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

04:06:10.0824 5228  AsyncMac - ok

04:06:10.0835 5228  [ 1898FAE8E07D97F2F6C2D5326C633FAC ] atapi           C:\Windows\system32\drivers\atapi.sys

04:06:10.0847 5228  atapi - ok

04:06:10.0897 5228  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

04:06:10.0971 5228  AudioEndpointBuilder - ok

04:06:10.0988 5228  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

04:06:11.0016 5228  AudioSrv - ok

04:06:11.0060 5228  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys

04:06:11.0076 5228  avgntflt - ok

04:06:11.0086 5228  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys

04:06:11.0098 5228  avipbb - ok

04:06:11.0112 5228  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys

04:06:11.0122 5228  avkmgr - ok

04:06:11.0179 5228  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll

04:06:11.0248 5228  BFE - ok

04:06:11.0330 5228  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll

04:06:11.0428 5228  BITS - ok

04:06:11.0435 5228  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

04:06:11.0468 5228  blbdrive - ok

04:06:11.0556 5228  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

04:06:11.0573 5228  Bonjour Service - ok

04:06:11.0604 5228  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

04:06:11.0635 5228  bowser - ok

04:06:11.0643 5228  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

04:06:11.0678 5228  BrFiltLo - ok

04:06:11.0682 5228  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

04:06:11.0706 5228  BrFiltUp - ok

04:06:11.0728 5228  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll

04:06:11.0766 5228  Browser - ok

04:06:11.0774 5228  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys

04:06:11.0921 5228  Brserid - ok

04:06:11.0926 5228  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

04:06:12.0021 5228  BrSerWdm - ok

04:06:12.0026 5228  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

04:06:12.0090 5228  BrUsbMdm - ok

04:06:12.0094 5228  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

04:06:12.0141 5228  BrUsbSer - ok

04:06:12.0146 5228  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

04:06:12.0196 5228  BTHMODEM - ok

04:06:12.0212 5228  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

04:06:12.0252 5228  cdfs - ok

04:06:12.0295 5228  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

04:06:12.0332 5228  cdrom - ok

04:06:12.0380 5228  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll

04:06:12.0418 5228  CertPropSvc - ok

04:06:12.0431 5228  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys

04:06:12.0466 5228  circlass - ok

04:06:12.0524 5228  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys

04:06:12.0545 5228  CLFS - ok

04:06:12.0651 5228  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

04:06:12.0662 5228  clr_optimization_v2.0.50727_32 - ok

04:06:12.0721 5228  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

04:06:12.0732 5228  clr_optimization_v2.0.50727_64 - ok

04:06:12.0791 5228  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

04:06:12.0802 5228  clr_optimization_v4.0.30319_32 - ok

04:06:12.0812 5228  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

04:06:12.0823 5228  clr_optimization_v4.0.30319_64 - ok

04:06:12.0827 5228  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

04:06:12.0838 5228  cmdide - ok

04:06:12.0842 5228  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

04:06:12.0854 5228  Compbatt - ok

04:06:12.0858 5228  COMSysApp - ok

04:06:12.0874 5228  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

04:06:12.0886 5228  crcdisk - ok

04:06:12.0951 5228  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

04:06:12.0986 5228  CryptSvc - ok

04:06:13.0053 5228  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll

04:06:13.0119 5228  DcomLaunch - ok

04:06:13.0189 5228  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

04:06:13.0233 5228  DfsC - ok

04:06:13.0347 5228  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe

04:06:13.0507 5228  DFSR - ok

04:06:13.0590 5228  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

04:06:13.0616 5228  Dhcp - ok

04:06:13.0637 5228  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys

04:06:13.0650 5228  disk - ok

04:06:13.0673 5228  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

04:06:13.0720 5228  Dnscache - ok

04:06:13.0753 5228  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll

04:06:13.0790 5228  dot3svc - ok

04:06:13.0822 5228  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys

04:06:13.0861 5228  Dot4 - ok

04:06:13.0887 5228  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys

04:06:13.0936 5228  Dot4Print - ok

04:06:13.0966 5228  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys

04:06:13.0997 5228  dot4usb - ok

04:06:14.0043 5228  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll

04:06:14.0083 5228  DPS - ok

04:06:14.0119 5228  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

04:06:14.0175 5228  drmkaud - ok

04:06:14.0227 5228  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

04:06:14.0265 5228  DXGKrnl - ok

04:06:14.0288 5228  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys

04:06:14.0325 5228  E1G60 - ok

04:06:14.0336 5228  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll

04:06:14.0367 5228  EapHost - ok

04:06:14.0443 5228  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys

04:06:14.0457 5228  Ecache - ok

04:06:14.0510 5228  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

04:06:14.0559 5228  ehRecvr - ok

04:06:14.0596 5228  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe

04:06:14.0622 5228  ehSched - ok

04:06:14.0646 5228  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll

04:06:14.0665 5228  ehstart - ok

04:06:14.0692 5228  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

04:06:14.0711 5228  elxstor - ok

04:06:14.0772 5228  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

04:06:14.0791 5228  EMDMgmt - ok

04:06:14.0795 5228  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

04:06:14.0837 5228  ErrDev - ok

04:06:14.0911 5228  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll

04:06:14.0947 5228  EventSystem - ok

04:06:15.0007 5228  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys

04:06:15.0053 5228  exfat - ok

04:06:15.0057 5228  ezSharedSvc - ok

04:06:15.0098 5228  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

04:06:15.0139 5228  fastfat - ok

04:06:15.0143 5228  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

04:06:15.0174 5228  fdc - ok

04:06:15.0184 5228  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll

04:06:15.0230 5228  fdPHost - ok

04:06:15.0244 5228  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll

04:06:15.0304 5228  FDResPub - ok

04:06:15.0319 5228  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

04:06:15.0332 5228  FileInfo - ok

04:06:15.0348 5228  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

04:06:15.0379 5228  Filetrace - ok

04:06:15.0384 5228  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

04:06:15.0415 5228  flpydisk - ok

04:06:15.0462 5228  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

04:06:15.0479 5228  FltMgr - ok

04:06:15.0549 5228  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll

04:06:15.0641 5228  FontCache - ok

04:06:15.0706 5228  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

04:06:15.0715 5228  FontCache3.0.0.0 - ok

04:06:15.0744 5228  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

04:06:15.0779 5228  Fs_Rec - ok

04:06:15.0799 5228  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

04:06:15.0811 5228  gagp30kx - ok

04:06:15.0865 5228  [ 617DC2877015270914CA3C03873560D5 ] GameConsoleService C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe

04:06:15.0878 5228  GameConsoleService - ok

04:06:15.0920 5228  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

04:06:15.0930 5228  GEARAspiWDM - ok

04:06:15.0975 5228  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll

04:06:16.0022 5228  gpsvc - ok

04:06:16.0155 5228  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:06:16.0165 5228  gupdate - ok

04:06:16.0170 5228  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

04:06:16.0179 5228  gupdatem - ok

04:06:16.0208 5228  [ 68E732382B32417FF61FD663259B4B09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

04:06:16.0223 5228  HdAudAddService - ok

04:06:16.0272 5228  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

04:06:16.0361 5228  HDAudBus - ok

04:06:16.0373 5228  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys

04:06:16.0436 5228  HidBth - ok

04:06:16.0441 5228  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys

04:06:16.0489 5228  HidIr - ok

04:06:16.0507 5228  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll

04:06:16.0567 5228  hidserv - ok

04:06:16.0595 5228  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

04:06:16.0626 5228  HidUsb - ok

04:06:16.0648 5228  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll

04:06:16.0682 5228  hkmsvc - ok

04:06:16.0741 5228  [ DDF58C2E16527073FEF370EDFE970745 ] hotcore3        C:\Windows\system32\DRIVERS\hotcore3.sys

04:06:16.0751 5228  hotcore3 - ok

04:06:16.0808 5228  [ A19B0BB5A7EB6DF2DD4A0711D36955EE ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe

04:06:16.0819 5228  HP Health Check Service ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0819 5228  HP Health Check Service - detected UnsignedFile.Multi.Generic (1)

04:06:16.0829 5228  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

04:06:16.0842 5228  HpCISSs - ok

04:06:16.0933 5228  [ AF81F7BA6A09119006FE041A2F2F3ECE ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll

04:06:16.0950 5228  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0950 5228  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

04:06:16.0974 5228  [ 7244F63DB8EA883B3DC8E730C645D073 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll

04:06:16.0988 5228  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning

04:06:16.0988 5228  hpqddsvc - detected UnsignedFile.Multi.Generic (1)

04:06:17.0025 5228  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

04:06:17.0085 5228  HTTP - ok

04:06:17.0141 5228  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

04:06:17.0153 5228  i2omp - ok

04:06:17.0178 5228  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

04:06:17.0225 5228  i8042prt - ok

04:06:17.0276 5228  [ EEF0C78D403F213289067F3861C3AF4F ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

04:06:17.0292 5228  IAANTMON - ok

04:06:17.0344 5228  [ 8EACF469269FB1509561961A3188F670 ] iaStor          C:\Windows\system32\drivers\iastor.sys

04:06:17.0359 5228  iaStor - ok

04:06:17.0426 5228  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

04:06:17.0441 5228  iaStorV - ok

04:06:17.0797 5228  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

04:06:17.0834 5228  idsvc - ok

04:06:17.0851 5228  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

04:06:17.0862 5228  iirsp - ok

04:06:17.0918 5228  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll

04:06:18.0001 5228  IKEEXT - ok

04:06:18.0065 5228  [ 5F885046A7F420989C8366324FD2EF60 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

04:06:18.0117 5228  IntcAzAudAddService - ok

04:06:18.0132 5228  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys

04:06:18.0144 5228  intelide - ok

04:06:18.0160 5228  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

04:06:18.0213 5228  intelppm - ok

04:06:18.0242 5228  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

04:06:18.0288 5228  IPBusEnum - ok

04:06:18.0339 5228  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

04:06:18.0363 5228  IpFilterDriver - ok

04:06:18.0414 5228  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

04:06:18.0475 5228  iphlpsvc - ok

04:06:18.0479 5228  IpInIp - ok

04:06:18.0486 5228  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

04:06:18.0517 5228  IPMIDRV - ok

04:06:18.0532 5228  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

04:06:18.0568 5228  IPNAT - ok

04:06:18.0615 5228  [ EE4C2A137C7088911A8919EFFC9812E7 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

04:06:18.0668 5228  iPod Service - ok

04:06:18.0673 5228  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys

04:06:18.0725 5228  IRENUM - ok

04:06:18.0757 5228  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys

04:06:18.0769 5228  isapnp - ok

04:06:18.0796 5228  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

04:06:18.0810 5228  iScsiPrt - ok

04:06:18.0815 5228  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

04:06:18.0826 5228  iteatapi - ok

04:06:18.0839 5228  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

04:06:18.0851 5228  iteraid - ok

04:06:18.0867 5228  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

04:06:18.0878 5228  kbdclass - ok

04:06:18.0906 5228  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

04:06:18.0940 5228  kbdhid - ok

04:06:18.0972 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe

04:06:18.0986 5228  KeyIso - ok

04:06:19.0042 5228  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

04:06:19.0066 5228  KSecDD - ok

04:06:19.0105 5228  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

04:06:19.0145 5228  ksthunk - ok

04:06:19.0181 5228  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll

04:06:19.0281 5228  KtmRm - ok

04:06:19.0302 5228  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll

04:06:19.0330 5228  LanmanServer - ok

04:06:19.0371 5228  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

04:06:19.0387 5228  LanmanWorkstation - ok

04:06:19.0482 5228  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe

04:06:19.0500 5228  LBTServ - ok

04:06:19.0560 5228  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

04:06:19.0570 5228  LHidFilt - ok

04:06:19.0611 5228  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

04:06:19.0636 5228  LightScribeService ( UnsignedFile.Multi.Generic ) - warning

04:06:19.0636 5228  LightScribeService - detected UnsignedFile.Multi.Generic (1)

