Trojaner-Board - bekannter GUV Virus

OTL Logfile:

Code:

OTL logfile created on: 24.01.2013 12:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frida Clownfisch\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,91 Gb Total Physical Memory | 3,15 Gb Available Physical Memory | 80,50% Memory free

7,81 Gb Paging File | 7,19 Gb Available in Paging File | 92,01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 394,66 Gb Total Space | 320,36 Gb Free Space | 81,17% Space Free | Partition Type: NTFS

Drive D: | 70,00 Gb Total Space | 40,50 Gb Free Space | 57,86% Space Free | Partition Type: NTFS

 

Computer Name: PETER-PC | User Name: Frida Clownfisch | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - C:\Users\Frida Clownfisch\Desktop\OTL.exe (OldTimer Tools)

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - (ZcfgSvc7) -- C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe (Intel(R) Corporation)

SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)

SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()

SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)

SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)

SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)

SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)

SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)

SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)

SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)

SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()

SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)

SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)

SRV - (GDBackupSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe (G Data Software AG)

SRV - (GDFwSvc) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe (G Data Software AG)

SRV - (AVKWCtl) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe (G Data Software AG)

SRV - (AVKProxy) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG)

SRV - (TSNxGService) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe (G Data Software)

SRV - (GDTunerSvc) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe (G Data Software AG)

SRV - (GDScan) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG)

SRV - (AVKService) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe (G Data Software AG)

SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)

SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)

SRV - (watchmi) -- C:\Program Files (x86)\watchmi\TvdService.exe ()

SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)

SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)

SRV - (WisLMSvc) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe (Wistron Corp.)

SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)

SRV - (CyberLink PowerDVD 10 MS Service) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe (CyberLink)

SRV - (CyberLink PowerDVD 10 MS Monitor Service) -- C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe (CyberLink)

SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)

SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)

SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)

SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)

SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)

SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)

SRV - (PSI_SVC_2) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)

SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

DRV:64bit: - (GDPkIcpt) -- C:\Windows\SysNative\drivers\PktIcpt.sys (G Data Software AG)

DRV:64bit: - (GDMnIcpt) -- C:\Windows\SysNative\drivers\MiniIcpt.sys (G Data Software AG)

DRV:64bit: - (HookCentre) -- C:\Windows\SysNative\drivers\HookCentre.sys (G Data Software AG)

DRV:64bit: - (GDBehave) -- C:\Windows\SysNative\drivers\GDBehave.sys (G Data Software AG)

DRV:64bit: - (gdwfpcd) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys (G Data Software AG)

DRV:64bit: - (GRD) -- C:\Windows\SysNative\drivers\GRD.sys (G Data Software)

DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

DRV:64bit: - (TS4NT) -- C:\Windows\SysNative\drivers\TS4nt.sys (G Data Software)

DRV:64bit: - (GdNetMon) -- C:\Windows\SysNative\drivers\GdNetMon64.sys (G Data Software AG)

DRV:64bit: - (IT9135BDA) -- C:\Windows\SysNative\drivers\IT9135BDA.sys (ITE                      )

DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)

DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)

DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)

DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)

DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)

DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)

DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)

DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)

DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)

DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)

DRV:64bit: - (tixhci) -- C:\Windows\SysNative\drivers\tixhci.sys (Texas Instruments Incorporated)

DRV:64bit: - (tihub3) -- C:\Windows\SysNative\drivers\tihub3.sys (Texas Instruments Incorporated)

DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)

DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)

DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)

DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)

DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)

DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)

DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)

DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)

DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = Welcome to ALDI

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://accounts.google.com/Servic [Binary data over 200 bytes]

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/#!/

IE - HKCU\..\SearchScopes,DefaultScope = {29A977AD-D4A1-4684-AC37-E8506295AA1C}

IE - HKCU\..\SearchScopes\{29A977AD-D4A1-4684-AC37-E8506295AA1C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

 

 
 ========== FireFox ==========

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.22 18:10:28 | 000,000,000 | ---D | M]

 

[2012.07.23 14:39:01 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.07.23 14:39:03 | 000,000,000 | ---D | M] (G Data BankGuard) -- C:\Program Files (x86)\mozilla firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}

[2012.07.14 01:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.07.14 01:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.07.14 01:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.07.14 01:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.07.14 01:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.07.14 01:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.07.14 01:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2 - BHO: (G Data BankGuard) - {BA3295CF-17ED-4F49-9E95-D999A0ADBFDC} - C:\Program Files (x86)\Common Files\G DATA\AVKProxy\BanksafeBHO.dll (G Data Software AG)

O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)

O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (Dolby Laboratories Inc.)

O4 - HKLM..\Run: [G Data AntiVirus Tray Application] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG)

O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG)

O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)

O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)

O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)

O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)

O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)

O4 - HKLM..\Run: [YouCam Mirage] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)

O4 - HKLM..\Run: [YouCam Tray] C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe (CyberLink Corp.)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found

O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found

O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found

O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - eBay - eine der größten deutschen Shopping-Websites File not found

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F5DF9EE-DB20-4D5F-824A-44184399E846}: DhcpNameServer = 192.168.1.1 193.189.244.194 193.189.244.202

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED31E5C8-796E-426C-975C-2DA0D44533A5}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)

O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

 

MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^watchmi tray.lnk - C:\Windows\Installer\{409DC300-28AF-468F-9624-1F3309701881}\SHCT_TRAY_PROGRAMG_A10D8603999C4E9488776EF2533C58C9.exe - (Acresso Software Inc.)

MsConfig:64bit - StartUpFolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^mjt0uikj.exe.lnk - C:\Windows\SysNative\rundll32.exe - (Microsoft Corporation)

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

CREATERESTOREPOINT

Unable to start System Restore Service. Error code 1084

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.01.24 12:29:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frida Clownfisch\Desktop\OTL.exe

[2013.01.24 10:08:56 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\Documents\Youcam

[2013.01.24 10:08:29 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\CyberLink

[2013.01.24 10:08:29 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\CyberLink

[2013.01.23 18:19:28 | 000,182,784 | ---- | C] (Microsoft Corporation) -- C:\Users\Frida Clownfisch\wgsdgsdgdsgsd.exe

[2013.01.23 18:19:23 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\Adobe

[2013.01.23 15:48:30 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Adobe

[2013.01.23 15:43:50 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Skype

[2013.01.23 15:00:26 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Intel Corporation

[2013.01.23 15:00:26 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Apple Computer

[2013.01.23 15:00:25 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\Power2Go

[2013.01.23 15:00:10 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

[2013.01.23 15:00:09 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

[2013.01.23 15:00:09 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Searches

[2013.01.23 14:59:58 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Identities

[2013.01.23 14:59:55 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Contacts

[2013.01.23 14:59:54 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\VirtualStore

[2013.01.23 14:59:50 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Intel

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Vorlagen

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\AppData\Local\Verlauf

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\AppData\Local\Temporary Internet Files

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Startmenü

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\SendTo

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Recent

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Netzwerkumgebung

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Lokale Einstellungen

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Documents\Eigene Videos

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Documents\Eigene Musik

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Eigene Dateien

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Documents\Eigene Bilder

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Druckumgebung

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Cookies

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\AppData\Local\Anwendungsdaten

[2013.01.23 14:59:48 | 000,000,000 | -HSD | C] -- C:\Users\Frida Clownfisch\Anwendungsdaten

[2013.01.23 14:59:47 | 000,000,000 | --SD | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Videos

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Saved Games

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Pictures

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Music

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Links

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Favorites

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Downloads

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Documents

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\Desktop

[2013.01.23 14:59:47 | 000,000,000 | R--D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

[2013.01.23 14:59:47 | 000,000,000 | -H-D | C] -- C:\Users\Frida Clownfisch\AppData

[2013.01.23 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\Temp

[2013.01.23 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\Roaming

[2013.01.23 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Local\Microsoft

[2013.01.23 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Media Center Programs

[2013.01.23 14:59:47 | 000,000,000 | ---D | C] -- C:\Users\Frida Clownfisch\AppData\Roaming\Macromedia

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.01.24 12:29:52 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frida Clownfisch\Desktop\OTL.exe

[2013.01.24 12:20:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.01.24 12:20:04 | 3147,198,464 | -HS- | M] () -- C:\hiberfil.sys

[2013.01.24 11:55:50 | 095,023,320 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.pad

[2013.01.24 11:49:15 | 001,500,254 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013.01.24 11:49:15 | 000,654,844 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2013.01.24 11:49:15 | 000,616,686 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013.01.24 11:49:15 | 000,130,426 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2013.01.24 11:49:15 | 000,106,808 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013.01.23 19:35:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.01.23 18:20:16 | 000,001,055 | ---- | M] () -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk

[2013.01.23 18:20:14 | 000,002,959 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.js

[2013.01.23 18:20:14 | 000,000,159 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.reg

[2013.01.23 18:20:14 | 000,000,069 | ---- | M] () -- C:\ProgramData\dsgsdgdsgdsgw.bat

[2013.01.23 15:49:20 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.01.23 15:49:20 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.01.23 15:43:43 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

[2013.01.23 13:32:28 | 000,954,892 | ---- | M] () -- C:\Windows\SysWow64\sig.bin

[2013.01.23 13:32:28 | 000,051,310 | ---- | M] () -- C:\Windows\SysWow64\nmp.map

[2013.01.22 19:31:18 | 000,368,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013.01.22 19:14:29 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader X.lnk

[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2013.01.23 18:20:14 | 000,000,159 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.reg

[2013.01.23 18:20:14 | 000,000,069 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.bat

[2013.01.23 18:20:01 | 000,002,959 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.js

[2013.01.23 18:19:30 | 000,001,055 | ---- | C] () -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk

[2013.01.23 18:19:28 | 095,023,320 | ---- | C] () -- C:\ProgramData\dsgsdgdsgdsgw.pad

[2013.01.23 15:00:17 | 000,001,409 | ---- | C] () -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk

[2013.01.23 15:00:11 | 000,001,443 | ---- | C] () -- C:\Users\Frida Clownfisch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

[2012.10.29 13:23:05 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.10.29 13:23:05 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2012.10.10 02:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012.10.10 02:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin

[2012.10.10 02:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin

[2012.03.19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2012.03.19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

[2012.03.01 18:00:49 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat

[2012.02.16 16:30:33 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Applause and Laugher

[2012.02.16 16:30:33 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLdu.DAT

[2012.02.16 16:30:33 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Audio Units

[2012.01.24 16:35:42 | 000,954,892 | ---- | C] () -- C:\Windows\SysWow64\sig.bin

[2012.01.21 11:45:48 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2011.10.17 14:18:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2011.10.17 03:36:08 | 000,322,880 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2013.01.23 14:59:55 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2013.01.23 15:43:43 | 000,000,000 | -H-D | M] -- C:\Config.Msi

[2012.01.20 15:24:30 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2011.10.27 20:33:27 | 000,000,000 | ---D | M] -- C:\Intel

[2012.01.21 11:52:08 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2012.08.13 15:54:45 | 000,000,000 | R--D | M] -- C:\Program Files

[2013.01.22 19:28:00 | 000,000,000 | R--D | M] -- C:\Program Files (x86)

[2013.01.24 10:33:44 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2012.01.20 15:24:30 | 000,000,000 | -HSD | M] -- C:\Recovery

[2013.01.23 07:39:21 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2013.01.23 14:59:46 | 000,000,000 | R--D | M] -- C:\Users

[2013.01.23 14:38:39 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2010.11.21 04:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

[2009.07.14 06:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2009.07.14 06:08:49 | 000,032,538 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2012.08.08 09:37:31 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 02:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 02:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 02:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: EVENTLOG.DLL  >

[2008.06.06 22:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011.02.25 07:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011.02.26 07:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010.11.21 04:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2010.11.21 04:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

 
 < MD5 for: IASTOR.SYS  >

[2011.05.20 17:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\drivers\iaStor.sys

[2011.05.20 17:53:44 | 000,557,848 | ---- | M] (Intel Corporation) MD5=2FDAEC4B02729C48C0FD1B0B4695995B -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_e6913aab23ea9a9c\iaStor.sys

 
 < MD5 for: IASTORV.SYS  >

[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.21 04:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 07:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 07:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.21 04:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.21 04:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 07:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 07:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.21 04:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.21 04:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.21 04:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.21 04:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.21 04:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.21 04:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.21 04:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.21 04:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 01:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

 
 < %USERPROFILE%\*.* >

[2013.01.24 12:47:20 | 000,786,432 | -HS- | M] () -- C:\Users\Frida Clownfisch\NTUSER.DAT

[2013.01.24 12:47:20 | 000,524,288 | -HS- | M] () -- C:\Users\Frida Clownfisch\ntuser.dat.LOG1

[2013.01.23 14:59:48 | 000,000,000 | -HS- | M] () -- C:\Users\Frida Clownfisch\ntuser.dat.LOG2

[2013.01.23 15:01:24 | 000,065,536 | -HS- | M] () -- C:\Users\Frida Clownfisch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2013.01.23 15:01:24 | 000,524,288 | -HS- | M] () -- C:\Users\Frida Clownfisch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2013.01.23 15:01:24 | 000,524,288 | -HS- | M] () -- C:\Users\Frida Clownfisch\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2013.01.23 14:59:48 | 000,000,020 | -HS- | M] () -- C:\Users\Frida Clownfisch\ntuser.ini

[2013.01.23 18:19:28 | 000,182,784 | ---- | M] (Microsoft Corporation) -- C:\Users\Frida Clownfisch\wgsdgsdgdsgsd.exe

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 

< End of report >

--- --- ---

OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 24.01.2013 12:45:35 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frida Clownfisch\Desktop

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,91 Gb Total Physical Memory | 3,15 Gb Available Physical Memory | 80,50% Memory free

7,81 Gb Paging File | 7,19 Gb Available in Paging File | 92,01% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 394,66 Gb Total Space | 320,36 Gb Free Space | 81,17% Space Free | Partition Type: NTFS

Drive D: | 70,00 Gb Total Space | 40,50 Gb Free Space | 57,86% Space Free | Partition Type: NTFS

 

Computer Name: PETER-PC | User Name: Frida Clownfisch | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = ChromeHTML] -- Reg Error: Key error. File not found

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 0

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0BB5DFAC-250B-4078-A780-E0BE921D331B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{240F2836-A0F3-4500-AA22-030A559E8B09}" = rport=139 | protocol=6 | dir=out | app=system | 

"{3A3AE09E-14D3-4899-91D8-A6E0115DAD1B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

"{40AC4AAB-7836-4D6F-96DC-5E32965B1269}" = lport=137 | protocol=17 | dir=in | app=system | 

"{426F6A45-AB78-4CE3-BFAA-4EEE68A2208C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{79C9C1A8-4289-486F-BE19-BAE5AC4E9DDB}" = lport=445 | protocol=6 | dir=in | app=system | 

"{7C71D53A-655E-4D70-86A8-CB3466440FF0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{8D1026B4-FCDB-4D38-B775-68D2B3B3871D}" = lport=139 | protocol=6 | dir=in | app=system | 

"{B7A3CF79-C5BD-43C9-93E8-1B297AD6A0E2}" = rport=137 | protocol=17 | dir=out | app=system | 

"{E18F6B50-D685-4D90-B1AC-2F4C681DAD39}" = lport=138 | protocol=17 | dir=in | app=system | 

"{E3126634-8357-478E-BD64-553740398AEF}" = rport=445 | protocol=6 | dir=out | app=system | 

"{E48B6D2E-BF7D-456D-B50F-72DD1BE032C4}" = rport=138 | protocol=17 | dir=out | app=system | 

"{E535C925-CA20-49AD-92BA-4D22E5FAFA20}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{EEC99607-ED66-4CB2-8A6C-1566771163BE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1376CDB5-FFF1-439E-8671-CE9D3031DE7C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{17BD5AA6-B487-4BB4-BF05-F2E4551F93F0}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{189DEBA2-F1A6-4BEC-966A-49AE66D8C66F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{23BFD8A8-34A6-43EF-8C22-6711ACA327FD}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 

"{2B03E60D-5B78-43B1-847F-1BF53A9C2637}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{315D691A-AF07-4401-BC00-E76E870D4A80}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{3302037F-B355-48FF-9CB2-2DD3328EE5A7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 

"{3828DA5F-5D31-4FBC-871B-3EA20F49D3BF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 

"{3841D394-F292-498B-AC92-671EB4D1E0C2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 

"{39EC045D-E095-4696-A38F-60A4B56B9459}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 

"{3E78BEE7-6192-42E7-ACCD-7F19FAB9EE36}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{466A776D-CBBB-4B79-89BF-D44A27B8402F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{46D48C55-931F-42EF-B4E8-FCD58D3E816B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{515CBD0F-6ECB-4B58-BE82-AFC4AFB360B4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{5508DEBB-860A-40F7-9E11-C39CE12D3FD1}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 

"{5A8379F8-F517-4234-857A-73178C920F74}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 

"{5BEE3C4B-32BC-45DD-B5EC-3FF39E4F997A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe | 

"{75C42E02-6AC6-4C0D-B106-2A2C2EDC1AC3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 

"{7823CE3F-C9EF-469E-B5D9-3606C9A064FA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 

"{78ECFAD0-D546-49F0-B03B-66DBB34EE568}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 

"{81890CD3-F950-42B3-B5FB-410F659DB937}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 

"{823CEEA5-7872-44AD-8ACA-905C65F2D486}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 

"{87A482BF-D7C5-4F91-BCC1-74F2CBF13118}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{8D91D971-A8C7-4D9F-832B-30290AFC1B88}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{952841CD-2811-4A3D-9D80-8369F16A36CD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 

"{9616DBFF-7C75-4131-B902-77970A7C5E5A}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 

"{9AAB3DAB-28ED-4734-A0CB-CF4308598D82}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{9B0E1DAD-1C2A-4B4A-A026-2FAFE864852E}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 

"{9C8DD54F-CC7E-473E-B856-00380DD5ECD9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 

"{A39C9A76-0CE4-470F-A819-6BA403982555}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{A4B09921-9D29-4D46-8B2A-D787DAB55166}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{AA0FBD68-C10F-43E3-B65C-CBE9FDC62E74}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{AFCF23AF-8780-49CE-9206-30F2BD9845E8}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{B65BDBB1-D22D-464B-9BBF-BEC0EDC64565}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 

"{C6D4C1D3-B7C4-4967-BB08-CBE245A7BF29}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{D07FD7B5-0F4A-434B-9D42-B884322834CD}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{D5DD458C-E95C-473B-BBA2-14F78D66C934}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 

"{D72B193E-DAA6-4947-B0DD-79B43E88826F}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{DB2A982D-CE22-48D9-9DC3-2B1D785C7E47}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{DE1111AF-EC1D-4C42-AB21-7D5AD88C66DA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{DFC67D4A-B06B-4061-987B-B60D3B649294}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 

"{E0D78588-5A06-448C-A455-0C576F5EC417}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{E5C72DEB-C03B-48DB-ACBB-D5818685BC22}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 

"{E9E72A56-8EFB-4E5C-AD94-3C3414315EB6}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe | 

"{EAA7931C-7AB8-4725-B27B-2AAED93C2E68}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 