04:06:19.0664 5228  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

04:06:19.0707 5228  lltdio - ok

04:06:19.0747 5228  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

04:06:19.0821 5228  lltdsvc - ok

04:06:19.0844 5228  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll

04:06:19.0875 5228  lmhosts - ok

04:06:19.0888 5228  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

04:06:19.0898 5228  LMouFilt - ok

04:06:19.0926 5228  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

04:06:19.0939 5228  LSI_FC - ok

04:06:19.0944 5228  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

04:06:19.0957 5228  LSI_SAS - ok

04:06:19.0965 5228  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

04:06:19.0978 5228  LSI_SCSI - ok

04:06:19.0995 5228  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys

04:06:20.0039 5228  luafv - ok

04:06:20.0109 5228  [ B9FC4CCE5758B816F27DD4D1EED11841 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

04:06:20.0121 5228  MBAMProtector - ok

04:06:20.0173 5228  [ 0DCF16B1449811EFA47AB52CAC84093C ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

04:06:20.0194 5228  MBAMScheduler - ok

04:06:20.0236 5228  [ 9EAABA4D601004BEA4DAA6E146E19A96 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

04:06:20.0269 5228  MBAMService - ok

04:06:20.0356 5228  [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files (x86)\McAfee Security Scan\2.0.181\McCHSvc.exe

04:06:20.0369 5228  McComponentHostService - ok

04:06:20.0394 5228  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

04:06:20.0410 5228  Mcx2Svc - ok

04:06:20.0473 5228  [ 7CF1B716372B89568AE4C0FE769F5869 ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

04:06:20.0493 5228  MDM ( UnsignedFile.Multi.Generic ) - warning

04:06:20.0493 5228  MDM - detected UnsignedFile.Multi.Generic (1)

04:06:20.0506 5228  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys

04:06:20.0519 5228  megasas - ok

04:06:20.0538 5228  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

04:06:20.0558 5228  MegaSR - ok

04:06:20.0593 5228  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll

04:06:20.0633 5228  MMCSS - ok

04:06:20.0638 5228  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys

04:06:20.0673 5228  Modem - ok

04:06:20.0712 5228  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

04:06:20.0755 5228  monitor - ok

04:06:20.0773 5228  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

04:06:20.0785 5228  mouclass - ok

04:06:20.0796 5228  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

04:06:20.0838 5228  mouhid - ok

04:06:20.0854 5228  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

04:06:20.0867 5228  MountMgr - ok

04:06:20.0894 5228  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys

04:06:20.0907 5228  mpio - ok

04:06:20.0919 5228  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

04:06:20.0950 5228  mpsdrv - ok

04:06:20.0996 5228  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll

04:06:21.0040 5228  MpsSvc - ok

04:06:21.0044 5228  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

04:06:21.0057 5228  Mraid35x - ok

04:06:21.0105 5228  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

04:06:21.0131 5228  MRxDAV - ok

04:06:21.0144 5228  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

04:06:21.0198 5228  mrxsmb - ok

04:06:21.0224 5228  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

04:06:21.0250 5228  mrxsmb10 - ok

04:06:21.0268 5228  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

04:06:21.0282 5228  mrxsmb20 - ok

04:06:21.0295 5228  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys

04:06:21.0306 5228  msahci - ok

04:06:21.0312 5228  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

04:06:21.0324 5228  msdsm - ok

04:06:21.0343 5228  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe

04:06:21.0397 5228  MSDTC - ok

04:06:21.0419 5228  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys

04:06:21.0458 5228  Msfs - ok

04:06:21.0471 5228  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

04:06:21.0482 5228  msisadrv - ok

04:06:21.0507 5228  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

04:06:21.0545 5228  MSiSCSI - ok

04:06:21.0549 5228  msiserver - ok

04:06:21.0571 5228  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

04:06:21.0604 5228  MSKSSRV - ok

04:06:21.0626 5228  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

04:06:21.0658 5228  MSPCLOCK - ok

04:06:21.0663 5228  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

04:06:21.0703 5228  MSPQM - ok

04:06:21.0752 5228  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

04:06:21.0770 5228  MsRPC - ok

04:06:21.0778 5228  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

04:06:21.0789 5228  mssmbios - ok

04:06:21.0802 5228  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

04:06:21.0837 5228  MSTEE - ok

04:06:21.0855 5228  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys

04:06:21.0868 5228  Mup - ok

04:06:21.0922 5228  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll

04:06:22.0007 5228  napagent - ok

04:06:22.0077 5228  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

04:06:22.0122 5228  NativeWifiP - ok

04:06:22.0138 5228  NAVENG - ok

04:06:22.0141 5228  NAVEX15 - ok

04:06:22.0206 5228  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys

04:06:22.0242 5228  NDIS - ok

04:06:22.0279 5228  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

04:06:22.0315 5228  NdisTapi - ok

04:06:22.0324 5228  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

04:06:22.0358 5228  Ndisuio - ok

04:06:22.0400 5228  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

04:06:22.0431 5228  NdisWan - ok

04:06:22.0447 5228  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

04:06:22.0483 5228  NDProxy - ok

04:06:22.0507 5228  [ 59267D2F0328599AA3B5408C2E06126F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll

04:06:22.0518 5228  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

04:06:22.0519 5228  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

04:06:22.0535 5228  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

04:06:22.0586 5228  NetBIOS - ok

04:06:22.0618 5228  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

04:06:22.0657 5228  netbt - ok

04:06:22.0672 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe

04:06:22.0685 5228  Netlogon - ok

04:06:22.0713 5228  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll

04:06:22.0806 5228  Netman - ok

04:06:22.0832 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0845 5228  NetMsmqActivator - ok

04:06:22.0849 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0860 5228  NetPipeActivator - ok

04:06:22.0877 5228  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll

04:06:22.0914 5228  netprofm - ok

04:06:22.0918 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0930 5228  NetTcpActivator - ok

04:06:22.0934 5228  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

04:06:22.0945 5228  NetTcpPortSharing - ok

04:06:22.0964 5228  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

04:06:22.0981 5228  nfrd960 - ok

04:06:22.0997 5228  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll

04:06:23.0037 5228  NlaSvc - ok

04:06:23.0050 5228  Norton Internet Security - ok

04:06:23.0082 5228  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

04:06:23.0122 5228  Npfs - ok

04:06:23.0141 5228  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll

04:06:23.0183 5228  nsi - ok

04:06:23.0193 5228  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

04:06:23.0238 5228  nsiproxy - ok

04:06:23.0301 5228  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

04:06:23.0357 5228  Ntfs - ok

04:06:23.0396 5228  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys

04:06:23.0434 5228  Null - ok

04:06:23.0478 5228  [ 960E39A54E525DF58CB29193147DFFA1 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

04:06:23.0489 5228  NVHDA - ok

04:06:23.0735 5228  [ 9C1996DD3C0469BC8933321F15709F5A ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

04:06:24.0204 5228  nvlddmkm - ok

04:06:24.0231 5228  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

04:06:24.0244 5228  nvraid - ok

04:06:24.0249 5228  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys

04:06:24.0260 5228  nvstor - ok

04:06:24.0317 5228  [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] nvsvc           C:\Windows\system32\nvvsvc.exe

04:06:24.0369 5228  nvsvc - ok

04:06:24.0443 5228  [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

04:06:24.0521 5228  nvUpdatusService - ok

04:06:24.0536 5228  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

04:06:24.0549 5228  nv_agp - ok

04:06:24.0553 5228  NwlnkFlt - ok

04:06:24.0558 5228  NwlnkFwd - ok

04:06:24.0614 5228  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

04:06:24.0648 5228  ohci1394 - ok

04:06:24.0713 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll

04:06:24.0746 5228  p2pimsvc - ok

04:06:24.0809 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll

04:06:24.0833 5228  p2psvc - ok

04:06:24.0858 5228  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys

04:06:24.0928 5228  Parport - ok

04:06:24.0977 5228  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

04:06:24.0991 5228  partmgr - ok

04:06:25.0012 5228  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll

04:06:25.0040 5228  PcaSvc - ok

04:06:25.0093 5228  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys

04:06:25.0109 5228  pci - ok

04:06:25.0123 5228  [ 8D618C829034479985A9ED56106CC732 ] pciide          C:\Windows\system32\drivers\pciide.sys

04:06:25.0133 5228  pciide - ok

04:06:25.0145 5228  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

04:06:25.0159 5228  pcmcia - ok

04:06:25.0181 5228  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

04:06:25.0297 5228  PEAUTH - ok

04:06:25.0366 5228  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

04:06:25.0418 5228  PerfHost - ok

04:06:25.0469 5228  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll

04:06:25.0549 5228  pla - ok

04:06:25.0607 5228  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

04:06:25.0635 5228  PlugPlay - ok

04:06:25.0663 5228  [ 5261A2FD55183AC6993145AB6662CDDF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

04:06:25.0675 5228  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning

04:06:25.0675 5228  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)

04:06:25.0693 5228  PnkBstrA - ok

04:06:25.0720 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

04:06:25.0743 5228  PNRPAutoReg - ok

04:06:25.0795 5228  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll

04:06:25.0818 5228  PNRPsvc - ok

04:06:25.0885 5228  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

04:06:25.0959 5228  PolicyAgent - ok

04:06:25.0992 5228  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

04:06:26.0029 5228  PptpMiniport - ok

04:06:26.0048 5228  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys

04:06:26.0100 5228  Processor - ok

04:06:26.0130 5228  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll

04:06:26.0164 5228  ProfSvc - ok

04:06:26.0180 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe

04:06:26.0193 5228  ProtectedStorage - ok

04:06:26.0225 5228  [ 1D0A3F565397D08707F3D75B88586645 ] Ps2             C:\Windows\system32\DRIVERS\PS2.sys

04:06:26.0235 5228  Ps2 - ok

04:06:26.0269 5228  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

04:06:26.0293 5228  PSched - ok

04:06:26.0324 5228  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys

04:06:26.0366 5228  ql2300 - ok

04:06:26.0372 5228  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

04:06:26.0384 5228  ql40xx - ok

04:06:26.0404 5228  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll

04:06:26.0434 5228  QWAVE - ok

04:06:26.0446 5228  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

04:06:26.0459 5228  QWAVEdrv - ok

04:06:26.0469 5228  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

04:06:26.0499 5228  RasAcd - ok

04:06:26.0525 5228  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll

04:06:26.0558 5228  RasAuto - ok

04:06:26.0573 5228  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

04:06:26.0615 5228  Rasl2tp - ok

04:06:26.0655 5228  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll

04:06:26.0684 5228  RasMan - ok

04:06:26.0733 5228  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

04:06:26.0756 5228  RasPppoe - ok

04:06:26.0809 5228  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

04:06:26.0822 5228  RasSstp - ok

04:06:26.0867 5228  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

04:06:26.0907 5228  rdbss - ok

04:06:26.0921 5228  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

04:06:26.0951 5228  RDPCDD - ok

04:06:26.0974 5228  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

04:06:27.0015 5228  rdpdr - ok

04:06:27.0019 5228  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

04:06:27.0049 5228  RDPENCDD - ok

04:06:27.0104 5228  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

04:06:27.0128 5228  RDPWD - ok

04:06:27.0163 5228  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll

04:06:27.0208 5228  RemoteAccess - ok

04:06:27.0257 5228  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

04:06:27.0296 5228  RemoteRegistry - ok

04:06:27.0320 5228  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe

04:06:27.0341 5228  RpcLocator - ok

04:06:27.0393 5228  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll

04:06:27.0426 5228  RpcSs - ok

04:06:27.0459 5228  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

04:06:27.0491 5228  rspndr - ok

04:06:27.0517 5228  [ 8B91737DA75ADD21CB1554B38089196A ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh64.sys