"{EE0023C5-BEC5-4439-8F16-25848213A970}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 

"{F5A81BB7-FDF0-4128-879B-D13330246A21}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{F85937AA-4EF8-40B2-BA6F-62F1B302FA4B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 

"{FFBAAA9C-0F14-479C-B08C-F4F600412647}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology

"{10297E58-2DFE-478B-9A1D-4B14E4E79CDF}" = HP Scanjet G4000 Series

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)

"{295AEB79-B53A-4F1B-860F-7800BB7E3681}" = Intel(R) PROSet/Wireless WiFi Software

"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources

"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources

"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources

"{51DDB4F9-7FFF-4970-AED4-DB3C22A5C522}" = Corel Graphics - Windows Shell Extension 64 Bit

"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{69A90894-D54A-4657-8172-6B0FCE93414E}" = AMI VR-pulse OS Switcher

"{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}" = Apple Mobile Device Support

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

"{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}" = iTunes

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources

"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 285.64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 285.64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 285.64

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources

"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64

"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources

"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources

"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-Bit)

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources

"HP Imaging Device Functions" = HP Imaging Device Functions 13.0

"HP Photosmart Essential" = HP Photosmart Essential 3.5

"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0

"HPOCR" = OCR Software by I.R.I.S. 13.0

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"ProInst" = Intel PROSet Wireless

"SynTPDeinstKey" = Synaptics Pointing Device Driver

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content

"_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension

"_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5

"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack

"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan

"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail

"{122ADF8C-DDA1-480C-9936-C88F2825B265}" = Apple Application Support

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger

"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer

"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{26A24AE4-039D-4CA4-87B4-2F83216029FF}" = Java(TM) 6 Update 29

"{2814D1CB-7038-4EE4-8421-9C18FD571014}" = hpg4000

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm

"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update

"{2F14F550-0FFC-4285-B673-880744D428A3}" = CorelDRAW Essentials X5 - Custom Data

"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger

"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations 1.03

"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live

"{34809713-7886-4F6A-B9D5-CC74DBC1C77E}" = CorelDRAW Essentials X5 - Redist

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack

"{3B1EF0C5-8855-416F-A6F4-5CC5FCF267CA}" = CorelDRAW Essentials X5 - WT

"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology

"{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}" = NVIDIA PhysX

"{409DC300-28AF-468F-9624-1F3309701881}" = watchmi

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack

"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials

"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery

"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg

"{4433CEC6-DA32-4D7B-BA95-B47C68498287}" = CorelDRAW Essentials X5 - Connect

"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh

"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live

"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = Hama Black Force Pad

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter

"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger

"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack

"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources

"{552442BD-8398-46F0-ACF1-02F8E1843458}" = G Data TotalProtection 2012

"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance

"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}" = CorelDRAW Essentials X5 - Extra Content

"{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}" = TI USB3 Host Driver

"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh

"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker

"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources

"{62BBB2F0-E220-4821-A564-730807D2C34D}" = Realtek USB 2.0 Reader Driver

"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{666D7CED-12E0-4BA3-B594-5681961E7B02}" = CorelDRAW Essentials X5 - IPM

"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh

"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common

"{6DE61FFB-8ADC-4A09-B3DC-5DA15CAE48A0}" = CorelDRAW Essentials X5 - DE

"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker

"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz

"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger

"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live

"{7BDA08C6-D3A1-4E2A-83F6-BBE15060DF80}" = CorelDRAW Essentials X5 - IT

"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials

"{834F4E2F-E9DF-4FA9-8499-FF6B91012898}" = CorelDRAW Essentials X5

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh

"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common

"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer

"{85E8F38F-0303-401E-A518-0302DF88EB07}" = CorelDRAW Essentials X5 - Draw

"{87441A59-5E64-4096-A170-14EFE67200C3}" = Picture Control Utility

"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher

"{89BA6E81-B60A-49BC-B283-80560A9E60DF}" = CorelDRAW Essentials X5 - PHOTO-PAINT

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch

"{91EB0B20-08B0-4905-88FB-020952B9979F}" = Remote Control Input Device Registry Key

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{95A890AA-B3B1-44B6-9C18-A8F7AB3EE7FC}" = QuickTime

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker

"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection

"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger

"{AC76BA86-7AD7-5464-3428-A00000000004}" = Spelling Dictionaries Support For Adobe Reader X

"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.5) MUI

"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh

"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie

"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail

"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4

"{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}" = Corel Graphics - Windows Shell Extension

"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer

"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations

"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common

"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant

"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections

"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail

"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common

"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery

"{D0846526-66DD-4DC9-A02C-98F9A2806812}" = Launch Manager

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D0BEB150-2046-4F94-AE7B-EA76772592F6}" = CorelDRAW Essentials X5 - Common

"{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}" = Nikon Message Center

"{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential

"{D7E60152-6C65-4982-8840-B6D28BF881BD}" = CorelDRAW Essentials X5 - FR

"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer

"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E1B934BB-6AFA-429F-98E4-76F9CBC72BF6}" = Intel(R) WiDi

"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"{E4BE9367-168B-4B30-B198-EE37C99FB147}" = CorelDRAW Essentials X5 - Filters

"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker

"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack

"{E7BE4D1A-B529-448B-8407-889705B65185}" = CorelDRAW Essentials X5 - ES

"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer

"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources

"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0

"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live

"{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}" = CorelDRAW Essentials X5 - Setup Files

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials

"{FA6AF809-9A80-423A-A57A-C7D726A04E4C}" = CorelDRAW Essentials X5 - EN

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR

"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials

"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Ashampoo Photo Commander_is1" = Ashampoo Photo Commander

"Ashampoo Photo Optimizer_is1" = Ashampoo Photo Optimizer

"Ashampoo Snap_is1" = Ashampoo Snap

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.26.706

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = Medion Home Cinema

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{5C677DD3-45D9-4B10-8591-5F8CEA76BAE0}" = TI USB 3.0 Host Controller Driver

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = CyberLink PowerProducer

"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = CyberLink PhotoNow

"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10

"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso

"InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy

"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"myMugle3.0.0.0" = myMugle

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010

"PCSUITE_SHREDDER_PRO_is1" = PCSUITE SHREDDER

"ProInst" = Intel PROSet Wireless

"PunkBusterSvc" = PunkBuster Services

"WinLiveSuite" = Windows Live Essentials

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 24.01.2013 06:15:33 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 24.01.2013 06:40:04 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 24.01.2013 06:44:32 | Computer Name = peter-PC | Source = TSNxGService | ID = 131074

Description = G Data Datensafe Die Anwendung des Verzeichnisschutzes ist fehlgeschlagen

 

Error - 24.01.2013 06:44:32 | Computer Name = peter-PC | Source = TSNxGService | ID = 131074

Description = G Data Datensafe Die Anwendung des Programmdateischutzes ist fehlgeschlagen

 

Error - 24.01.2013 06:45:07 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 24.01.2013 06:52:45 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 24.01.2013 06:56:06 | Computer Name = peter-PC | Source = TSNxGService | ID = 131074

Description = G Data Datensafe Die Anwendung des Verzeichnisschutzes ist fehlgeschlagen

 

Error - 24.01.2013 06:56:06 | Computer Name = peter-PC | Source = TSNxGService | ID = 131074

Description = G Data Datensafe Die Anwendung des Programmdateischutzes ist fehlgeschlagen

 

Error - 24.01.2013 06:56:40 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 24.01.2013 07:21:52 | Computer Name = peter-PC | Source = WinMgmt | ID = 10

Description = 

 

[ Media Center Events ]

Error - 29.02.2012 11:12:34 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:12:33 - Fehler beim Herstellen der Internetverbindung.  16:12:34 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 29.02.2012 11:12:48 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:12:39 - Fehler beim Herstellen der Internetverbindung.  16:12:39 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 07.03.2012 11:38:12 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:38:12 - Fehler beim Herstellen der Internetverbindung.  16:38:12 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 07.03.2012 11:38:21 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:38:17 - Fehler beim Herstellen der Internetverbindung.  16:38:17 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 12.03.2012 11:48:42 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:48:42 - Fehler beim Herstellen der Internetverbindung.  16:48:42 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 12.03.2012 11:48:51 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:48:47 - Fehler beim Herstellen der Internetverbindung.  16:48:47 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 14.03.2012 11:17:29 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:17:29 - Fehler beim Herstellen der Internetverbindung.  16:17:29 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 14.03.2012 11:17:39 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 16:17:34 - Fehler beim Herstellen der Internetverbindung.  16:17:34 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 19.03.2012 12:11:50 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 17:11:49 - Fehler beim Herstellen der Internetverbindung.  17:11:50 

-     Serververbindung konnte nicht hergestellt werden..  

 

Error - 06.08.2012 04:37:28 | Computer Name = peter-PC | Source = MCUpdate | ID = 0

Description = 10:37:28 - Broadband konnte nicht abgerufen werden (Fehler: Die Verbindung

 mit dem Remoteserver kann nicht hergestellt werden.)  

 

[ System Events ]

Error - 24.01.2013 07:20:45 | Computer Name = peter-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 24.01.2013 07:20:47 | Computer Name = peter-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:

 C:\Windows\System32\IWMSSvc.dll  Fehlercode: 21  

 

Error - 24.01.2013 07:20:48 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 24.01.2013 07:20:48 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 24.01.2013 07:20:48 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 24.01.2013 07:20:53 | Computer Name = peter-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 24.01.2013 07:20:53 | Computer Name = peter-PC | Source = DCOM | ID = 10005

Description = 

 

Error - 24.01.2013 07:20:52 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 24.01.2013 07:20:52 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

Error - 24.01.2013 07:20:52 | Computer Name = peter-PC | Source = Service Control Manager | ID = 7001

Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der

 aufgrund folgenden Fehlers nicht gestartet wurde:   %%1068

 

 

< End of report >

--- --- ---

ist das das, was du brauchst?

ich hab den text nicht gefunden, aber den report vom scan.. hilft der?

10:18:51.0474 6456 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
10:18:53.0486 6456 ============================================================
10:18:53.0486 6456 Current date / time: 2013/01/25 10:18:53.0486
10:18:53.0486 6456 SystemInfo:
10:18:53.0486 6456
10:18:53.0486 6456 OS Version: 6.1.7601 ServicePack: 1.0
10:18:53.0486 6456 Product type: Workstation
10:18:53.0486 6456 ComputerName: PETER-PC
10:18:53.0486 6456 UserName: Frida Clownfisch
10:18:53.0486 6456 Windows directory: C:\Windows
10:18:53.0486 6456 System windows directory: C:\Windows
10:18:53.0486 6456 Running under WOW64
10:18:53.0486 6456 Processor architecture: Intel x64
10:18:53.0486 6456 Number of processors: 4
10:18:53.0486 6456 Page size: 0x1000
10:18:53.0486 6456 Boot type: Normal boot
10:18:53.0486 6456 ============================================================
10:18:54.0376 6456 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:18:54.0391 6456 ============================================================
10:18:54.0391 6456 \Device\Harddisk0\DR0:
10:18:54.0391 6456 MBR partitions:
10:18:54.0391 6456 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
10:18:54.0391 6456 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x31553000
10:18:54.0391 6456 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x31585800, BlocksNum 0x8C00000
10:18:54.0391 6456 ============================================================
10:18:54.0454 6456 C: <-> \Device\Harddisk0\DR0\Partition2
10:18:54.0563 6456 D: <-> \Device\Harddisk0\DR0\Partition3
10:18:54.0563 6456 ============================================================
10:18:54.0563 6456 Initialize success
10:18:54.0563 6456 ============================================================
10:19:21.0379 6148 ============================================================
10:19:21.0379 6148 Scan started
10:19:21.0379 6148 Mode: Manual; SigCheck; TDLFS;
10:19:21.0379 6148 ============================================================
10:19:25.0591 6148 ================ Scan system memory ========================
10:19:25.0591 6148 System memory - ok
10:19:25.0591 6148 ================ Scan services =============================
10:19:25.0856 6148 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:19:25.0966 6148 1394ohci - ok
10:19:26.0012 6148 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:19:26.0044 6148 ACPI - ok
10:19:26.0075 6148 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:19:26.0153 6148 AcpiPmi - ok
10:19:26.0262 6148 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
10:19:26.0278 6148 AdobeARMservice - ok
10:19:26.0418 6148 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:19:26.0434 6148 AdobeFlashPlayerUpdateSvc - ok
10:19:26.0480 6148 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
10:19:26.0496 6148 adp94xx - ok
10:19:26.0543 6148 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
10:19:26.0558 6148 adpahci - ok
10:19:26.0699 6148 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
10:19:26.0746 6148 adpu320 - ok
10:19:26.0777 6148 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:19:26.0948 6148 AeLookupSvc - ok
10:19:27.0011 6148 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
10:19:27.0073 6148 AFD - ok
10:19:27.0120 6148 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
10:19:27.0136 6148 agp440 - ok
10:19:27.0182 6148 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
10:19:27.0214 6148 ALG - ok
10:19:27.0260 6148 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
10:19:27.0276 6148 aliide - ok
10:19:27.0292 6148 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
10:19:27.0292 6148 amdide - ok
10:19:27.0307 6148 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
10:19:27.0354 6148 AmdK8 - ok
10:19:27.0370 6148 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
10:19:27.0401 6148 AmdPPM - ok
10:19:27.0448 6148 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:19:27.0479 6148 amdsata - ok
10:19:27.0494 6148 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
10:19:27.0510 6148 amdsbs - ok
10:19:27.0541 6148 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:19:27.0557 6148 amdxata - ok
10:19:27.0604 6148 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPAL C:\Windows\system32\DRIVERS\AMPPAL.sys
10:19:27.0666 6148 AMPPAL - ok
10:19:27.0682 6148 [ 3BC90482A834F998C3B7A9C934A20342 ] AMPPALP C:\Windows\system32\DRIVERS\amppal.sys
10:19:27.0697 6148 AMPPALP - ok
10:19:27.0822 6148 [ A47D7FEBD9381D34DDB4FF38B15A67FE ] AMPPALR3 C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
10:19:27.0884 6148 AMPPALR3 - ok
10:19:27.0947 6148 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
10:19:28.0009 6148 AppID - ok
10:19:28.0056 6148 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:19:28.0118 6148 AppIDSvc - ok
10:19:28.0134 6148 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
10:19:28.0196 6148 Appinfo - ok
10:19:28.0259 6148 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:19:28.0274 6148 Apple Mobile Device - ok
10:19:28.0321 6148 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
10:19:28.0337 6148 arc - ok
10:19:28.0352 6148 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
10:19:28.0368 6148 arcsas - ok
10:19:28.0415 6148 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:19:28.0477 6148 AsyncMac - ok
10:19:28.0524 6148 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
10:19:28.0540 6148 atapi - ok
10:19:28.0586 6148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:19:28.0649 6148 AudioEndpointBuilder - ok
10:19:28.0680 6148 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:19:28.0727 6148 AudioSrv - ok
10:19:28.0852 6148 [ FCC4933F96883FEC83D17697B75B0FDE ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
10:19:28.0898 6148 AVKProxy - ok
10:19:28.0945 6148 [ 29DA2D5958B352022A1BB5CE6FDB427C ] AVKService C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe
10:19:28.0976 6148 AVKService - ok
10:19:29.0039 6148 [ 9A75BDDFCE451C173CDEAEFC1921A147 ] AVKWCtl C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe
10:19:29.0101 6148 AVKWCtl - ok
10:19:29.0164 6148 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:19:29.0273 6148 AxInstSV - ok
10:19:29.0320 6148 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
10:19:29.0382 6148 b06bdrv - ok
10:19:29.0444 6148 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:19:29.0476 6148 b57nd60a - ok
10:19:29.0507 6148 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
10:19:29.0554 6148 BDESVC - ok
10:19:29.0569 6148 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
10:19:29.0616 6148 Beep - ok
10:19:29.0678 6148 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
10:19:29.0756 6148 BFE - ok
10:19:29.0803 6148 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
10:19:29.0881 6148 BITS - ok
10:19:29.0912 6148 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
10:19:29.0944 6148 blbdrive - ok
10:19:30.0037 6148 [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
10:19:30.0068 6148 Bluetooth Device Monitor - ok
10:19:30.0115 6148 [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
10:19:30.0146 6148 Bluetooth Media Service - ok
10:19:30.0193 6148 [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
10:19:30.0224 6148 Bluetooth OBEX Service - ok
10:19:30.0256 6148 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:19:30.0287 6148 Bonjour Service - ok
10:19:30.0334 6148 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:19:30.0380 6148 bowser - ok
10:19:30.0396 6148 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
10:19:30.0427 6148 BrFiltLo - ok
10:19:30.0443 6148 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
10:19:30.0490 6148 BrFiltUp - ok
10:19:30.0536 6148 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
10:19:30.0599 6148 Browser - ok
10:19:30.0895 6148 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:19:30.0973 6148 Brserid - ok
10:19:31.0004 6148 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:19:31.0036 6148 BrSerWdm - ok
10:19:31.0051 6148 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:19:31.0098 6148 BrUsbMdm - ok
10:19:31.0129 6148 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:19:31.0160 6148 BrUsbSer - ok
10:19:31.0207 6148 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
10:19:31.0254 6148 BthEnum - ok
10:19:31.0285 6148 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
10:19:31.0332 6148 BTHMODEM - ok
10:19:31.0394 6148 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
10:19:31.0426 6148 BthPan - ok
10:19:31.0472 6148 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
10:19:31.0504 6148 BTHPORT - ok
10:19:31.0550 6148 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
10:19:31.0597 6148 bthserv - ok
10:19:31.0644 6148 [ 9E2AF97302B9F4BF97E952A865EB31AE ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
10:19:31.0660 6148 BTHSSecurityMgr - ok
10:19:31.0706 6148 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
10:19:31.0722 6148 BTHUSB - ok
10:19:31.0784 6148 [ 270FBA230E78E25726D065A924589A72 ] btmaux C:\Windows\system32\DRIVERS\btmaux.sys
10:19:31.0816 6148 btmaux - ok
10:19:31.0847 6148 [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf C:\Windows\system32\DRIVERS\btmhsf.sys
10:19:31.0894 6148 btmhsf - ok
10:19:31.0925 6148 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:19:31.0987 6148 cdfs - ok
10:19:32.0034 6148 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
10:19:32.0050 6148 cdrom - ok
10:19:32.0081 6148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
10:19:32.0159 6148 CertPropSvc - ok
10:19:32.0190 6148 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
10:19:32.0237 6148 circlass - ok
10:19:32.0268 6148 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
10:19:32.0284 6148 CLFS - ok
10:19:32.0346 6148 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:19:32.0362 6148 clr_optimization_v2.0.50727_32 - ok
10:19:32.0377 6148 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:19:32.0393 6148 clr_optimization_v2.0.50727_64 - ok
10:19:32.0471 6148 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:19:32.0502 6148 clr_optimization_v4.0.30319_32 - ok
10:19:32.0533 6148 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:19:32.0564 6148 clr_optimization_v4.0.30319_64 - ok
10:19:32.0627 6148 [ 50F92C943F18B070F166D019DFAB3D9A ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
10:19:32.0642 6148 clwvd - ok
10:19:32.0674 6148 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
10:19:32.0705 6148 CmBatt - ok
10:19:32.0736 6148 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:19:32.0752 6148 cmdide - ok
10:19:32.0798 6148 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
10:19:32.0861 6148 CNG - ok
10:19:32.0908 6148 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