04:06:27.0571 5228  RTL8169 - ok

04:06:27.0596 5228  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe

04:06:27.0609 5228  SamSs - ok

04:06:27.0672 5228  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\WNt500x64\Sandra.sys

04:06:27.0684 5228  SANDRA - ok

04:06:27.0708 5228  [ 96F6F3E594D780B7E20FDC94504D4D89 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP1\RpcAgentSrv.exe

04:06:27.0722 5228  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning

04:06:27.0722 5228  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)

04:06:27.0730 5228  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

04:06:27.0744 5228  sbp2port - ok

04:06:27.0782 5228  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll

04:06:27.0819 5228  SCardSvr - ok

04:06:27.0849 5228  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll

04:06:27.0898 5228  Schedule - ok

04:06:27.0945 5228  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll

04:06:27.0968 5228  SCPolicySvc - ok

04:06:28.0012 5228  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

04:06:28.0026 5228  SDRSVC - ok

04:06:28.0044 5228  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

04:06:28.0098 5228  secdrv - ok

04:06:28.0114 5228  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll

04:06:28.0161 5228  seclogon - ok

04:06:28.0171 5228  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll

04:06:28.0213 5228  SENS - ok

04:06:28.0217 5228  [ F71BFE7AC6C52273B7C82CBF1BB2A222 ] Serenum         C:\Windows\system32\drivers\serenum.sys

04:06:28.0266 5228  Serenum - ok

04:06:28.0278 5228  [ E62FAC91EE288DB29A9696A9D279929C ] Serial          C:\Windows\system32\drivers\serial.sys

04:06:28.0333 5228  Serial - ok

04:06:28.0337 5228  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys

04:06:28.0377 5228  sermouse - ok

04:06:28.0398 5228  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll

04:06:28.0430 5228  SessionEnv - ok

04:06:28.0435 5228  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

04:06:28.0465 5228  sffdisk - ok

04:06:28.0470 5228  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

04:06:28.0500 5228  sffp_mmc - ok

04:06:28.0505 5228  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

04:06:28.0536 5228  sffp_sd - ok

04:06:28.0540 5228  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

04:06:28.0586 5228  sfloppy - ok

04:06:28.0617 5228  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

04:06:28.0663 5228  SharedAccess - ok

04:06:28.0719 5228  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

04:06:28.0749 5228  ShellHWDetection - ok

04:06:28.0753 5228  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

04:06:28.0766 5228  SiSRaid2 - ok

04:06:28.0774 5228  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

04:06:28.0787 5228  SiSRaid4 - ok

04:06:28.0878 5228  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe

04:06:29.0015 5228  slsvc - ok

04:06:29.0059 5228  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll

04:06:29.0106 5228  SLUINotify - ok

04:06:29.0134 5228  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

04:06:29.0179 5228  Smb - ok

04:06:29.0219 5228  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

04:06:29.0243 5228  SNMPTRAP - ok

04:06:29.0289 5228  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys

04:06:29.0302 5228  spldr - ok

04:06:29.0324 5228  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe

04:06:29.0340 5228  Spooler - ok

04:06:29.0344 5228  SRTSP - ok

04:06:29.0350 5228  SRTSPX - ok

04:06:29.0384 5228  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys

04:06:29.0431 5228  srv - ok

04:06:29.0500 5228  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

04:06:29.0538 5228  srv2 - ok

04:06:29.0574 5228  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

04:06:29.0588 5228  srvnet - ok

04:06:29.0603 5228  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

04:06:29.0636 5228  SSDPSRV - ok

04:06:29.0664 5228  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll

04:06:29.0694 5228  SstpSvc - ok

04:06:29.0717 5228  Steam Client Service - ok

04:06:29.0765 5228  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll

04:06:29.0825 5228  stisvc - ok

04:06:29.0850 5228  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

04:06:29.0861 5228  swenum - ok

04:06:29.0923 5228  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll

04:06:29.0966 5228  swprv - ok

04:06:30.0012 5228  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

04:06:30.0023 5228  Symc8xx - ok

04:06:30.0030 5228  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

04:06:30.0041 5228  Sym_hi - ok

04:06:30.0046 5228  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

04:06:30.0057 5228  Sym_u3 - ok

04:06:30.0122 5228  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll

04:06:30.0208 5228  SysMain - ok

04:06:30.0230 5228  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll

04:06:30.0255 5228  TabletInputService - ok

04:06:30.0298 5228  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll

04:06:30.0328 5228  TapiSrv - ok

04:06:30.0343 5228  TBPanel - ok

04:06:30.0361 5228  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll

04:06:30.0394 5228  TBS - ok

04:06:30.0453 5228  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

04:06:30.0508 5228  Tcpip - ok

04:06:30.0534 5228  [ 46D448E9117464E4D3BBF36D7E3FA48E ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

04:06:30.0570 5228  Tcpip6 - ok

04:06:30.0596 5228  [ C7E72A4071EE0200E3C075DACFB2B334 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