10:19:32.0939 6148 Compbatt - ok
10:19:32.0970 6148 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:19:33.0017 6148 CompositeBus - ok
10:19:33.0032 6148 COMSysApp - ok
10:19:33.0079 6148 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
10:19:33.0095 6148 cphs - ok
10:19:33.0126 6148 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
10:19:33.0142 6148 crcdisk - ok
10:19:33.0188 6148 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:19:33.0266 6148 CryptSvc - ok
10:19:33.0376 6148 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:19:33.0407 6148 cvhsvc - ok
10:19:33.0532 6148 [ 7F5CD87CA5BDB4D83F992D8C77201483 ] CyberLink PowerDVD 10 MS Monitor Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
10:19:33.0547 6148 CyberLink PowerDVD 10 MS Monitor Service - ok
10:19:33.0578 6148 [ 9FAF58E876A3B1DB3030A0A5805F2D86 ] CyberLink PowerDVD 10 MS Service C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
10:19:33.0610 6148 CyberLink PowerDVD 10 MS Service - ok
10:19:33.0656 6148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:19:33.0734 6148 DcomLaunch - ok
10:19:33.0797 6148 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
10:19:33.0859 6148 defragsvc - ok
10:19:33.0906 6148 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:19:33.0968 6148 DfsC - ok
10:19:34.0031 6148 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
10:19:34.0078 6148 Dhcp - ok
10:19:34.0093 6148 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
10:19:34.0156 6148 discache - ok
10:19:34.0187 6148 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
10:19:34.0202 6148 Disk - ok
10:19:34.0234 6148 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:19:34.0280 6148 Dnscache - ok
10:19:34.0327 6148 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
10:19:34.0390 6148 dot3svc - ok
10:19:34.0405 6148 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
10:19:34.0452 6148 DPS - ok
10:19:34.0499 6148 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:19:34.0530 6148 drmkaud - ok
10:19:34.0608 6148 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:19:34.0655 6148 DXGKrnl - ok
10:19:34.0670 6148 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
10:19:34.0748 6148 EapHost - ok
10:19:34.0826 6148 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
10:19:34.0967 6148 ebdrv - ok
10:19:35.0014 6148 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
10:19:35.0029 6148 EFS - ok
10:19:35.0092 6148 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
10:19:35.0170 6148 ehRecvr - ok
10:19:35.0201 6148 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
10:19:35.0248 6148 ehSched - ok
10:19:35.0279 6148 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
10:19:35.0310 6148 elxstor - ok
10:19:35.0372 6148 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:19:35.0404 6148 ErrDev - ok
10:19:35.0450 6148 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
10:19:35.0513 6148 EventSystem - ok
10:19:35.0622 6148 [ B20A788579E443F768AAB1A24F705D0A ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
10:19:35.0653 6148 EvtEng - ok
10:19:35.0684 6148 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
10:19:35.0747 6148 exfat - ok
10:19:35.0762 6148 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:19:35.0825 6148 fastfat - ok
10:19:35.0903 6148 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
10:19:35.0965 6148 Fax - ok
10:19:35.0996 6148 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
10:19:36.0028 6148 fdc - ok
10:19:36.0043 6148 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
10:19:36.0090 6148 fdPHost - ok
10:19:36.0121 6148 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
10:19:36.0168 6148 FDResPub - ok
10:19:36.0215 6148 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:19:36.0230 6148 FileInfo - ok
10:19:36.0246 6148 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:19:36.0308 6148 Filetrace - ok
10:19:36.0340 6148 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
10:19:36.0355 6148 flpydisk - ok
10:19:36.0371 6148 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:19:36.0386 6148 FltMgr - ok
10:19:36.0433 6148 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
10:19:36.0496 6148 FontCache - ok
10:19:36.0527 6148 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:19:36.0542 6148 FontCache3.0.0.0 - ok
10:19:36.0558 6148 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:19:36.0574 6148 FsDepends - ok
10:19:36.0620 6148 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:19:36.0636 6148 Fs_Rec - ok
10:19:36.0698 6148 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:19:36.0730 6148 fvevol - ok
10:19:36.0761 6148 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
10:19:36.0776 6148 gagp30kx - ok
10:19:36.0901 6148 [ B432E7404DF28908D80A4ED902A73F97 ] GDBackupSvc C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe
10:19:36.0948 6148 GDBackupSvc - ok
10:19:36.0995 6148 [ 116F4672A804DA33E1159C005AE88B9C ] GDBehave C:\Windows\system32\drivers\GDBehave.sys
10:19:37.0010 6148 GDBehave - ok
10:19:37.0104 6148 [ 2922B4D0AA4095797E66D87F08CA4D72 ] GDFwSvc C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe
10:19:37.0198 6148 GDFwSvc - ok
10:19:37.0244 6148 [ E02AC68F1FC31D38EAD729E00BD68C93 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
10:19:37.0260 6148 GDMnIcpt - ok
10:19:37.0291 6148 [ D826B9C59DE0B310C9E560763560D8F9 ] GdNetMon C:\Windows\system32\drivers\GdNetMon64.sys
10:19:37.0307 6148 GdNetMon - ok
10:19:37.0354 6148 [ 290DDB8C97249F99569B77E9DF2F76FC ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
10:19:37.0369 6148 GDPkIcpt - ok
10:19:37.0447 6148 [ 110C6DC36EA9F5DA664A584756B1B297 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
10:19:37.0478 6148 GDScan - ok
10:19:37.0525 6148 [ 0567B5641DF3C52FB4E6B623726669ED ] GDTunerSvc C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe
10:19:37.0588 6148 GDTunerSvc - ok
10:19:37.0634 6148 [ 876D6FA58981D073DD4063225370B12F ] gdwfpcd C:\Windows\system32\drivers\gdwfpcd64.sys
10:19:37.0650 6148 gdwfpcd - ok
10:19:37.0681 6148 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
10:19:37.0697 6148 GEARAspiWDM - ok
10:19:37.0728 6148 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
10:19:37.0759 6148 gpsvc - ok
10:19:37.0822 6148 [ E10BAA2EA50E575BBEF0C5080DA088A4 ] GRD C:\Windows\system32\drivers\GRD.sys
10:19:37.0837 6148 GRD - ok
10:19:37.0868 6148 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:19:37.0915 6148 hcw85cir - ok
10:19:37.0962 6148 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:19:38.0009 6148 HdAudAddService - ok
10:19:38.0040 6148 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:19:38.0087 6148 HDAudBus - ok
10:19:38.0102 6148 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
10:19:38.0149 6148 HidBatt - ok
10:19:38.0165 6148 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
10:19:38.0212 6148 HidBth - ok
10:19:38.0258 6148 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
10:19:38.0274 6148 HidIr - ok
10:19:38.0305 6148 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
10:19:38.0368 6148 hidserv - ok
10:19:38.0430 6148 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
10:19:38.0446 6148 HidUsb - ok
10:19:38.0477 6148 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:19:38.0539 6148 hkmsvc - ok
10:19:38.0555 6148 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:19:38.0633 6148 HomeGroupListener - ok
10:19:38.0648 6148 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:19:38.0680 6148 HomeGroupProvider - ok
10:19:38.0711 6148 [ 3CD18F0B3681FB267E67763CC3152D4E ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
10:19:38.0726 6148 HookCentre - ok
10:19:38.0804 6148 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:19:38.0836 6148 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
10:19:38.0836 6148 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
10:19:38.0867 6148 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:19:38.0882 6148 HpSAMD - ok
10:19:38.0929 6148 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:19:38.0992 6148 HTTP - ok
10:19:39.0007 6148 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:19:39.0007 6148 hwpolicy - ok
10:19:39.0054 6148 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:19:39.0070 6148 i8042prt - ok
10:19:39.0101 6148 [ 2FDAEC4B02729C48C0FD1B0B4695995B ] iaStor C:\Windows\system32\drivers\iaStor.sys
10:19:39.0132 6148 iaStor - ok
10:19:39.0194 6148 [ D41861E56E7552C13674D7F147A02464 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
10:19:39.0210 6148 IAStorDataMgrSvc - ok
10:19:39.0257 6148 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:19:39.0288 6148 iaStorV - ok
10:19:39.0335 6148 [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex C:\Windows\system32\DRIVERS\iBtFltCoex.sys
10:19:39.0366 6148 iBtFltCoex - ok
10:19:39.0444 6148 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:19:39.0475 6148 IDriverT ( UnsignedFile.Multi.Generic ) - warning
10:19:39.0475 6148 IDriverT - detected UnsignedFile.Multi.Generic (1)
10:19:39.0522 6148 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:19:39.0569 6148 idsvc - ok
10:19:39.0740 6148 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:19:40.0021 6148 igfx - ok
10:19:40.0037 6148 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
10:19:40.0052 6148 iirsp - ok
10:19:40.0084 6148 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
10:19:40.0162 6148 IKEEXT - ok
10:19:40.0193 6148 [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
10:19:40.0208 6148 intaud_WaveExtensible - ok
10:19:40.0286 6148 [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:19:40.0427 6148 IntcAzAudAddService - ok
10:19:40.0474 6148 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
10:19:40.0520 6148 IntcDAud - ok
10:19:40.0536 6148 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
10:19:40.0536 6148 intelide - ok
10:19:40.0583 6148 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:19:40.0599 6148 intelppm - ok
10:19:40.0692 6148 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:19:40.0879 6148 IPBusEnum - ok
10:19:40.0957 6148 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:19:41.0051 6148 IpFilterDriver - ok
10:19:41.0082 6148 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
10:19:41.0113 6148 iphlpsvc - ok
10:19:41.0145 6148 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:19:41.0176 6148 IPMIDRV - ok
10:19:41.0207 6148 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:19:41.0254 6148 IPNAT - ok
10:19:41.0316 6148 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
10:19:41.0347 6148 iPod Service - ok
10:19:41.0363 6148 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:19:41.0394 6148 IRENUM - ok
10:19:41.0410 6148 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:19:41.0425 6148 isapnp - ok
10:19:41.0457 6148 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:19:41.0488 6148 iScsiPrt - ok
10:19:41.0535 6148 [ 00CB3B7A1B166B425F9A330CA51E3568 ] IT9135BDA C:\Windows\system32\Drivers\IT9135BDA.sys
10:19:41.0581 6148 IT9135BDA - ok
10:19:41.0628 6148 [ 716F66336F10885D935B08174DC54242 ] iwdbus C:\Windows\system32\drivers\iwdbus.sys
10:19:41.0644 6148 iwdbus - ok
10:19:41.0644 6148 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:19:41.0675 6148 kbdclass - ok
10:19:41.0691 6148 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:19:41.0737 6148 kbdhid - ok
10:19:41.0753 6148 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
10:19:41.0769 6148 KeyIso - ok
10:19:41.0800 6148 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:19:41.0815 6148 KSecDD - ok
10:19:41.0831 6148 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:19:41.0862 6148 KSecPkg - ok
10:19:41.0878 6148 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:19:41.0925 6148 ksthunk - ok
10:19:41.0971 6148 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
10:19:42.0049 6148 KtmRm - ok
10:19:42.0096 6148 [ 6DD5383C9413AAE3113FAF89E345663D ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
10:19:42.0112 6148 L1C - ok
10:19:42.0159 6148 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
10:19:42.0221 6148 LanmanServer - ok
10:19:42.0252 6148 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:19:42.0330 6148 LanmanWorkstation - ok
10:19:42.0377 6148 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:19:42.0455 6148 lltdio - ok
10:19:42.0502 6148 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:19:42.0564 6148 lltdsvc - ok
10:19:42.0595 6148 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:19:42.0658 6148 lmhosts - ok
10:19:42.0720 6148 [ 2ED1786B7542CDA261029F6B526EDF44 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
10:19:42.0736 6148 LMS - ok
10:19:42.0783 6148 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
10:19:42.0798 6148 LSI_FC - ok
10:19:42.0829 6148 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
10:19:42.0845 6148 LSI_SAS - ok
10:19:42.0845 6148 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
10:19:42.0861 6148 LSI_SAS2 - ok
10:19:42.0892 6148 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
10:19:42.0907 6148 LSI_SCSI - ok
10:19:42.0954 6148 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
10:19:43.0001 6148 luafv - ok
10:19:43.0048 6148 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
10:19:43.0095 6148 Mcx2Svc - ok
10:19:43.0110 6148 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
10:19:43.0126 6148 megasas - ok
10:19:43.0157 6148 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
10:19:43.0173 6148 MegaSR - ok
10:19:43.0219 6148 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
10:19:43.0235 6148 MEIx64 - ok
10:19:43.0266 6148 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
10:19:43.0344 6148 MMCSS - ok
10:19:43.0375 6148 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
10:19:43.0407 6148 Modem - ok
10:19:43.0438 6148 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:19:43.0469 6148 monitor - ok
10:19:43.0500 6148 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:19:43.0516 6148 mouclass - ok
10:19:43.0547 6148 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:19:43.0594 6148 mouhid - ok
10:19:43.0625 6148 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:19:43.0641 6148 mountmgr - ok
10:19:43.0703 6148 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:19:43.0719 6148 MozillaMaintenance - ok
10:19:43.0765 6148 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
10:19:43.0781 6148 mpio - ok
10:19:43.0812 6148 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:19:43.0859 6148 mpsdrv - ok
10:19:43.0921 6148 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
10:19:43.0968 6148 MpsSvc - ok
10:19:43.0999 6148 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:19:44.0062 6148 MRxDAV - ok
10:19:44.0093 6148 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:19:44.0140 6148 mrxsmb - ok
10:19:44.0187 6148 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:19:44.0218 6148 mrxsmb10 - ok
10:19:44.0233 6148 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:19:44.0265 6148 mrxsmb20 - ok
10:19:44.0296 6148 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
10:19:44.0311 6148 msahci - ok
10:19:44.0327 6148 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:19:44.0343 6148 msdsm - ok
10:19:44.0374 6148 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
10:19:44.0405 6148 MSDTC - ok
10:19:44.0452 6148 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:19:44.0514 6148 Msfs - ok
10:19:44.0514 6148 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:19:44.0577 6148 mshidkmdf - ok
10:19:44.0639 6148 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:19:44.0639 6148 msisadrv - ok
10:19:44.0701 6148 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:19:44.0764 6148 MSiSCSI - ok
10:19:44.0764 6148 msiserver - ok
10:19:44.0795 6148 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:19:44.0842 6148 MSKSSRV - ok
10:19:44.0873 6148 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:19:44.0935 6148 MSPCLOCK - ok
10:19:44.0951 6148 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:19:45.0013 6148 MSPQM - ok
10:19:45.0060 6148 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:19:45.0091 6148 MsRPC - ok
10:19:45.0123 6148 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:19:45.0138 6148 mssmbios - ok
10:19:45.0138 6148 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:19:45.0185 6148 MSTEE - ok
10:19:45.0216 6148 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
10:19:45.0247 6148 MTConfig - ok
10:19:45.0279 6148 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
10:19:45.0294 6148 Mup - ok
10:19:45.0341 6148 [ F217D7718FD7577AF331E89910B2D21E ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
10:19:45.0372 6148 MyWiFiDHCPDNS - ok
10:19:45.0403 6148 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
10:19:45.0481 6148 napagent - ok
10:19:45.0528 6148 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:19:45.0559 6148 NativeWifiP - ok
10:19:45.0622 6148 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
10:19:45.0653 6148 NDIS - ok
10:19:45.0669 6148 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:19:45.0715 6148 NdisCap - ok
10:19:45.0762 6148 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:19:45.0825 6148 NdisTapi - ok
10:19:45.0840 6148 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:19:45.0887 6148 Ndisuio - ok
10:19:45.0918 6148 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:19:45.0965 6148 NdisWan - ok
10:19:45.0996 6148 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:19:46.0059 6148 NDProxy - ok
10:19:46.0090 6148 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:19:46.0137 6148 NetBIOS - ok
10:19:46.0168 6148 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:19:46.0215 6148 NetBT - ok
10:19:46.0230 6148 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
10:19:46.0246 6148 Netlogon - ok
10:19:46.0293 6148 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
10:19:46.0355 6148 Netman - ok
10:19:46.0371 6148 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
10:19:46.0433 6148 netprofm - ok
10:19:46.0464 6148 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:19:46.0480 6148 NetTcpPortSharing - ok
10:19:46.0714 6148 [ 9FD1BE1881446D954FF77244AE58FBCB ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys
10:19:47.0041 6148 NETwNs64 - ok
10:19:47.0088 6148 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
10:19:47.0088 6148 nfrd960 - ok
10:19:47.0135 6148 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:19:47.0166 6148 NlaSvc - ok
10:19:47.0197 6148 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:19:47.0244 6148 Npfs - ok
10:19:47.0275 6148 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
10:19:47.0322 6148 nsi - ok
10:19:47.0338 6148 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:19:47.0385 6148 nsiproxy - ok
10:19:47.0463 6148 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:19:47.0525 6148 Ntfs - ok
10:19:47.0556 6148 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
10:19:47.0619 6148 Null - ok
10:19:47.0899 6148 [ E97E8C80793EF12C994607CA5645799A ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:19:48.0399 6148 nvlddmkm - ok
10:19:48.0445 6148 [ 50612BD6943B9CB20008E9E241DC8B7D ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
10:19:48.0461 6148 nvpciflt - ok
10:19:48.0492 6148 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:19:48.0508 6148 nvraid - ok
10:19:48.0523 6148 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:19:48.0555 6148 nvstor - ok
10:19:48.0617 6148 [ F355C26FDE46EDB911E3E3D749E985AE ] nvsvc C:\Windows\system32\nvvsvc.exe
10:19:48.0664 6148 nvsvc - ok
10:19:48.0742 6148 [ 03AA7307C0D92D38D7AF90E181736B8D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
10:19:48.0804 6148 nvUpdatusService - ok
10:19:48.0851 6148 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:19:48.0882 6148 nv_agp - ok
10:19:48.0913 6148 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:19:48.0945 6148 ohci1394 - ok
10:19:49.0007 6148 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:19:49.0023 6148 ose - ok
10:19:49.0163 6148 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:19:49.0381 6148 osppsvc - ok
10:19:49.0428 6148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:19:49.0475 6148 p2pimsvc - ok
10:19:49.0506 6148 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
10:19:49.0537 6148 p2psvc - ok
10:19:49.0569 6148 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
10:19:49.0600 6148 Parport - ok
10:19:49.0631 6148 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:19:49.0647 6148 partmgr - ok
10:19:49.0662 6148 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
10:19:49.0709 6148 PcaSvc - ok
10:19:49.0756 6148 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
10:19:49.0771 6148 pci - ok
10:19:49.0787 6148 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
10:19:49.0803 6148 pciide - ok
10:19:49.0819 6148 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
10:19:49.0850 6148 pcmcia - ok
10:19:49.0866 6148 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
10:19:49.0882 6148 pcw - ok
10:19:49.0913 6148 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:19:49.0975 6148 PEAUTH - ok
10:19:50.0053 6148 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:19:50.0084 6148 PerfHost - ok
10:19:50.0147 6148 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
10:19:50.0240 6148 pla - ok
10:19:50.0287 6148 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:19:50.0334 6148 PlugPlay - ok