04:06:30.0637 5228  tcpipreg - ok

04:06:30.0661 5228  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

04:06:30.0714 5228  TDPIPE - ok

04:06:30.0738 5228  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

04:06:30.0773 5228  TDTCP - ok

04:06:30.0823 5228  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

04:06:30.0859 5228  tdx - ok

04:06:30.0895 5228  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

04:06:30.0908 5228  TermDD - ok

04:06:30.0955 5228  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll

04:06:31.0040 5228  TermService - ok

04:06:31.0060 5228  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll

04:06:31.0076 5228  Themes - ok

04:06:31.0084 5228  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll

04:06:31.0116 5228  THREADORDER - ok

04:06:31.0128 5228  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll

04:06:31.0172 5228  TrkWks - ok

04:06:31.0244 5228  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

04:06:31.0274 5228  TrustedInstaller - ok

04:06:31.0281 5228  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

04:06:31.0311 5228  tssecsrv - ok

04:06:31.0325 5228  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

04:06:31.0350 5228  tunmp - ok

04:06:31.0403 5228  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

04:06:31.0426 5228  tunnel - ok

04:06:31.0436 5228  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

04:06:31.0448 5228  uagp35 - ok

04:06:31.0503 5228  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

04:06:31.0548 5228  udfs - ok

04:06:31.0566 5228  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe

04:06:31.0610 5228  UI0Detect - ok

04:06:31.0650 5228  [ 49B13845F0DBE39B47FC91DC46B2170A ] UimBus          C:\Windows\system32\DRIVERS\uimx64.sys

04:06:31.0661 5228  UimBus - ok

04:06:31.0678 5228  [ DD46BEC773C011EAA5E502C43A73A1CC ] Uim_IM          C:\Windows\system32\Drivers\Uim_IMx64.sys

04:06:31.0696 5228  Uim_IM - ok

04:06:31.0734 5228  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

04:06:31.0746 5228  uliagpkx - ok

04:06:31.0759 5228  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

04:06:31.0774 5228  uliahci - ok

04:06:31.0780 5228  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

04:06:31.0792 5228  UlSata - ok

04:06:31.0800 5228  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

04:06:31.0812 5228  ulsata2 - ok

04:06:31.0826 5228  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

04:06:31.0857 5228  umbus - ok

04:06:31.0875 5228  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll

04:06:31.0964 5228  upnphost - ok

04:06:32.0024 5228  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

04:06:32.0036 5228  USBAAPL64 - ok

04:06:32.0078 5228  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

04:06:32.0119 5228  usbaudio - ok

04:06:32.0153 5228  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

04:06:32.0183 5228  usbccgp - ok

04:06:32.0188 5228  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

04:06:32.0242 5228  usbcir - ok

04:06:32.0256 5228  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

04:06:32.0279 5228  usbehci - ok

04:06:32.0320 5228  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

04:06:32.0359 5228  usbhub - ok

04:06:32.0366 5228  [ EBA14EF0C07CEC233F1529C698D0D154 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

04:06:32.0416 5228  usbohci - ok

04:06:32.0450 5228  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

04:06:32.0480 5228  usbprint - ok

04:06:32.0533 5228  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

04:06:32.0577 5228  usbscan - ok

04:06:32.0603 5228  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

04:06:32.0653 5228  USBSTOR - ok

04:06:32.0669 5228  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

04:06:32.0693 5228  usbuhci - ok

04:06:32.0728 5228  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll

04:06:32.0751 5228  UxSms - ok

04:06:32.0798 5228  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe

04:06:32.0851 5228  vds - ok

04:06:32.0860 5228  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

04:06:32.0909 5228  vga - ok

04:06:32.0934 5228  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys

04:06:32.0988 5228  VgaSave - ok

04:06:32.0992 5228  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys

04:06:33.0006 5228  viaide - ok

04:06:33.0035 5228  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys

04:06:33.0048 5228  volmgr - ok

04:06:33.0096 5228  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

04:06:33.0117 5228  volmgrx - ok

04:06:33.0153 5228  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap         C:\Windows\system32\drivers\volsnap.sys

04:06:33.0170 5228  volsnap - ok

04:06:33.0190 5228  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

04:06:33.0203 5228  vsmraid - ok

04:06:33.0260 5228  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe

04:06:33.0363 5228  VSS - ok

04:06:33.0412 5228  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll

04:06:33.0502 5228  W32Time - ok

04:06:33.0509 5228  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

04:06:33.0564 5228  WacomPen - ok

04:06:33.0627 5228  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

04:06:33.0664 5228  Wanarp - ok

04:06:33.0667 5228  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

04:06:33.0691 5228  Wanarpv6 - ok

04:06:33.0708 5228  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

04:06:33.0747 5228  wcncsvc - ok

04:06:33.0788 5228  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

04:06:33.0826 5228  WcsPlugInService - ok

04:06:33.0831 5228  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys

04:06:33.0842 5228  Wd - ok

04:06:33.0866 5228  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

04:06:33.0904 5228  Wdf01000 - ok

04:06:33.0915 5228  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll

04:06:33.0948 5228  WdiServiceHost - ok

04:06:33.0952 5228  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll

04:06:33.0984 5228  WdiSystemHost - ok

04:06:33.0999 5228  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll

04:06:34.0045 5228  WebClient - ok

04:06:34.0077 5228  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll

04:06:34.0107 5228  Wecsvc - ok

04:06:34.0123 5228  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

04:06:34.0148 5228  wercplsupport - ok

04:06:34.0158 5228  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll

04:06:34.0194 5228  WerSvc - ok

04:06:34.0207 5228  WinDefend - ok

04:06:34.0215 5228  WinHttpAutoProxySvc - ok

04:06:34.0267 5228  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

04:06:34.0303 5228  Winmgmt - ok

04:06:34.0355 5228  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll

04:06:34.0418 5228  WinRM - ok

04:06:34.0460 5228  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll

04:06:34.0493 5228  Wlansvc - ok

04:06:34.0542 5228  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

04:06:34.0562 5228  WmiAcpi - ok

04:06:34.0612 5228  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

04:06:34.0637 5228  wmiApSrv - ok

04:06:34.0646 5228  WMPNetworkSvc - ok

04:06:34.0661 5228  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll

04:06:34.0688 5228  WPCSvc - ok

04:06:34.0743 5228  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

04:06:34.0758 5228  WPDBusEnum - ok

04:06:34.0816 5228  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

04:06:34.0829 5228  WpdUsb - ok

04:06:34.0960 5228  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

04:06:34.0997 5228  WPFFontCache_v0400 - ok

04:06:35.0001 5228  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

04:06:35.0055 5228  ws2ifsl - ok

04:06:35.0133 5228  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll

04:06:35.0148 5228  wscsvc - ok

04:06:35.0152 5228  WSearch - ok

04:06:35.0246 5228  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

04:06:35.0357 5228  wuauserv - ok

04:06:35.0396 5228  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

04:06:35.0435 5228  WUDFRd - ok

04:06:35.0462 5228  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

04:06:35.0494 5228  wudfsvc - ok

04:06:35.0537 5228  [ 15CC7077D2DC28776CD430ECABBFFD66 ] {55662437-DA8C-40c0-AADA-2C816A897A49} c:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl

04:06:35.0547 5228  {55662437-DA8C-40c0-AADA-2C816A897A49} - ok

04:06:35.0549 5228  ================ Scan global ===============================

04:06:35.0573 5228  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll

04:06:35.0603 5228  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

04:06:35.0618 5228  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll

04:06:35.0669 5228  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe

04:06:35.0673 5228  [Global] - ok

04:06:35.0673 5228  ================ Scan MBR ==================================

04:06:35.0682 5228  [ 81CD5EC01DB0CE57EDD853F82462EF27 ] \Device\Harddisk0\DR0

04:06:36.0135 5228  \Device\Harddisk0\DR0 - ok

04:06:36.0160 5228  [ 4606A12AED5E4CE105136C6C9C8EA568 ] \Device\Harddisk1\DR1

04:06:36.0234 5228  \Device\Harddisk1\DR1 - ok

04:06:36.0235 5228  ================ Scan VBR ==================================

04:06:36.0237 5228  [ 32D5755F512F873A9EBBE757A9ECFD5A ] \Device\Harddisk0\DR0\Partition1

04:06:36.0239 5228  \Device\Harddisk0\DR0\Partition1 - ok

04:06:36.0243 5228  [ 15611FB822DC703EA9C168C830976EB0 ] \Device\Harddisk0\DR0\Partition2

04:06:36.0244 5228  \Device\Harddisk0\DR0\Partition2 - ok

04:06:36.0248 5228  [ 960CDE92622C58C393F6E4FC501C8B8C ] \Device\Harddisk1\DR1\Partition1

04:06:36.0249 5228  \Device\Harddisk1\DR1\Partition1 - ok

04:06:36.0250 5228  ============================================================

04:06:36.0250 5228  Scan finished

04:06:36.0250 5228  ============================================================

04:06:36.0263 4300  Detected object count: 8

04:06:36.0263 4300  Actual detected object count: 8

04:09:24.0756 4300  HP Health Check Service ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0756 4300  HP Health Check Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0758 4300  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0759 4300  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0761 4300  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0761 4300  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0763 4300  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0763 4300  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0765 4300  MDM ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0765 4300  MDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0767 4300  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0767 4300  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0769 4300  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0769 4300  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:24.0771 4300  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user

04:09:24.0771 4300  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 

04:09:27.0279 4560  Deinitialize success

Beim ersten Scann steht noch was darunter seh ich gerade

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

Combofix Log :

Code:

ComboFix 12-10-18.03 - Jan 19.10.2012  15:12:05.1.4 - x64

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.6142.4249 [GMT 2:00]

ausgeführt von:: c:\users\Jan\Desktop\ComboFix.exe

AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 * Neuer Wiederherstellungspunkt wurde erstellt

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\users\Jan\AppData\Roaming\Love

c:\users\Jan\AppData\Roaming\Love\mari0\options.txt

c:\users\Jan\AppData\Roaming\msconfig.ini

c:\windows\SysWow64\URTTemp

c:\windows\SysWow64\URTTemp\regtlib.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_nvsvc

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-19 bis 2012-10-19  ))))))))))))))))))))))))))))))

.

.

2012-10-19 08:28 . 2012-10-17 00:31        9291768        ------w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD63DEA5-6A57-453A-B01F-AFC0A18C027F}\mpengine.dll

2012-10-16 09:21 . 2012-10-16 09:21        --------        d-----w-        c:\users\Jan\AppData\Roaming\Malwarebytes

2012-10-16 09:21 . 2012-10-16 09:21        --------        d-----w-        c:\programdata\Malwarebytes

2012-10-16 09:21 . 2012-10-16 09:21        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware

2012-10-16 09:21 . 2012-09-07 15:04        25928        ----a-w-        c:\windows\system32\drivers\mbam.sys

2012-10-12 14:24 . 2012-09-13 13:45        2048        ----a-w-        c:\windows\system32\tzres.dll

2012-10-12 14:24 . 2012-09-13 13:28        2048        ----a-w-        c:\windows\SysWow64\tzres.dll

2012-10-12 14:24 . 2012-08-24 16:07        218624        ----a-w-        c:\windows\system32\wintrust.dll

2012-10-12 14:24 . 2012-08-24 15:53        172544        ----a-w-        c:\windows\SysWow64\wintrust.dll

2012-10-12 14:24 . 2012-06-02 00:20        174592        ----a-w-        c:\windows\system32\cryptsvc.dll

2012-10-12 14:24 . 2012-06-02 00:20        132096        ----a-w-        c:\windows\system32\cryptnet.dll

2012-10-12 14:24 . 2012-06-02 00:20        1268736        ----a-w-        c:\windows\system32\crypt32.dll

2012-10-12 14:24 . 2012-06-02 00:02        985088        ----a-w-        c:\windows\SysWow64\crypt32.dll

2012-10-12 14:24 . 2012-06-02 00:02        98304        ----a-w-        c:\windows\SysWow64\cryptnet.dll

2012-10-12 14:24 . 2012-06-02 00:02        133120        ----a-w-        c:\windows\SysWow64\cryptsvc.dll

2012-10-12 14:24 . 2012-08-29 11:40        4699520        ----a-w-        c:\windows\system32\ntoskrnl.exe

2012-10-03 18:50 . 2012-10-03 18:51        --------        d-----w-        c:\program files (x86)\Google

2012-09-29 22:34 . 2012-09-29 22:34        --------        d-----w-        c:\users\Jan\AppData\Roaming\Template

2012-09-28 16:55 . 2012-10-17 17:00        --------        d-----w-        c:\users\Jan\AppData\Local\Spotify

2012-09-28 16:55 . 2012-10-19 13:08        --------        d-----w-        c:\users\Jan\AppData\Roaming\Spotify

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-13 10:07 . 2006-11-02 12:35        65309168        ----a-w-        c:\windows\system32\mrt.exe

2012-08-21 10:43 . 2012-06-14 15:48        405152        ----a-w-        c:\windows\SysWow64\Newtonsoft.Json.Net20.dll

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2012-08-04 1353080]

"Spotify Web Helper"="c:\users\Jan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-09-28 1193176]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968]

"GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5"="c:\users\Jan\AppData\Local\Google\Chrome\Application\chrome.exe" [2012-10-10 1239064]

"GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2011-08-02 2273608]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"UpdatePSTShortCut"="c:\program files (x86)\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" [2008-09-11 210216]

"UpdatePDIRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2008-06-13 210216]

"TSMAgent"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe" [2008-10-17 1152296]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

"KBD"="c:\program files (x86)\Hewlett-Packard\KBD\KbdStub.EXE" [2008-07-21 12288]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]

"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 65536]

"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2006-12-10 49152]

"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-10-09 75008]

"DVDAgent"="c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe" [2008-09-26 1148200]

"CLMLServer for HP TouchSmart"="c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe" [2008-10-17 189736]

"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2007-1-2 210520]

McAfee Security Scan Plus.lnk - c:\program files (x86)\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

.

.

--- Andere Dienste/Treiber im Speicher ---

.

*NewlyCreated* - WS2IFSL

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]

hpdevmgmt        REG_MULTI_SZ           hpqcxs08 hpqddsvc

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

Themes

ezSharedSvc

.

Inhalt des "geplante Tasks" Ordners

.

2012-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 18:50]

.

2012-10-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-03 18:50]

.

2012-10-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000Core.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-12 09:00]

.

2012-10-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-811366215-729495537-3258659292-1000UA.job

- c:\users\Jan\AppData\Local\Google\Update\GoogleUpdate.exe [2011-12-12 09:00]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-10-06 182808]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

uLocal Page = c:\windows\system32\blank.htm

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_de&c=91&bd=Pavilion&pf=cndt

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

IE: Free YouTube to MP3 Converter - c:\users\Jan\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

TCP: Interfaces\{B1C5A335-DCBA-4FAC-9CCF-1B38BC2D44C7}: NameServer = 192.168.178.1

FF - ProfilePath - c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0thepgu7.default\

FF - prefs.js: browser.startup.homepage - about:home

FF - ExtSQL: 2012-08-23 11:46; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; c:\users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\0thepgu7.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe

HKLM-Run-SmartMenu - c:\program files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Norton Internet Security]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe\" /s \"Norton Internet Security\" /m \"c:\program files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll\" /prefetch:1"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{55662437-DA8C-40c0-AADA-2C816A897A49}]

"ImagePath"="\??\c:\program files (x86)\Hewlett-Packard\Media\DVD\000.fcl"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@SACL=

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Control]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\EnableFullPage]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Implemented Categories]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@SACL=

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@SACL=

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@SACL=

@="ShockwaveFlash.ShockwaveFlash.9"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Programmable]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@SACL=

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@SACL=

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@SACL=

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@SACL=

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@SACL=

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Control]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@SACL=

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@SACL=

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Programmable]

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@SACL=

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash9f.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@SACL=

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@SACL=

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@SACL=

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}]

@Denied: (A 2) (Everyone)

@SACL=

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\Elevation]

@SACL=

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\LocalServer32]

@SACL=

@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil9f.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D4304BCF-B8E9-4B35-BEA0-DC5B522670C2}\TypeLib]

@SACL=

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}]

@Denied: (A 2) (Everyone)

@SACL=

@="IFlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\ProxyStubClsid32]

@SACL=

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E4BB6BE-A75F-4DC0-9500-68203655A2C4}\TypeLib]

@SACL=

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@SACL=

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@SACL=

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@SACL=

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@SACL=

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

------------------------ Weitere laufende Prozesse ------------------------

.

c:\program files (x86)\Avira\AntiVir Desktop\sched.exe

c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe

c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe

c:\program files (x86)\Hewlett-Packard\KBD\kbd.exe

c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

.

**************************************************************************

.

Zeit der Fertigstellung: 2012-10-19  15:25:58 - PC wurde neu gestartet

ComboFix-quarantined-files.txt  2012-10-19 13:25

.

Vor Suchlauf: 16 Verzeichnis(se), 361.309.392.896 Bytes frei

Nach Suchlauf: 21 Verzeichnis(se), 361.181.081.600 Bytes frei

.

- - End Of File - - 14E808A624E74CB99E907C8784D37E36

Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

Gmer funktioniert nicht und bei Osam passiert nichts nachdem ich auf Save Log drücke.

ja das ist normal weil du en 64-Bit Vista hast
Poste dann nur das Log von aswMBR