10:19:50.0350 6148 PnkBstrA - ok
10:19:50.0381 6148 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:19:50.0412 6148 PNRPAutoReg - ok
10:19:50.0428 6148 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:19:50.0443 6148 PNRPsvc - ok
10:19:50.0474 6148 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
10:19:50.0537 6148 PolicyAgent - ok
10:19:50.0584 6148 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
10:19:50.0630 6148 Power - ok
10:19:50.0693 6148 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:19:50.0755 6148 PptpMiniport - ok
10:19:50.0786 6148 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
10:19:50.0818 6148 Processor - ok
10:19:50.0865 6148 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
10:19:50.0912 6148 ProfSvc - ok
10:19:50.0928 6148 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:19:50.0943 6148 ProtectedStorage - ok
10:19:50.0990 6148 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:19:51.0053 6148 Psched - ok
10:19:51.0084 6148 [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2 c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
10:19:51.0099 6148 PSI_SVC_2 - ok
10:19:51.0146 6148 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
10:19:51.0224 6148 ql2300 - ok
10:19:51.0271 6148 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
10:19:51.0287 6148 ql40xx - ok
10:19:51.0318 6148 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
10:19:51.0349 6148 QWAVE - ok
10:19:51.0396 6148 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:19:51.0443 6148 QWAVEdrv - ok
10:19:51.0458 6148 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:19:51.0521 6148 RasAcd - ok
10:19:51.0567 6148 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:19:51.0599 6148 RasAgileVpn - ok
10:19:51.0645 6148 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
10:19:51.0692 6148 RasAuto - ok
10:19:51.0708 6148 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:19:51.0770 6148 Rasl2tp - ok
10:19:51.0801 6148 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
10:19:51.0854 6148 RasMan - ok
10:19:51.0854 6148 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:19:51.0917 6148 RasPppoe - ok
10:19:51.0932 6148 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:19:51.0979 6148 RasSstp - ok
10:19:51.0995 6148 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:19:52.0041 6148 rdbss - ok
10:19:52.0073 6148 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
10:19:52.0088 6148 rdpbus - ok
10:19:52.0119 6148 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:19:52.0166 6148 RDPCDD - ok
10:19:52.0182 6148 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:19:52.0244 6148 RDPENCDD - ok
10:19:52.0260 6148 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:19:52.0307 6148 RDPREFMP - ok
10:19:52.0369 6148 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:19:52.0400 6148 RdpVideoMiniport - ok
10:19:52.0447 6148 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:19:52.0509 6148 RDPWD - ok
10:19:52.0541 6148 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:19:52.0572 6148 rdyboost - ok
10:19:52.0790 6148 [ B9A0810D16EA7935B10A5499ABA61DC3 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
10:19:52.0821 6148 RegSrvc - ok
10:19:52.0853 6148 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
10:19:52.0899 6148 RemoteAccess - ok
10:19:52.0931 6148 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:19:52.0977 6148 RemoteRegistry - ok
10:19:53.0040 6148 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
10:19:53.0055 6148 RFCOMM - ok
10:19:53.0165 6148 [ F12A68ED55053940CADD59CA5E3468DD ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
10:19:53.0180 6148 RichVideo ( UnsignedFile.Multi.Generic ) - warning
10:19:53.0180 6148 RichVideo - detected UnsignedFile.Multi.Generic (1)
10:19:53.0227 6148 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:19:53.0289 6148 RpcEptMapper - ok
10:19:53.0321 6148 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
10:19:53.0336 6148 RpcLocator - ok
10:19:53.0367 6148 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
10:19:53.0414 6148 RpcSs - ok
10:19:53.0445 6148 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:19:53.0508 6148 rspndr - ok
10:19:53.0555 6148 [ CE0A1D8A59410E698140821E4E69DA0D ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys
10:19:53.0586 6148 RSUSBVSTOR - ok
10:19:53.0586 6148 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
10:19:53.0601 6148 SamSs - ok
10:19:53.0633 6148 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:19:53.0648 6148 sbp2port - ok
10:19:53.0679 6148 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:19:53.0742 6148 SCardSvr - ok
10:19:53.0773 6148 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:19:53.0835 6148 scfilter - ok
10:19:53.0882 6148 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
10:19:53.0960 6148 Schedule - ok
10:19:53.0976 6148 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
10:19:54.0023 6148 SCPolicySvc - ok
10:19:54.0038 6148 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:19:54.0085 6148 SDRSVC - ok
10:19:54.0116 6148 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:19:54.0179 6148 secdrv - ok
10:19:54.0194 6148 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
10:19:54.0257 6148 seclogon - ok
10:19:54.0272 6148 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
10:19:54.0350 6148 SENS - ok
10:19:54.0366 6148 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:19:54.0413 6148 SensrSvc - ok
10:19:54.0444 6148 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
10:19:54.0459 6148 Serenum - ok
10:19:54.0491 6148 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
10:19:54.0537 6148 Serial - ok
10:19:54.0553 6148 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
10:19:54.0725 6148 sermouse - ok
10:19:54.0849 6148 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
10:19:54.0896 6148 SessionEnv - ok
10:19:54.0927 6148 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:19:54.0943 6148 sffdisk - ok
10:19:54.0959 6148 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:19:54.0990 6148 sffp_mmc - ok
10:19:55.0005 6148 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:19:55.0052 6148 sffp_sd - ok
10:19:55.0068 6148 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
10:19:55.0083 6148 sfloppy - ok
10:19:55.0115 6148 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
10:19:55.0161 6148 Sftfs - ok
10:19:55.0239 6148 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:19:55.0271 6148 sftlist - ok
10:19:55.0302 6148 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
10:19:55.0317 6148 Sftplay - ok
10:19:55.0333 6148 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
10:19:55.0349 6148 Sftredir - ok
10:19:55.0364 6148 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
10:19:55.0380 6148 Sftvol - ok
10:19:55.0395 6148 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:19:55.0411 6148 sftvsa - ok
10:19:55.0458 6148 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
10:19:55.0520 6148 SharedAccess - ok
10:19:55.0567 6148 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:19:55.0629 6148 ShellHWDetection - ok
10:19:55.0661 6148 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
10:19:55.0676 6148 SiSRaid2 - ok
10:19:55.0692 6148 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
10:19:55.0707 6148 SiSRaid4 - ok
10:19:55.0754 6148 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:19:55.0770 6148 SkypeUpdate - ok
10:19:55.0832 6148 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:19:55.0879 6148 Smb - ok
10:19:55.0926 6148 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:19:55.0973 6148 SNMPTRAP - ok
10:19:55.0988 6148 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
10:19:55.0988 6148 spldr - ok
10:19:56.0019 6148 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
10:19:56.0082 6148 Spooler - ok
10:19:56.0160 6148 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
10:19:56.0269 6148 sppsvc - ok
10:19:56.0285 6148 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:19:56.0347 6148 sppuinotify - ok
10:19:56.0394 6148 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
10:19:56.0425 6148 srv - ok
10:19:56.0472 6148 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:19:56.0519 6148 srv2 - ok
10:19:56.0534 6148 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:19:56.0550 6148 srvnet - ok
10:19:56.0597 6148 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:19:56.0643 6148 SSDPSRV - ok
10:19:56.0675 6148 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:19:56.0737 6148 SstpSvc - ok
10:19:56.0784 6148 [ B7368B1BF6C20922DFEDF0A35F69EEEF ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:19:56.0815 6148 Stereo Service - ok
10:19:56.0846 6148 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
10:19:56.0862 6148 stexstor - ok
10:19:56.0924 6148 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
10:19:56.0971 6148 stisvc - ok
10:19:56.0987 6148 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
10:19:57.0002 6148 swenum - ok
10:19:57.0033 6148 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
10:19:57.0096 6148 swprv - ok
10:19:57.0174 6148 [ B3AD15FA10EBEAFC1275F34050E4E230 ] SynTP C:\Windows\system32\drivers\SynTP.sys
10:19:57.0236 6148 SynTP - ok
10:19:57.0314 6148 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
10:19:57.0392 6148 SysMain - ok
10:19:57.0423 6148 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:19:57.0439 6148 TabletInputService - ok
10:19:57.0470 6148 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
10:19:57.0533 6148 TapiSrv - ok
10:19:57.0564 6148 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
10:19:57.0595 6148 TBS - ok
10:19:57.0689 6148 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:19:57.0891 6148 Tcpip - ok
10:19:57.0954 6148 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:19:58.0001 6148 TCPIP6 - ok
10:19:58.0032 6148 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:19:58.0047 6148 tcpipreg - ok
10:19:58.0094 6148 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:19:58.0141 6148 TDPIPE - ok
10:19:58.0157 6148 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:19:58.0188 6148 TDTCP - ok
10:19:58.0219 6148 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:19:58.0266 6148 tdx - ok
10:19:58.0297 6148 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
10:19:58.0297 6148 TermDD - ok
10:19:58.0344 6148 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
10:19:58.0422 6148 TermService - ok
10:19:58.0453 6148 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
10:19:58.0484 6148 Themes - ok
10:19:58.0531 6148 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
10:19:58.0578 6148 THREADORDER - ok
10:19:58.0625 6148 [ DA632FAE7B5629032B2C24E1BE29168B ] tihub3 C:\Windows\system32\drivers\tihub3.sys
10:19:58.0640 6148 tihub3 - ok
10:19:58.0703 6148 [ 6AAD465F69632931B6D8D61B287E6DE9 ] tixhci C:\Windows\system32\drivers\tixhci.sys
10:19:58.0718 6148 tixhci - ok
10:19:58.0765 6148 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
10:19:58.0827 6148 TrkWks - ok
10:19:58.0874 6148 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:19:58.0921 6148 TrustedInstaller - ok
10:19:58.0937 6148 [ 59BD43714E1034A913F019413905D387 ] TS4NT C:\Windows\system32\Drivers\TS4nt.sys
10:19:58.0952 6148 TS4NT - ok
10:19:59.0030 6148 [ B4A0237AF692AC90E18F61880A48D010 ] TSNxGService C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe
10:19:59.0046 6148 TSNxGService - ok
10:19:59.0061 6148 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:19:59.0108 6148 tssecsrv - ok
10:19:59.0155 6148 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:19:59.0217 6148 TsUsbFlt - ok
10:19:59.0249 6148 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
10:19:59.0264 6148 TsUsbGD - ok
10:19:59.0311 6148 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:19:59.0342 6148 tunnel - ok
10:19:59.0389 6148 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
10:19:59.0405 6148 uagp35 - ok
10:19:59.0420 6148 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:19:59.0498 6148 udfs - ok
10:19:59.0561 6148 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:19:59.0576 6148 UI0Detect - ok
10:19:59.0592 6148 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:19:59.0607 6148 uliagpkx - ok
10:19:59.0654 6148 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
10:19:59.0670 6148 umbus - ok
10:19:59.0717 6148 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
10:19:59.0732 6148 UmPass - ok
10:19:59.0873 6148 [ 7E5E1603D0FF2D240AE70295C5C3FEFC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
10:19:59.0935 6148 UNS - ok
10:19:59.0966 6148 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
10:20:00.0044 6148 upnphost - ok
10:20:00.0060 6148 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:20:00.0091 6148 usbccgp - ok
10:20:00.0122 6148 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:20:00.0153 6148 usbcir - ok
10:20:00.0185 6148 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
10:20:00.0200 6148 usbehci - ok
10:20:00.0247 6148 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
10:20:00.0278 6148 usbhub - ok
10:20:00.0294 6148 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:20:00.0325 6148 usbohci - ok
10:20:00.0356 6148 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:20:00.0387 6148 usbprint - ok
10:20:00.0419 6148 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:20:00.0450 6148 usbscan - ok
10:20:00.0481 6148 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:20:00.0528 6148 USBSTOR - ok
10:20:00.0543 6148 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
10:20:00.0590 6148 usbuhci - ok
10:20:00.0621 6148 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
10:20:00.0668 6148 UxSms - ok
10:20:00.0699 6148 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
10:20:00.0715 6148 VaultSvc - ok
10:20:00.0762 6148 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:20:00.0777 6148 vdrvroot - ok
10:20:00.0793 6148 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
10:20:00.0840 6148 vds - ok
10:20:00.0871 6148 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:20:00.0902 6148 vga - ok
10:20:00.0902 6148 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
10:20:00.0980 6148 VgaSave - ok
10:20:01.0011 6148 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:20:01.0027 6148 vhdmp - ok
10:20:01.0058 6148 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
10:20:01.0058 6148 viaide - ok
10:20:01.0074 6148 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:20:01.0089 6148 volmgr - ok
10:20:01.0121 6148 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:20:01.0136 6148 volmgrx - ok
10:20:01.0167 6148 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:20:01.0199 6148 volsnap - ok
10:20:01.0214 6148 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
10:20:01.0245 6148 vsmraid - ok
10:20:01.0292 6148 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
10:20:01.0433 6148 VSS - ok
10:20:01.0464 6148 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
10:20:01.0511 6148 vwifibus - ok
10:20:01.0542 6148 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
10:20:01.0573 6148 vwififlt - ok
10:20:01.0573 6148 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
10:20:01.0589 6148 vwifimp - ok
10:20:01.0620 6148 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
10:20:01.0682 6148 W32Time - ok
10:20:01.0698 6148 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
10:20:01.0729 6148 WacomPen - ok
10:20:01.0776 6148 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:20:01.0838 6148 WANARP - ok
10:20:01.0838 6148 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:20:01.0885 6148 Wanarpv6 - ok
10:20:01.0963 6148 [ 261A725F8ACEDDA695C7FFF6D6EDE6B5 ] watchmi C:\Program Files (x86)\watchmi\TvdService.exe
10:20:01.0963 6148 watchmi ( UnsignedFile.Multi.Generic ) - warning
10:20:01.0963 6148 watchmi - detected UnsignedFile.Multi.Generic (1)
10:20:02.0025 6148 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
10:20:02.0119 6148 wbengine - ok
10:20:02.0150 6148 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:20:02.0166 6148 WbioSrvc - ok
10:20:02.0197 6148 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:20:02.0244 6148 wcncsvc - ok
10:20:02.0259 6148 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:20:02.0291 6148 WcsPlugInService - ok
10:20:02.0322 6148 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
10:20:02.0337 6148 Wd - ok
10:20:02.0384 6148 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:20:02.0447 6148 Wdf01000 - ok
10:20:02.0462 6148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:20:02.0587 6148 WdiServiceHost - ok
10:20:02.0603 6148 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:20:02.0618 6148 WdiSystemHost - ok
10:20:02.0665 6148 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
10:20:02.0712 6148 WebClient - ok
10:20:02.0743 6148 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:20:02.0805 6148 Wecsvc - ok
10:20:02.0821 6148 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:20:02.0883 6148 wercplsupport - ok
10:20:02.0930 6148 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
10:20:02.0993 6148 WerSvc - ok
10:20:03.0039 6148 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:20:03.0071 6148 WfpLwf - ok
10:20:03.0102 6148 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:20:03.0102 6148 WIMMount - ok
10:20:03.0133 6148 WinDefend - ok
10:20:03.0149 6148 WinHttpAutoProxySvc - ok
10:20:03.0195 6148 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:20:03.0242 6148 Winmgmt - ok
10:20:03.0320 6148 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
10:20:03.0429 6148 WinRM - ok
10:20:03.0476 6148 [ 4C69A8E2E159C1C59BC4B688E9DD7F8C ] WisLMSvc C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
10:20:03.0476 6148 WisLMSvc - ok
10:20:03.0539 6148 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
10:20:03.0585 6148 Wlansvc - ok
10:20:03.0648 6148 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:20:03.0663 6148 wlcrasvc - ok
10:20:03.0757 6148 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:20:03.0819 6148 wlidsvc - ok
10:20:03.0866 6148 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:20:03.0882 6148 WmiAcpi - ok
10:20:03.0929 6148 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:20:03.0975 6148 wmiApSrv - ok
10:20:04.0022 6148 WMPNetworkSvc - ok
10:20:04.0038 6148 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:20:04.0085 6148 WPCSvc - ok
10:20:04.0100 6148 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:20:04.0131 6148 WPDBusEnum - ok
10:20:04.0163 6148 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:20:04.0209 6148 ws2ifsl - ok
10:20:04.0241 6148 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
10:20:04.0272 6148 wscsvc - ok
10:20:04.0287 6148 WSearch - ok
10:20:04.0365 6148 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
10:20:04.0443 6148 wuauserv - ok
10:20:04.0459 6148 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:20:04.0506 6148 WudfPf - ok
10:20:04.0553 6148 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:20:04.0584 6148 WUDFRd - ok
10:20:04.0599 6148 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:20:04.0631 6148 wudfsvc - ok
10:20:04.0677 6148 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
10:20:04.0724 6148 WwanSvc - ok
10:20:04.0802 6148 [ 7EB06617A7F2F280D58CF62776FDDDC2 ] ZcfgSvc7 C:\Program Files\Intel\WiFi\bin\ZCfgSvc7.exe
10:20:04.0833 6148 ZcfgSvc7 - ok
10:20:04.0849 6148 ================ Scan global ===============================
10:20:04.0880 6148 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
10:20:04.0911 6148 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:20:04.0927 6148 [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
10:20:04.0958 6148 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
10:20:05.0005 6148 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
10:20:05.0005 6148 [Global] - ok
10:20:05.0005 6148 ================ Scan MBR ==================================
10:20:05.0021 6148 [ EB2571B16B316C9FE5AA1C4797FF61EE ] \Device\Harddisk0\DR0
10:20:08.0203 6148 \Device\Harddisk0\DR0 - ok
10:20:08.0203 6148 ================ Scan VBR ==================================
10:20:08.0203 6148 [ 99B7E04C5CB88E500B914EE2628729C3 ] \Device\Harddisk0\DR0\Partition1
10:20:08.0203 6148 \Device\Harddisk0\DR0\Partition1 - ok
10:20:08.0250 6148 [ 8B891B889BC9C16081C131209EBF0F77 ] \Device\Harddisk0\DR0\Partition2
10:20:08.0250 6148 \Device\Harddisk0\DR0\Partition2 - ok
10:20:08.0281 6148 [ 44A1A062C90E4C06B60942525CB5811B ] \Device\Harddisk0\DR0\Partition3
10:20:08.0281 6148 \Device\Harddisk0\DR0\Partition3 - ok
10:20:08.0297 6148 ============================================================
10:20:08.0297 6148 Scan finished
10:20:08.0297 6148 ============================================================
10:20:08.0297 4964 Detected object count: 4
10:20:08.0297 4964 Actual detected object count: 4
10:20:56.0860 4964 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:56.0860 4964 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:20:56.0860 4964 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:56.0860 4964 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:20:56.0860 4964 RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:56.0860 4964 RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
10:20:56.0860 4964 watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
10:20:56.0860 4964 watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip