Trojaner-Board - delta-search.com

OTL.txt
OTL Logfile:

Code:

OTL logfile created on: 31.05.2013 15:22:06 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jup\Desktop

 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,43% Memory free

6,00 Gb Paging File | 4,70 Gb Available in Paging File | 78,34% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465,66 Gb Total Space | 216,72 Gb Free Space | 46,54% Space Free | Partition Type: NTFS

Drive D: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: JUP-PC | User Name: Jup | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.05.31 14:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe

PRC - [2013.05.29 22:42:54 | 000,844,168 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

PRC - [2013.05.12 00:26:08 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Programme\Mozilla Firefox\firefox.exe

PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2013.04.23 13:48:16 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Programme\Samsung\Kies\KiesTrayAgent.exe

PRC - [2013.04.23 13:48:12 | 001,561,968 | ---- | M] (Samsung) -- C:\Programme\Samsung\Kies\Kies.exe

PRC - [2013.04.18 22:27:59 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe

PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe

PRC - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

PRC - [2013.03.15 04:59:31 | 000,866,592 | ---- | M] (NVIDIA Corporation) -- C:\Programme\NVIDIA Corporation\Display\nvxdsync.exe

PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe

PRC - [2012.11.29 17:06:46 | 001,926,496 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe

PRC - [2012.11.29 17:06:44 | 001,723,744 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe

PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe

PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

PRC - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) -- C:\Programme\Windows Media Player\wmpnetwk.exe

PRC - [2010.11.20 14:17:00 | 000,302,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cmd.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2013.05.29 23:47:59 | 017,554,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\71b6200b469ae31187226c5634b6d6bb\Kies.Theme.ni.dll

MOD - [2013.05.29 23:47:12 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\5face173af94a7083cea1c078a6b4938\DummyStorePlugin.ni.dll

MOD - [2013.05.29 23:46:42 | 000,115,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceStoryAlbum\9ab54aea64046cd2b4ff895b1c027c05\DeviceStoryAlbum.ni.dll

MOD - [2013.05.29 23:45:56 | 000,614,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\29be5a9cc5b83e2b30e9d788ac201f83\DevicePodcast.ni.dll

MOD - [2013.05.29 23:44:31 | 000,300,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\b44e10add0a5276dc3fbbde338c4b5ea\DeviceVideo.ni.dll

MOD - [2013.05.29 23:43:34 | 000,355,840 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\9661c2265a6fb7782243c0633378a1e5\DevicePhoto.ni.dll

MOD - [2013.05.29 23:42:26 | 000,307,712 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\ec4ba3e13a88086bf95ea05919513917\DeviceMusic.ni.dll

MOD - [2013.05.29 23:41:16 | 000,474,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\df3496a7e1364e2b78bac5b4aef48ae6\VideoManager.ni.dll

MOD - [2013.05.29 23:39:41 | 000,782,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\88ec39193b34cf293d0887383c2ccde5\PhotoManager.ni.dll

MOD - [2013.05.29 23:33:00 | 001,988,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\be4228490407398b302edeed5ea57879\Phonebook.ni.dll

MOD - [2013.05.29 23:32:58 | 000,207,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\StoryAlbumManager\ea5424dfc774422fa2038d980b1642d1\StoryAlbumManager.ni.dll

MOD - [2013.05.29 23:32:57 | 000,945,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\11e6d42332f583f634dabad0c1252dbd\MusicManager.ni.dll

MOD - [2013.05.29 23:32:56 | 000,404,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\fbe4134679a5506a54004cd5952d7d29\BATPlugin.ni.dll

MOD - [2013.05.29 23:32:50 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\a5bd3f2855afcc1f5bf15057c35bd48d\Kies.Common.StoreManager.ni.dll

MOD - [2013.05.29 23:32:49 | 000,534,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\730c70013610eb7e73f49213b1076bab\Kies.Common.MediaDB.ni.dll

MOD - [2013.05.29 23:32:48 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll

MOD - [2013.05.29 23:32:47 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\94fd3d4235723a962f8b3f29d7eac567\Kies.Common.AllShare.ni.dll

MOD - [2013.05.29 23:32:46 | 000,109,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\fde643974d1f6bc8843237cedb262c9b\Kies.Common.CRMManager.ni.dll

MOD - [2013.05.29 23:32:46 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\1784a3c837a81be9ad8608a9405de178\Kies.Common.DBManager.ni.dll

MOD - [2013.05.29 23:32:45 | 001,146,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\6e3e1abb2c6eec953c061d179162925c\Podcaster.ni.dll

MOD - [2013.05.29 23:32:43 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\35992f641f4348746cfe0c6c1b48ece7\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll

MOD - [2013.05.29 23:32:42 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\94eee0f7d59880d4ff2754ad67877ac1\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll

MOD - [2013.05.29 23:32:41 | 000,580,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f0dfcf225ea9ee5911a199d90da24d76\Kies.Common.DeviceServiceLib.FileService.ni.dll

MOD - [2013.05.29 23:32:41 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\931b9596988f8d16731b691a35a25727\Interop.DevFileServiceLib.ni.dll

MOD - [2013.05.29 23:32:24 | 001,204,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f564ae0bcec147d5902965cf0f4367d1\Kies.Common.DeviceService.ni.dll

MOD - [2013.05.29 23:31:10 | 000,995,328 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceCommonLib\99bba258903cd892a867461d55d728ff\DeviceCommonLib.ni.dll

MOD - [2013.05.29 23:30:59 | 000,743,936 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\1c2a1b55d3cb205a9387f3b78b8b4380\Kies.Plugin.ContentsManagerLib.ni.dll

MOD - [2013.05.29 23:29:16 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\50c6d0af63aa7107ec15d7ef86a62609\Kies.Common.MainUI.ni.dll

MOD - [2013.05.29 23:19:24 | 000,045,568 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\bd5cbd625647b2af277b7c5c0ffb8f5b\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll

MOD - [2013.05.29 23:18:49 | 000,928,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6704d4bac5e6b834fe7cd1502f09f2cb\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll

MOD - [2013.05.29 23:14:15 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll

MOD - [2013.05.29 23:14:08 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll

MOD - [2013.05.29 23:13:58 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\bfc490c6779a7a9ae85832ca58c27054\Interop.PRPLAYERCORELib.ni.dll

MOD - [2013.05.29 23:13:51 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll

MOD - [2013.05.29 23:12:51 | 002,202,112 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\55bb76574a2231b83b8bb81ee405f172\Kies.Common.Multimedia.ni.dll

MOD - [2013.05.29 23:10:38 | 000,187,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\f93e893f927f890bffe924ec7e8c1323\Kies.Common.DeviceServiceLib.Interface.ni.dll

MOD - [2013.05.29 23:10:09 | 000,638,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2627bfc447a741309a32dbd51ee23dbc\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll

MOD - [2013.05.29 23:08:38 | 007,031,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\6873d3fad51da6c98725437186125722\DeviceHost.ni.dll

MOD - [2013.05.29 23:06:17 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll

MOD - [2013.05.29 23:05:51 | 000,282,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\37bb8c2ca86bf868044bce11e73d1efc\Kies.Common.Util.ni.dll

MOD - [2013.05.29 23:05:41 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll

MOD - [2013.05.29 23:05:25 | 001,644,032 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\c5572a7e44449de16eb4e7db6b7b5b82\Kies.Locale.ni.dll

MOD - [2013.05.29 23:05:09 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\2cbf81c1b1b5e7bd6a4758bd057e2d4c\Kies.MVVM.ni.dll

MOD - [2013.05.29 23:04:43 | 001,899,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\7aef2d5e9f446c4108ed337e465cd196\Kies.UI.ni.dll

MOD - [2013.05.29 23:04:00 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll

MOD - [2013.05.29 23:03:10 | 001,273,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\0687f786aa9dd34f7dd8d26cdfdb065f\Kies.Interface.ni.dll

MOD - [2013.05.29 22:57:18 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll

MOD - [2013.05.29 22:48:04 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll

MOD - [2013.05.29 22:45:18 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll

MOD - [2013.05.29 22:44:50 | 002,176,512 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\12c6291066c5db8821df6c56c8254037\Kies.ni.exe

MOD - [2013.05.29 22:30:24 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll

MOD - [2013.05.29 22:30:21 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll

MOD - [2013.05.29 22:30:19 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll

MOD - [2013.05.29 22:30:06 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll

MOD - [2013.05.29 22:29:52 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll

MOD - [2013.05.29 22:29:43 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll

MOD - [2013.05.29 22:29:35 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll

MOD - [2013.05.29 22:29:29 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll

MOD - [2013.05.12 00:26:24 | 003,128,728 | ---- | M] () -- C:\Programme\Mozilla Firefox\mozjs.dll

MOD - [2013.04.18 22:27:59 | 002,169,856 | -HS- | M] () -- C:\Windows\System32\hale.exe

MOD - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe

MOD - [2013.03.22 16:08:36 | 002,520,016 | ---- | M] () -- c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll

MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

MOD - [2009.08.16 17:06:02 | 000,141,312 | ---- | M] () -- C:\Programme\WinRAR\RarExt.dll

 

 
 ========== Services (SafeList) ==========

 

SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)

SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)

SRV - [2013.03.22 16:09:37 | 002,787,280 | ---- | M] () [Auto | Running] -- C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -- (BrowserProtect)

SRV - [2013.03.15 07:46:27 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2013.03.14 22:07:46 | 000,383,264 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.12.14 13:45:40 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Stopped] -- C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP)

SRV - [2012.11.29 17:06:44 | 001,723,744 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)

SRV - [2012.11.29 17:06:44 | 000,029,536 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\System32\uxtuneup.dll -- (UxTuneUp)

SRV - [2010.11.20 14:17:56 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2010.03.25 10:25:22 | 030,969,208 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)

SRV - [2010.01.09 21:37:50 | 004,640,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010.01.09 21:18:00 | 000,149,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE -- (ose)

SRV - [2009.07.14 03:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)

SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)

DRV - [2013.04.24 19:45:35 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)

DRV - [2013.04.24 19:45:35 | 000,044,432 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)

DRV - [2013.04.24 19:45:26 | 000,594,528 | ---- | M] (Kaspersky Lab ZAO) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)

DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)

DRV - [2013.04.03 09:58:16 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)

DRV - [2013.04.03 09:58:16 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)

DRV - [2013.03.15 07:46:27 | 008,952,608 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)

DRV - [2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)

DRV - [2012.08.23 16:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2012.08.23 16:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)

DRV - [2012.07.19 07:57:52 | 000,010,088 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)

DRV - [2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (kl1)

DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010.08.12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)

DRV - [2009.07.14 00:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)

DRV - [2006.07.24 16:05:00 | 000,005,632 | ---- | M] () [File_System | System | Running] -- C:\Windows\System32\drivers\StarOpen.sys -- (StarOpen)

DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)

DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI32)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.order.1: "Delta Search"

FF - prefs.js..browser.search.selectedEngine: "Delta Search"

FF - prefs.js..browser.search.useDBForOrder: true

FF - prefs.js..browser.startup.homepage: "hxxp://www.delta-search.com/?affID=121562&tt=gc_&babsrc=HP_ss&mntrId=74C76470021311EA"

FF - prefs.js..extensions.enabledAddons: %7BACAA314B-EEBA-48e4-AD47-84E31C44796C%7D:1.0.10

FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4307

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0

FF - prefs.js..network.proxy.type: 4

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_202.dll ()

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)

FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@autodesk.com/DWF: C:\Program Files\Autodesk\Autodesk Design Review Browser Add-on v1.2\npADRdwf.dll (Autodesk)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.04.24 19:45:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\anti_banner@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.04.24 19:45:56 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\online_banking@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.04.24 19:46:01 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.22 22:09:09 | 000,000,000 | ---D | M]

 

[2013.04.10 20:51:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Extensions

[2013.05.30 00:35:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Firefox\Profiles\mData\Kaspersky Lab\SafeBrowser\S-1-5-21-2092381075-737353353-2565579881-1000\FireFox\extensions

[2013.05.30 11:16:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\Firefox\Profiles\sfgcbg9b.default-1369903118924\Extensions

[2013.05.30 11:16:42 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Jup\AppData\Roaming\mozilla\firefox\profiles\sfgcbg9b.default-1369903118924\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

[2013.05.30 00:24:27 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\Extensions

[2013.05.29 18:46:54 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions

[2013.05.29 18:46:54 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\extensions

[2013.05.29 18:44:25 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\updated\extensions\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\updated\browser\extensions

[2013.05.29 18:44:32 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

 

O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Programme\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)

O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O3 - HKLM\..\Toolbar: (Grab Pro) - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - C:\Programme\Orbitdownloader\GrabPro.dll ()

O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)

O4 - HKLM..\Run: [Chew7Hale] C:\Windows\System32\hale.exe ()

O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKCU..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe (IncrediMail, Ltd.)

O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)

O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O4 - HKCU..\Run: [PeerBlock] C:\Programme\PeerBlock\peerblock.exe (PeerBlock, LLC)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: &Download by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: &Grab video by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: Do&wnload selected by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Down&load all by Orbit - C:\Program Files\Orbitdownloader\orbitmxt.dll (Orbitdownloader.com)

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre7\bin\jp2iexp.dll ()

O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)

O9 - Extra Button: Enviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : E&nviar para o OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9 - Extra Button: &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra 'Tools' menuitem : &Notas Ligadas do OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Programme\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)

O13 - gopher Prefix: missing

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Reg Error: Value error.)

O16 - DPF: {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Java Plug-in 1.5.0_22)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_22-windows-i586.cab (Java Plug-in 10.17.2)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7FF566B5-3362-40A7-80B6-14192ADEA9B7}: NameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EDF11186-A743-4ACC-9FEA-C318A6345F22}: NameServer = 192.168.1.1,192.168.1.2

O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)

O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20 - AppInit_DLLs: (c:\progra~2\browse~1\261249~1.132\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll ()

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\misc.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O27 - HKLM IFEO\Winword.exe: Debugger - C:\Program Files\TuneUp Utilities 2013\TUAutoReactivator32.exe (TuneUp Software)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O32 - AutoRun File - [2009.04.29 11:02:01 | 000,000,055 | R--- | M] () - D:\autorun.inf -- [ CDFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.05.31 15:21:33 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\Neuer Ordner (2)

[2013.05.31 14:02:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe

[2013.05.30 10:38:49 | 000,000,000 | ---D | C] -- C:\Users\Jup\Desktop\Alte Firefox-Daten

[2013.05.30 00:24:30 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect

[2013.05.30 00:23:51 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserProtect

[2013.05.30 00:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon

[2013.05.30 00:17:22 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Babylon

[2013.05.30 00:17:02 | 000,000,000 | ---D | C] -- C:\Windows\Sun

[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\OpenCandy

[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\DVDVideoSoft

[2013.05.30 00:15:51 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DVDVideoSoft

[2013.05.29 23:28:36 | 000,000,000 | ---D | C] -- C:\Users\Jup\.jordan

[2013.05.29 23:01:59 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump

[2013.05.29 22:51:39 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\SelfMV

[2013.05.29 22:41:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log

[2013.05.29 22:41:48 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Local\Samsung

[2013.05.29 22:41:36 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\samsung

[2013.05.29 22:40:34 | 000,181,912 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudmdm.sys

[2013.05.29 22:40:34 | 000,083,864 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\System32\drivers\ssudbus.sys

[2013.05.29 22:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec

[2013.05.29 22:38:17 | 000,000,000 | ---D | C] -- C:\Program Files\MyFree Codec

[2013.05.29 22:34:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung

[2013.05.29 22:34:10 | 004,659,712 | ---- | C] (Dmitry Streblechenko) -- C:\Windows\System32\Redemption.dll

[2013.05.29 22:33:51 | 000,821,824 | ---- | C] (Devguru Co., Ltd.) -- C:\Windows\System32\dgderapi.dll

[2013.05.29 22:33:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung

[2013.05.29 22:33:13 | 000,000,000 | ---D | C] -- C:\Program Files\Samsung

[2013.05.29 22:27:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2013.05.29 22:10:09 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Local\Downloaded Installations

[2013.05.29 21:43:17 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\Samsung

[2013.05.29 21:33:44 | 000,000,000 | ---D | C] -- C:\Windows\System32\Samsung_USB_Drivers

[2013.05.19 11:24:20 | 000,000,000 | ---D | C] -- C:\Users\Jup\Documents\Neuer Ordner

[2013.05.19 11:06:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Orbit

[2013.05.10 19:26:15 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\elsterformular

[2013.05.10 19:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular

[2013.05.10 19:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\elsterformular

[2013.05.10 19:25:45 | 000,000,000 | ---D | C] -- C:\Program Files\ElsterFormular

[2013.05.10 19:13:21 | 000,000,000 | ---D | C] -- C:\Users\Jup\appleJuice

[2013.05.10 19:03:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\appleJuice

[2013.05.10 19:03:48 | 000,000,000 | ---D | C] -- C:\Program Files\appleJuice

[2013.05.07 17:40:51 | 000,000,000 | ---D | C] -- C:\Users\Jup\AppData\Roaming\EPSON

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.05.31 14:46:18 | 000,010,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.05.31 14:46:18 | 000,010,112 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.05.31 14:03:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jup\Desktop\OTL.exe

[2013.05.31 12:52:33 | 000,721,524 | ---- | M] () -- C:\Windows\System32\prfh0816.dat

[2013.05.31 12:52:33 | 000,700,168 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013.05.31 12:52:33 | 000,654,880 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.05.31 12:52:33 | 000,152,446 | ---- | M] () -- C:\Windows\System32\prfc0816.dat

[2013.05.31 12:52:33 | 000,148,964 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013.05.31 12:52:33 | 000,121,752 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.05.31 12:42:44 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.05.31 12:42:40 | 2415,357,952 | -HS- | M] () -- C:\hiberfil.sys

[2013.05.30 00:16:15 | 000,001,364 | ---- | M] () -- C:\Users\Jup\Desktop\Free YouTube to MP3 Converter.lnk

[2013.05.29 22:41:25 | 000,001,956 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

[2013.05.29 22:41:25 | 000,001,946 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Kies.lnk

[2013.05.29 21:43:11 | 000,000,000 | ---- | M] () -- C:\ProgramData\LauncherAccess.dt

[2013.05.29 18:46:56 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013.05.29 16:16:10 | 000,008,704 | ---- | M] () -- C:\Users\Jup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013.05.20 13:16:35 | 000,007,605 | ---- | M] () -- C:\Users\Jup\AppData\Local\Resmon.ResmonCfg

[2013.05.19 11:21:47 | 000,010,754 | ---- | M] () -- C:\Users\Jup\Documents\IncrediMail exportierte Kontakte (CSV-Format).csv

[2013.05.19 11:06:26 | 000,001,017 | ---- | M] () -- C:\Users\Jup\Desktop\Orbit.lnk

[2013.05.15 16:46:24 | 000,486,928 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.05.10 19:25:51 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\ElsterFormular.lnk

[2013.05.10 19:12:27 | 000,001,660 | ---- | M] () -- C:\Users\Jup\Desktop\appleJuice Client (Core).lnk

[2013.05.10 19:06:50 | 000,001,980 | ---- | M] () -- C:\Users\Jup\Desktop\appleJuice Client (GUI).lnk

 
 ========== Files Created - No Company Name ==========

 

[2013.05.29 22:41:25 | 000,001,956 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies (Lite).lnk

[2013.05.29 22:41:25 | 000,001,946 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Kies.lnk

[2013.05.29 21:43:11 | 000,000,000 | ---- | C] () -- C:\ProgramData\LauncherAccess.dt

[2013.05.29 21:40:10 | 000,005,632 | ---- | C] () -- C:\Windows\System32\drivers\StarOpen.sys

[2013.05.10 19:25:51 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\ElsterFormular.lnk

[2013.05.10 19:06:50 | 000,001,980 | ---- | C] () -- C:\Users\Jup\Desktop\appleJuice Client (GUI).lnk

[2013.05.10 19:06:46 | 000,001,660 | ---- | C] () -- C:\Users\Jup\Desktop\appleJuice Client (Core).lnk

[2013.05.10 19:03:48 | 000,087,040 | ---- | C] () -- C:\Windows\System32\TrayIcon12.dll

[2013.05.10 19:03:48 | 000,061,952 | ---- | C] () -- C:\Windows\System32\ajnetmask.dll

[2013.04.18 22:27:59 | 002,169,856 | -HS- | C] () -- C:\Windows\System32\hale.exe

[2013.04.18 19:07:00 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2013.04.18 19:06:46 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2013.04.18 19:06:46 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2013.04.18 19:06:46 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2013.04.18 19:06:46 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2013.04.17 16:44:34 | 000,008,704 | ---- | C] () -- C:\Users\Jup\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2013.04.12 21:17:49 | 000,129,024 | ---- | C] () -- C:\Windows\UNWISE.EXE

[2013.04.12 21:17:04 | 000,037,888 | ---- | C] () -- C:\Windows\System32\AVIwrap.dll

[2013.04.12 21:17:00 | 000,028,672 | ---- | C] () -- C:\Windows\System32\libmpeg2_ff.dll

[2013.04.12 21:17:00 | 000,008,704 | ---- | C] () -- C:\Windows\System32\TomsMoComp_ff.dll

[2013.04.12 21:16:59 | 000,077,664 | ---- | C] () -- C:\Windows\System32\IR21_R.DLL

[2013.04.12 21:16:59 | 000,019,968 | ---- | C] () -- C:\Windows\System32\Iyvu9_32.dll

[2013.04.12 21:16:58 | 000,180,736 | ---- | C] () -- C:\Windows\System32\vfcodec.dll

[2013.04.12 21:16:57 | 000,202,240 | ---- | C] () -- C:\Windows\System32\XviD.dll

[2013.04.12 21:15:12 | 000,650,752 | ---- | C] () -- C:\Windows\System32\xvidcore.dll

[2013.04.12 21:15:12 | 000,243,200 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll

[2013.04.12 21:15:12 | 000,079,360 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll

[2013.04.12 19:23:10 | 000,000,184 | ---- | C] () -- C:\Windows\AutoKMS.ini

[2013.04.11 22:31:51 | 000,007,605 | ---- | C] () -- C:\Users\Jup\AppData\Local\Resmon.ResmonCfg

[2013.04.11 21:20:14 | 001,513,984 | ---- | C] () -- C:\Windows\System32\Mgxrdr80.dll

[2013.04.11 21:20:12 | 000,338,944 | ---- | C] () -- C:\Windows\System32\LFFPX7.DLL

[2013.04.11 21:20:12 | 000,118,784 | ---- | C] () -- C:\Windows\System32\LFKODAK.DLL

[2013.04.11 21:19:50 | 000,064,000 | ---- | C] () -- C:\Windows\System32\Ppiv30.dll

[2013.04.11 21:19:50 | 000,000,986 | ---- | C] () -- C:\Windows\Mgxclean.sys

[2013.04.11 21:19:50 | 000,000,100 | ---- | C] () -- C:\Windows\MGXCLEAN.DAT

[2013.04.11 19:10:32 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe

[2013.04.11 19:09:42 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe

[2013.04.10 20:44:22 | 000,721,524 | ---- | C] () -- C:\Windows\System32\prfh0816.dat

[2013.04.10 20:44:22 | 000,336,656 | ---- | C] () -- C:\Windows\System32\prfi0816.dat

[2013.04.10 20:44:22 | 000,152,446 | ---- | C] () -- C:\Windows\System32\prfc0816.dat

[2013.04.10 20:44:22 | 000,040,548 | ---- | C] () -- C:\Windows\System32\prfd0816.dat

[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2013.04.12 21:51:21 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Autodesk

[2013.05.30 00:17:22 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Babylon

[2013.05.30 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\DVDVideoSoft

[2013.04.12 21:35:04 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\DVDVideoSoftIEHelpers

[2013.05.10 19:26:17 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\elsterformular

[2013.05.07 17:40:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\EPSON

[2013.04.12 23:02:09 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\GrabPro

[2013.05.30 00:15:51 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\OpenCandy

[2013.05.29 17:01:09 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Orbit

[2013.04.12 22:53:27 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\ProgSense

[2013.05.29 22:41:47 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\Samsung

[2013.04.11 22:54:28 | 000,000,000 | ---D | M] -- C:\Users\Jup\AppData\Roaming\TuneUp Software

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2013.04.10 18:38:43 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin

[2013.04.12 21:17:49 | 000,000,000 | ---D | M] -- C:\audio

[2013.05.29 23:26:10 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2009.07.14 06:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2013.05.29 17:59:42 | 000,000,000 | ---D | M] -- C:\downloads

[2013.04.12 22:29:07 | 000,000,000 | ---D | M] -- C:\Java5_22

[2013.04.12 18:14:38 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2009.07.14 04:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2013.04.11 19:17:22 | 000,000,000 | ---D | M] -- C:\Progi

[2013.05.30 00:35:51 | 000,000,000 | R--D | M] -- C:\Program Files

[2013.05.30 00:23:51 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Programme

[2013.04.10 18:38:28 | 000,000,000 | -HSD | M] -- C:\Recovery

[2013.05.31 14:10:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2013.04.13 18:29:58 | 000,000,000 | ---D | M] -- C:\Tsunami-Filter-Pack

[2013.04.10 19:32:38 | 000,000,000 | R--D | M] -- C:\Users

[2013.05.30 00:17:02 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2010.11.20 14:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2009.07.14 06:53:46 | 000,031,372 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2009.07.14 06:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys

[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys

[2009.07.14 03:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys

[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys

[2009.07.14 03:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe

[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe

[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe

[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe

[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe

[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe

[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\SMALL\Explorer.exe

[2012.07.19 08:12:38 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=9880F8FADFF45A0175E0BBDFD9D31F5B -- C:\Windows\Resources\Themes\Explorer\x64\SMALL\Explorer.exe

[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\BIG\Explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B29FCEEBEE938506FB23B8A9CE898B9C -- C:\Windows\Resources\Themes\Explorer\x86\BIG\Explorer.exe

[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe

[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x64\BIG\Explorer.exe

[2012.07.19 08:12:36 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=B6365B1E0EB9191ED4D916B2A94EBA67 -- C:\Windows\Resources\Themes\Explorer\x64\BIG\Explorer.exe

[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe

[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\ProgramData\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Users\All Users\TuneUp Software\TuneUp Utilities\WinStyler\VisualStyles\Explorer\x86\SMALL\Explorer.exe

[2012.07.19 08:12:38 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=D1FA2634386B7E4E96CFFB9063EE6833 -- C:\Windows\Resources\Themes\Explorer\x86\SMALL\Explorer.exe

 
 < MD5 for: IASTORV.SYS  >

[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys

[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 07:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys

[2011.03.11 07:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys

[2011.03.11 07:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys

[2009.07.14 03:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys

[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 14:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

[2011.03.11 07:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll

[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys

[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 07:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys

[2011.03.11 07:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys

[2011.03.11 07:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys

[2011.03.11 07:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys

[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 14:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

[2009.07.14 03:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll

[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\ProgramData\Microsoft\Windows\SXS\32\user32.dll

[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Users\All Users\Microsoft\Windows\SXS\32\user32.dll

[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll

[2009.07.14 03:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=85AEB26057AAC125EEC1425305F86960 -- C:\Windows\System32\user32.dll

[2010.11.20 14:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=1562571D6B1541098E677C3BB78709A0 -- C:\Windows\System32\winlogon.exe

[2009.10.28 08:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe

[2009.10.28 07:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe

[2010.11.20 14:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\ProgramData\Microsoft\Windows\SXS\32\winlogon.exe

[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Users\All Users\Microsoft\Windows\SXS\32\winlogon.exe

[2009.07.14 03:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2009.07.14 01:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

[2012.06.19 17:28:12 | 000,136,024 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kl1.sys

[2013.04.24 19:45:21 | 000,074,848 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klflt.sys

[2013.04.24 19:45:26 | 000,594,528 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klif.sys

[2012.08.02 15:09:30 | 000,024,408 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\klim6.sys

[2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klkbdflt.sys

[2012.12.14 13:45:34 | 000,025,944 | ---- | M] (Kaspersky Lab) Unable to obtain MD5 -- C:\Windows\system32\drivers\klmouflt.sys

[2013.04.24 19:45:35 | 000,044,432 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kltdi.sys

[2013.04.24 19:45:35 | 000,145,040 | ---- | M] (Kaspersky Lab ZAO) Unable to obtain MD5 -- C:\Windows\system32\drivers\kneps.sys

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %USERPROFILE%\*.* >

[2013.05.31 15:34:50 | 002,359,296 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT

[2013.05.31 15:34:50 | 000,262,144 | -HS- | M] () -- C:\Users\Jup\ntuser.dat.LOG1

[2013.04.10 18:38:32 | 000,000,000 | -HS- | M] () -- C:\Users\Jup\ntuser.dat.LOG2

[2013.04.10 18:56:39 | 000,065,536 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2013.04.10 18:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2013.04.10 18:56:39 | 000,524,288 | -HS- | M] () -- C:\Users\Jup\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2013.04.10 18:38:32 | 000,000,020 | -HS- | M] () -- C:\Users\Jup\ntuser.ini

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

 
 <           >
 

< End of report >

--- --- ---

Extra.txt
OTL Logfile:

Code:

OTL Extras logfile created on: 31.05.2013 15:22:06 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jup\Desktop

 Enterprise Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 1,81 Gb Available Physical Memory | 60,43% Memory free

6,00 Gb Paging File | 4,70 Gb Available in Paging File | 78,34% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465,66 Gb Total Space | 216,72 Gb Free Space | 46,54% Space Free | Partition Type: NTFS

Drive D: | 0,38 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

 

Computer Name: JUP-PC | User Name: Jup | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)

htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

"DisableMonitoring" = 1

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"DisableNotifications" = 0

"EnableFirewall" = 0

 
 ========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files\Orbitdownloader\orbitdm.exe" = C:\Program Files\Orbitdownloader\orbitdm.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

"C:\Program Files\Orbitdownloader\orbitnet.exe" = C:\Program Files\Orbitdownloader\orbitnet.exe:*:Enabled:Orbit -- (Orbitdownloader.com)

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{10C648BE-D6FF-4B19-9CD2-4CB36F107009}" = lport=138 | protocol=17 | dir=in | app=system | 

"{145F7533-138C-431A-8CBD-B224B66EC78E}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{298487AF-EF14-4064-9688-569CE42F9943}" = rport=139 | protocol=6 | dir=out | app=system | 

"{2B12C3AF-3A5A-48D6-A275-7D2EBC55E68E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{4A21BB4B-BA81-44A1-8BCE-ACCD1AB04D3F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 

"{715F0689-ACDC-4E4F-AE01-8E44AA58F0E6}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{792C7551-8520-4B75-A89A-1DAEA9288073}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{7ECA4F0A-1929-4880-A8A3-29B98966BB64}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{81CCCFDA-6F4C-4B2E-BABB-1B5DE51F158C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{9BBCF809-39BB-4162-BAED-9E669223EF23}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{A0D6AB44-DAE3-4398-9C30-FE81C4D643A7}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{A53C2C7C-0FC4-45A3-97B8-56564E3F7906}" = rport=137 | protocol=17 | dir=out | app=system | 

"{A9947750-FFC9-4D8E-961A-B37B189B3F30}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{C4B8DC76-64FC-4269-AC5F-1C3FF32B710B}" = rport=138 | protocol=17 | dir=out | app=system | 

"{CCAABA95-B895-4928-B827-8C184107C9C9}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{D0B6A957-9A45-41F1-BD3C-938C51983CE5}" = lport=139 | protocol=6 | dir=in | app=system | 

"{D9334A36-E5B8-4ACC-94C4-E89F0D10911A}" = rport=445 | protocol=6 | dir=out | app=system | 

"{DE45CF6F-B7D3-478C-A8B4-13D5C62D7DD7}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{F1E42304-1002-4010-B73E-B4CADD064907}" = lport=445 | protocol=6 | dir=in | app=system | 

"{F5D1E8CC-8FEB-4D1D-B8C9-FCC0533B9E01}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{FD096B16-4356-482C-A37B-9F2A13AE78BD}" = lport=137 | protocol=17 | dir=in | app=system | 

"{FEA30DA6-35D1-41CF-A888-7C6B6F0DDAA9}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02C9B530-1A90-4E9E-9FC6-E3566A5C61EF}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 

"{3598D15D-6092-464A-B57F-AA69627F8730}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{4944C5CE-44D3-4A04-82F5-85377DB6CEF4}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 

"{4D3A06C6-4807-4A61-82F6-9E3D5AA3D631}" = protocol=6 | dir=out | app=system | 

"{5636FAA0-54EA-4773-B93A-1C8E6EAA3614}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{69CD783E-D344-4015-84F7-65A49A53B489}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{844D82D8-A320-4A79-AB07-1622897F5BCE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{9A54CE0F-98A1-4CD1-81C9-08812B0C99DD}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{9B2B9FA4-C80C-4089-9164-EF41470BDB8F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{9EFDFE35-4AB2-4B92-BC89-B0FE32311039}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{A21D38D4-6490-406D-97A1-0D6D772699F0}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{A90A8B1F-6E4A-427F-BB80-53E4ACC4639F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{BF09A6C1-11B8-4C70-9DA1-EB907681408F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C7C1C725-8B3D-4FA7-8687-4C44FE5407A2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{CB03793E-ADFD-441B-88EA-3B358AACF113}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{CC97B194-B47F-4377-A53C-4BA24B2A8C04}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{D0E6A6A2-34E9-4CAF-8895-C44170DCEB2D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{EE489FF7-0560-4EA8-B3F7-3AD982D64FF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{FC215C45-06BE-4257-BF74-D0551B097769}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{FE00E67A-CC74-4F00-A3E4-6871FEB11CCD}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{015C5B35-B678-451C-9AEE-821E8D69621C}_is1" = PeerBlock 1.1 (r518)

"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended

"{0EFDE8F4-691D-4CB0-B4C1-0BD63B0907FF}" = IncrediMail

"{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}" = BrowserProtect

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21

"{31B5B620-CA8A-4F99-A64E-7DDB3D1BBB69}_is1" = appleJuice Client

"{3248F0A8-6813-11D6-A77B-00B0D0150220}" = J2SE Runtime Environment 5.0 Update 22

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"{5783F2D7-A028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2012

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762

"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0816-0000-0000000FF1CE}" = Microsoft Office Access MUI (Portuguese (Portugal)) 2010

"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0816-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Portuguese (Portugal)) 2010

"{90140000-0017-0816-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (Portuguese (Portugal)) 2010

"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0816-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Portuguese (Portugal)) 2010

"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0816-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Portuguese (Portugal)) 2010

"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0816-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Portuguese (Portugal)) 2010

"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0816-0000-0000000FF1CE}" = Microsoft Office Word MUI (Portuguese (Portugal)) 2010

"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0816-0000-0000000FF1CE}" = Microsoft Office Proof (Portuguese (Portugal)) 2010

"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010

"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0816-0000-0000000FF1CE}" = Microsoft Office Proofing (Portuguese (Portugal)) 2010

"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0816-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Portuguese (Portugal)) 2010

"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0816-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Portuguese (Portugal)) 2010

"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0816-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Portuguese (Portugal)) 2010

"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0816-0000-0000000FF1CE}" = Microsoft Office Groove MUI (Portuguese (Portugal)) 2010

"{90140000-0100-0816-0000-0000000FF1CE}" = Microsoft Office O MUI (Portuguese (Portugal)) 2010

"{90140000-0101-0816-0000-0000000FF1CE}" = Microsoft Office X MUI (Portuguese (Portugal)) 2010

"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9E4D5A41-1051-4F1A-8342-ECB26CA0C86C}" = Autodesk Design Review 2012

"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch

"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 314.22

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player

"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013

"{CD49E43B-88B1-48AD-A3AF-43FAAAB41CB8}" = Autodesk Design Review Browser Add-on v1.2 

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DCFF9230-22DC-40ED-BBCC-0F260B85734C}" = Tsunami-Filter-Pack

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Autodesk Design Review 2012" = Autodesk Design Review 2012

"CCleaner" = CCleaner

"CDex" = CDex extraction audio

"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters

"DWG TrueView 2012" = DWG TrueView 2012

"ElsterFormular" = ElsterFormular

"EPSON Printer and Utilities" = EPSON-Drucker-Software

"EPSON Scanner" = EPSON Scan

"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.2.430

"HyperSnap 7" = HyperSnap 7

"IncrediMail" = IncrediMail 2.0

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013

"IsoBuster_is1" = IsoBuster 2.8

"KLiteCodecPack_is1" = K-Lite Codec Pack 8.1.0 (Full)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300

"Micrografx Picture Publisher 8" = Micrografx Picture Publisher 8

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Mp3 Codec" = Mpeg Layer3 Codec FHG-Radium v1.263

"NimoCorp" = Nimo Codecs Pack v5.0 (Remove Only)

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Office14.OMUI.pt-pt" = Microsoft Office Language Pack 2010 - Portuguese/Português

"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010

"Orbit_is1" = Orbit Downloader

"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator

"TuneUp Utilities 2013" = TuneUp Utilities 2013

"VLC media player" = VLC media player 2.0.2

"WashAndGo_is1" = WashAndGo

"WinRAR archiver" = WinRAR archiver

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"MyFreeCodec" = MyFreeCodec

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 16.05.2013 11:22:43 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:

 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:

 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:

 0x2590  Startzeit der fehlerhaften Anwendung: 0x01ce524932181b70  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:

 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 73dde7b0-be3c-11e2-a94d-6470021311ea

 

Error - 17.05.2013 08:35:09 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:

 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:

 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:

 0x2fd4  Startzeit der fehlerhaften Anwendung: 0x01ce52faef8dbbe0  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:

 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 358b6570-beee-11e2-a211-6470021311ea

 

Error - 17.05.2013 08:36:37 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:

 0x5052a17e  Name des fehlerhaften Moduls: SoftUpdater.dll_unloaded, Version: 0.0.0.0,

 Zeitstempel: 0x5052a233  Ausnahmecode: 0xc0000005  Fehleroffset: 0x1008078a  ID des fehlerhaften

 Prozesses: 0x3770  Startzeit der fehlerhaften Anwendung: 0x01ce52fb042b4a90  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften

 Moduls: SoftUpdater.dll  Berichtskennung: 69d97ac4-beee-11e2-a211-6470021311ea

 

Error - 18.05.2013 07:54:05 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: orbitdm.exe, Version: 4.1.1.2, Zeitstempel:

 0x5052a17e  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.17725, Zeitstempel:

 0x4ec49b60  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00059da1  ID des fehlerhaften Prozesses:

 0x4e2c  Startzeit der fehlerhaften Anwendung: 0x01ce53be61d0ab40  Pfad der fehlerhaften

 Anwendung: C:\Program Files\Orbitdownloader\orbitdm.exe  Pfad des fehlerhaften Moduls:

 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: a337e684-bfb1-11e2-934a-6470021311ea

 

Error - 22.05.2013 16:42:09 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 20.0.1.4847,

 Zeitstempel: 0x51650aee  Name des fehlerhaften Moduls: xul.dll, Version: 20.0.1.4847,

 Zeitstempel: 0x51650a09  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000b10e8  ID des fehlerhaften

 Prozesses: 0x41e4  Startzeit der fehlerhaften Anwendung: 0x01ce56fc141bf940  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften

 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: 12524ed0-c320-11e2-b09d-6470021311ea

 

Error - 22.05.2013 16:53:32 | Computer Name = Jup-PC | Source = Application Hang | ID = 1002

Description = Programm OneClick.exe, Version 13.0.3000.133 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 3850    Startzeit: 01ce56fdfb0f6d90    Endzeit: 466    Anwendungspfad:

 C:\Program Files\TuneUp Utilities 2013\OneClick.exe    Berichts-ID: a0a919b1-c321-11e2-b09d-6470021311ea
 

 

Error - 29.05.2013 13:03:12 | Computer Name = Jup-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,

 Zeitstempel: 0x518ec3cc  Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,

 Zeitstempel: 0x518ec306  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001c9789  ID des fehlerhaften

 Prozesses: 0x1890  Startzeit der fehlerhaften Anwendung: 0x01ce5c8c234a4da0  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Mozilla Firefox\firefox.exe  Pfad des fehlerhaften

 Moduls: C:\Program Files\Mozilla Firefox\xul.dll  Berichtskennung: a478d980-c881-11e2-9786-6470021311ea

 

Error - 29.05.2013 15:33:14 | Computer Name = Jup-PC | Source = VSS | ID = 8194

Description = 

 

Error - 29.05.2013 16:03:18 | Computer Name = Jup-PC | Source = VSS | ID = 8194

Description = 

 

Error - 30.05.2013 05:29:15 | Computer Name = Jup-PC | Source = Application Hang | ID = 1002

Description = Programm WORDPAD.EXE, Version 6.1.7601.17514 kann nicht mehr unter

 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 

in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem

 zu suchen.    Prozess-ID: 22f8    Startzeit: 01ce5d17d9942a00    Endzeit: 47    Anwendungspfad:

 C:\Program Files\Windows NT\Accessories\WORDPAD.EXE    Berichts-ID: 5a9c1d61-c90b-11e2-b343-6470021311ea
 

 

[ System Events ]

Error - 29.05.2013 17:37:17 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 30.05.2013 03:39:15 | Computer Name = Jup-PC | Source = EventLog | ID = 6008

Description = Das System wurde zuvor am ?30.?05.?2013 um 00:36:17 unerwartet heruntergefahren.

 

Error - 30.05.2013 03:42:03 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 30.05.2013 03:42:03 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 30.05.2013 04:50:36 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 30.05.2013 04:50:36 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 30.05.2013 05:16:51 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 30.05.2013 05:16:51 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

Error - 31.05.2013 06:45:08 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7038

Description = Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser"

 mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:   %%1330    Vergewissern

 Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft

 Management Console (MMC).

 

Error - 31.05.2013 06:45:08 | Computer Name = Jup-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden

 Fehlers nicht gestartet:   %%1069

 

 

< End of report >

--- --- ---

Hier

18:41:33.0309 3192 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:41:33.0693 3192 ============================================================
18:41:33.0693 3192 Current date / time: 2013/05/31 18:41:33.0693
18:41:33.0693 3192 SystemInfo:
18:41:33.0693 3192
18:41:33.0693 3192 OS Version: 6.1.7601 ServicePack: 1.0
18:41:33.0693 3192 Product type: Workstation
18:41:33.0693 3192 ComputerName: JUP-PC
18:41:33.0693 3192 UserName: Jup
18:41:33.0693 3192 Windows directory: C:\Windows
18:41:33.0693 3192 System windows directory: C:\Windows
18:41:33.0693 3192 Processor architecture: Intel x86
18:41:33.0693 3192 Number of processors: 1
18:41:33.0693 3192 Page size: 0x1000
18:41:33.0693 3192 Boot type: Normal boot
18:41:33.0693 3192 ============================================================
18:41:39.0928 3192 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xCF0156, SectorsPerTrack: 0x4, TracksPerCylinder: 0x12, Type 'K0', Flags 0x00000050
18:41:39.0947 3192 ============================================================
18:41:39.0947 3192 \Device\Harddisk0\DR0:
18:41:39.0948 3192 MBR partitions:
18:41:39.0948 3192 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:41:39.0948 3192 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
18:41:39.0948 3192 ============================================================
18:41:39.0988 3192 C: <-> \Device\Harddisk0\DR0\Partition2
18:41:39.0988 3192 ============================================================
18:41:39.0988 3192 Initialize success
18:41:39.0988 3192 ============================================================
18:42:52.0002 13836 ============================================================
18:42:52.0002 13836 Scan started
18:42:52.0002 13836 Mode: Manual; SigCheck; TDLFS;
18:42:52.0002 13836 ============================================================
18:42:52.0442 13836 ================ Scan system memory ========================
18:42:52.0443 13836 System memory - ok
18:42:52.0445 13836 ================ Scan services =============================
18:42:52.0593 13836 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:42:52.0762 13836 1394ohci - ok
18:42:52.0825 13836 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:42:52.0841 13836 ACPI - ok
18:42:52.0881 13836 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:42:52.0980 13836 AcpiPmi - ok
18:42:53.0042 13836 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
18:42:53.0071 13836 AdobeARMservice - ok
18:42:53.0110 13836 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:42:53.0129 13836 adp94xx - ok
18:42:53.0138 13836 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:42:53.0153 13836 adpahci - ok
18:42:53.0164 13836 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:42:53.0178 13836 adpu320 - ok
18:42:53.0207 13836 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:42:53.0281 13836 AeLookupSvc - ok
18:42:53.0360 13836 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
18:42:53.0508 13836 AFD - ok
18:42:53.0535 13836 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
18:42:53.0557 13836 agp440 - ok
18:42:53.0582 13836 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
18:42:53.0595 13836 aic78xx - ok
18:42:53.0623 13836 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
18:42:53.0746 13836 ALG - ok
18:42:53.0788 13836 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
18:42:53.0801 13836 aliide - ok
18:42:53.0830 13836 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
18:42:53.0842 13836 amdagp - ok
18:42:53.0863 13836 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
18:42:53.0875 13836 amdide - ok
18:42:53.0894 13836 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:42:53.0998 13836 AmdK8 - ok
18:42:54.0031 13836 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:42:54.0152 13836 AmdPPM - ok
18:42:54.0170 13836 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:42:54.0183 13836 amdsata - ok
18:42:54.0212 13836 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:42:54.0227 13836 amdsbs - ok
18:42:54.0244 13836 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:42:54.0256 13836 amdxata - ok
18:42:54.0290 13836 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
18:42:54.0353 13836 AppID - ok
18:42:54.0371 13836 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:42:54.0478 13836 AppIDSvc - ok
18:42:54.0534 13836 [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo C:\Windows\System32\appinfo.dll
18:42:54.0619 13836 Appinfo - ok
18:42:54.0686 13836 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
18:42:54.0809 13836 AppMgmt - ok
18:42:54.0816 13836 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:42:54.0828 13836 arc - ok
18:42:54.0844 13836 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:42:54.0857 13836 arcsas - ok
18:42:54.0893 13836 [ B979979AB8027F7F53FB16EC4229B7DB ] ASPI32 C:\Windows\system32\drivers\ASPI32.sys
18:42:54.0977 13836 ASPI32 ( UnsignedFile.Multi.Generic ) - warning
18:42:54.0977 13836 ASPI32 - detected UnsignedFile.Multi.Generic (1)
18:42:55.0036 13836 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:42:55.0047 13836 aspnet_state - ok
18:42:55.0073 13836 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:42:55.0211 13836 AsyncMac - ok
18:42:55.0256 13836 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
18:42:55.0267 13836 atapi - ok
18:42:55.0318 13836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:42:55.0422 13836 AudioEndpointBuilder - ok
18:42:55.0440 13836 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
18:42:55.0472 13836 Audiosrv - ok
18:42:55.0530 13836 [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
18:42:55.0574 13836 AVP - ok
18:42:55.0623 13836 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:42:55.0703 13836 AxInstSV - ok
18:42:55.0741 13836 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
18:42:55.0821 13836 b06bdrv - ok
18:42:55.0837 13836 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
18:42:55.0904 13836 b57nd60x - ok
18:42:55.0933 13836 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
18:42:56.0018 13836 BDESVC - ok
18:42:56.0036 13836 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
18:42:56.0122 13836 Beep - ok
18:42:56.0174 13836 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
18:42:56.0346 13836 BFE - ok
18:42:56.0376 13836 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
18:42:56.0437 13836 BITS - ok
18:42:56.0458 13836 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:42:56.0521 13836 blbdrive - ok
18:42:56.0544 13836 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:42:56.0651 13836 bowser - ok
18:42:56.0671 13836 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:42:56.0859 13836 BrFiltLo - ok
18:42:56.0871 13836 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:42:56.0965 13836 BrFiltUp - ok
18:42:56.0993 13836 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
18:42:57.0095 13836 Browser - ok
18:42:57.0273 13836 [ D9C8DC2D7EC28E3FF25C99EF17C8631A ] BrowserProtect C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
18:42:57.0351 13836 BrowserProtect - ok
18:42:57.0379 13836 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:42:57.0475 13836 Brserid - ok
18:42:57.0489 13836 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:42:57.0574 13836 BrSerWdm - ok
18:42:57.0579 13836 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:42:57.0683 13836 BrUsbMdm - ok
18:42:57.0689 13836 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:42:57.0830 13836 BrUsbSer - ok
18:42:57.0836 13836 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:42:57.0899 13836 BTHMODEM - ok
18:42:57.0938 13836 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
18:42:58.0027 13836 bthserv - ok
18:42:58.0054 13836 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:42:58.0215 13836 cdfs - ok
18:42:58.0257 13836 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:42:58.0387 13836 cdrom - ok
18:42:58.0426 13836 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
18:42:58.0501 13836 CertPropSvc - ok
18:42:58.0519 13836 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:42:58.0582 13836 circlass - ok
18:42:58.0603 13836 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
18:42:58.0618 13836 CLFS - ok
18:42:58.0682 13836 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:42:58.0710 13836 clr_optimization_v2.0.50727_32 - ok
18:42:58.0771 13836 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:42:58.0783 13836 clr_optimization_v4.0.30319_32 - ok
18:42:58.0790 13836 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:42:58.0845 13836 CmBatt - ok
18:42:58.0859 13836 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:42:58.0870 13836 cmdide - ok
18:42:58.0902 13836 [ 42F158036BD4C2FF3122BF142E60E6FD ] CNG C:\Windows\system32\Drivers\cng.sys
18:42:58.0932 13836 CNG - ok
18:42:58.0945 13836 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:42:58.0957 13836 Compbatt - ok
18:42:58.0983 13836 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:42:59.0029 13836 CompositeBus - ok
18:42:59.0052 13836 COMSysApp - ok
18:42:59.0064 13836 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:42:59.0107 13836 crcdisk - ok
18:42:59.0146 13836 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:42:59.0205 13836 CryptSvc - ok
18:42:59.0243 13836 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
18:42:59.0310 13836 CSC - ok
18:42:59.0351 13836 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
18:42:59.0433 13836 CscService - ok
18:42:59.0461 13836 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
18:42:59.0554 13836 DcomLaunch - ok
18:42:59.0597 13836 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
18:42:59.0691 13836 defragsvc - ok
18:42:59.0723 13836 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:42:59.0825 13836 DfsC - ok
18:42:59.0861 13836 [ B575C523F537F24D66D31F8877E6BCAB ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
18:42:59.0890 13836 dg_ssudbus - ok
18:42:59.0931 13836 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:43:00.0001 13836 Dhcp - ok
18:43:00.0036 13836 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
18:43:00.0115 13836 discache - ok
18:43:00.0134 13836 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:43:00.0147 13836 Disk - ok
18:43:00.0174 13836 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:43:00.0263 13836 Dnscache - ok
18:43:00.0291 13836 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
18:43:00.0371 13836 dot3svc - ok
18:43:00.0387 13836 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
18:43:00.0481 13836 DPS - ok
18:43:00.0541 13836 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:43:00.0604 13836 drmkaud - ok
18:43:00.0691 13836 [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:43:00.0730 13836 DXGKrnl - ok
18:43:00.0763 13836 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
18:43:00.0886 13836 EapHost - ok
18:43:00.0956 13836 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
18:43:01.0094 13836 ebdrv - ok
18:43:01.0114 13836 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
18:43:01.0199 13836 EFS - ok
18:43:01.0255 13836 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:43:01.0311 13836 ehRecvr - ok
18:43:01.0351 13836 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
18:43:01.0431 13836 ehSched - ok
18:43:01.0458 13836 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:43:01.0477 13836 elxstor - ok
18:43:01.0504 13836 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:43:01.0544 13836 ErrDev - ok
18:43:01.0572 13836 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
18:43:01.0680 13836 EventSystem - ok
18:43:01.0687 13836 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
18:43:01.0778 13836 exfat - ok
18:43:01.0785 13836 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:43:01.0842 13836 fastfat - ok
18:43:01.0885 13836 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
18:43:01.0984 13836 Fax - ok
18:43:01.0991 13836 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:43:02.0081 13836 fdc - ok
18:43:02.0102 13836 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
18:43:02.0168 13836 fdPHost - ok
18:43:02.0190 13836 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
18:43:02.0233 13836 FDResPub - ok
18:43:02.0248 13836 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:43:02.0261 13836 FileInfo - ok
18:43:02.0279 13836 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:43:02.0386 13836 Filetrace - ok
18:43:02.0393 13836 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:43:02.0449 13836 flpydisk - ok
18:43:02.0457 13836 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:43:02.0472 13836 FltMgr - ok
18:43:02.0512 13836 [ E12C4928B32ACE04610259647F072635 ] FontCache C:\Windows\system32\FntCache.dll
18:43:02.0592 13836 FontCache - ok
18:43:02.0647 13836 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:43:02.0657 13836 FontCache3.0.0.0 - ok
18:43:02.0664 13836 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:43:02.0675 13836 FsDepends - ok
18:43:02.0697 13836 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:43:02.0734 13836 Fs_Rec - ok
18:43:02.0758 13836 [ E306A24D9694C724FA2491278BF50FDB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:43:02.0775 13836 fvevol - ok
18:43:02.0796 13836 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:43:02.0809 13836 gagp30kx - ok
18:43:02.0851 13836 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
18:43:02.0963 13836 gpsvc - ok
18:43:02.0982 13836 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:43:03.0040 13836 hcw85cir - ok
18:43:03.0089 13836 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:43:03.0183 13836 HdAudAddService - ok
18:43:03.0213 13836 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:43:03.0249 13836 HDAudBus - ok
18:43:03.0255 13836 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:43:03.0332 13836 HidBatt - ok
18:43:03.0339 13836 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:43:03.0387 13836 HidBth - ok
18:43:03.0412 13836 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:43:03.0497 13836 HidIr - ok
18:43:03.0516 13836 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
18:43:03.0599 13836 hidserv - ok
18:43:03.0643 13836 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\drivers\hidusb.sys
18:43:03.0725 13836 HidUsb - ok
18:43:03.0758 13836 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:43:03.0844 13836 hkmsvc - ok
18:43:03.0862 13836 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:43:03.0935 13836 HomeGroupListener - ok
18:43:03.0960 13836 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:43:04.0066 13836 HomeGroupProvider - ok
18:43:04.0107 13836 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:43:04.0119 13836 HpSAMD - ok
18:43:04.0155 13836 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:43:04.0267 13836 HTTP - ok
18:43:04.0283 13836 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:43:04.0295 13836 hwpolicy - ok
18:43:04.0316 13836 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
18:43:04.0369 13836 i8042prt - ok
18:43:04.0387 13836 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:43:04.0405 13836 iaStorV - ok
18:43:04.0454 13836 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:43:04.0491 13836 idsvc - ok
18:43:04.0528 13836 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:43:04.0569 13836 iirsp - ok
18:43:04.0593 13836 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
18:43:04.0702 13836 IKEEXT - ok
18:43:04.0722 13836 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
18:43:04.0733 13836 intelide - ok
18:43:04.0775 13836 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:43:04.0830 13836 intelppm - ok
18:43:04.0863 13836 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:43:04.0954 13836 IPBusEnum - ok
18:43:04.0961 13836 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:43:05.0073 13836 IpFilterDriver - ok
18:43:05.0103 13836 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:43:05.0180 13836 iphlpsvc - ok
18:43:05.0198 13836 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:43:05.0259 13836 IPMIDRV - ok
18:43:05.0266 13836 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:43:05.0341 13836 IPNAT - ok
18:43:05.0368 13836 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:43:05.0428 13836 IRENUM - ok
18:43:05.0442 13836 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:43:05.0455 13836 isapnp - ok
18:43:05.0473 13836 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:43:05.0489 13836 iScsiPrt - ok
18:43:05.0514 13836 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:43:05.0526 13836 kbdclass - ok
18:43:05.0555 13836 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:43:05.0600 13836 kbdhid - ok
18:43:05.0621 13836 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
18:43:05.0635 13836 KeyIso - ok
18:43:05.0673 13836 [ EA26CB00F83686856F2C79673C00C686 ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
18:43:05.0690 13836 kl1 - ok
18:43:05.0737 13836 [ BE21AC70BB25B9BA0D79AA510D6BBFCB ] KLIF C:\Windows\system32\DRIVERS\klif.sys
18:43:05.0796 13836 KLIF - ok
18:43:05.0811 13836 [ AF127FE7DD5ED2BBC9049FD8A00DEFC2 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
18:43:05.0879 13836 KLIM6 - ok
18:43:05.0899 13836 [ 24AEBAD59D1DE8A7CC36E8F09F999362 ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
18:43:05.0935 13836 klkbdflt - ok
18:43:05.0950 13836 [ A58507C2827C3AE1D4CCB2746AAB349F ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
18:43:06.0045 13836 klmouflt - ok
18:43:06.0058 13836 [ E7EFE379B05BB01F13885C5DBE5A4E64 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
18:43:06.0235 13836 kltdi - ok
18:43:06.0248 13836 [ 8F932DF10408BCABA2FCF6163C843F8E ] kneps C:\Windows\system32\DRIVERS\kneps.sys
18:43:06.0341 13836 kneps - ok
18:43:06.0370 13836 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:43:06.0384 13836 KSecDD - ok
18:43:06.0414 13836 [ 5FE1ABF1AF591A3458C9CF24ED9A4D35 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:43:06.0470 13836 KSecPkg - ok
18:43:06.0507 13836 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
18:43:06.0605 13836 KtmRm - ok
18:43:06.0637 13836 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
18:43:06.0866 13836 LanmanServer - ok
18:43:06.0900 13836 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:43:07.0005 13836 LanmanWorkstation - ok
18:43:07.0049 13836 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:43:07.0140 13836 lltdio - ok
18:43:07.0169 13836 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:43:07.0259 13836 lltdsvc - ok
18:43:07.0281 13836 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
18:43:07.0383 13836 lmhosts - ok
18:43:07.0416 13836 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:43:07.0437 13836 LSI_FC - ok
18:43:07.0455 13836 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:43:07.0467 13836 LSI_SAS - ok
18:43:07.0475 13836 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:43:07.0487 13836 LSI_SAS2 - ok
18:43:07.0494 13836 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:43:07.0508 13836 LSI_SCSI - ok
18:43:07.0514 13836 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
18:43:07.0545 13836 luafv - ok
18:43:07.0561 13836 [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
18:43:07.0630 13836 MBAMProtector - ok
18:43:07.0667 13836 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:43:07.0691 13836 MBAMScheduler - ok
18:43:07.0715 13836 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:43:07.0752 13836 MBAMService - ok
18:43:07.0779 13836 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:43:07.0810 13836 Mcx2Svc - ok
18:43:07.0816 13836 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:43:07.0828 13836 megasas - ok
18:43:07.0853 13836 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:43:07.0868 13836 MegaSR - ok
18:43:07.0891 13836 Microsoft SharePoint Workspace Audit Service - ok
18:43:07.0927 13836 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
18:43:08.0018 13836 MMCSS - ok
18:43:08.0032 13836 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
18:43:08.0114 13836 Modem - ok
18:43:08.0136 13836 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:43:08.0203 13836 monitor - ok
18:43:08.0221 13836 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\drivers\mouclass.sys
18:43:08.0234 13836 mouclass - ok
18:43:08.0242 13836 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:43:08.0339 13836 mouhid - ok
18:43:08.0357 13836 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:43:08.0370 13836 mountmgr - ok
18:43:08.0415 13836 [ 825BF0E46B4470A463AEB641480C5FCA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:43:08.0431 13836 MozillaMaintenance - ok
18:43:08.0465 13836 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
18:43:08.0479 13836 mpio - ok
18:43:08.0497 13836 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:43:08.0562 13836 mpsdrv - ok
18:43:08.0593 13836 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:43:08.0715 13836 MpsSvc - ok
18:43:08.0739 13836 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:43:08.0811 13836 MRxDAV - ok
18:43:08.0829 13836 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:43:08.0909 13836 mrxsmb - ok
18:43:08.0931 13836 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:43:09.0004 13836 mrxsmb10 - ok
18:43:09.0017 13836 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:43:09.0059 13836 mrxsmb20 - ok
18:43:09.0069 13836 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
18:43:09.0080 13836 msahci - ok
18:43:09.0095 13836 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:43:09.0109 13836 msdsm - ok
18:43:09.0132 13836 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
18:43:09.0204 13836 MSDTC - ok
18:43:09.0216 13836 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:43:09.0264 13836 Msfs - ok
18:43:09.0277 13836 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:43:09.0366 13836 mshidkmdf - ok
18:43:09.0387 13836 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:43:09.0398 13836 msisadrv - ok
18:43:09.0437 13836 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:43:09.0519 13836 MSiSCSI - ok
18:43:09.0525 13836 msiserver - ok
18:43:09.0551 13836 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:43:09.0634 13836 MSKSSRV - ok
18:43:09.0640 13836 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:43:09.0686 13836 MSPCLOCK - ok
18:43:09.0692 13836 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:43:09.0755 13836 MSPQM - ok
18:43:09.0779 13836 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:43:09.0793 13836 MsRPC - ok
18:43:09.0807 13836 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:43:09.0831 13836 mssmbios - ok
18:43:09.0839 13836 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:43:09.0875 13836 MSTEE - ok
18:43:09.0894 13836 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:43:09.0971 13836 MTConfig - ok
18:43:09.0996 13836 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
18:43:10.0050 13836 MTsensor - ok
18:43:10.0063 13836 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
18:43:10.0075 13836 Mup - ok
18:43:10.0103 13836 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
18:43:10.0183 13836 napagent - ok
18:43:10.0217 13836 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:43:10.0254 13836 NativeWifiP - ok
18:43:10.0297 13836 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
18:43:10.0335 13836 NDIS - ok
18:43:10.0368 13836 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:43:10.0459 13836 NdisCap - ok
18:43:10.0490 13836 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:43:10.0535 13836 NdisTapi - ok
18:43:10.0578 13836 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:43:10.0665 13836 Ndisuio - ok
18:43:10.0679 13836 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:43:10.0745 13836 NdisWan - ok
18:43:10.0772 13836 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:43:10.0845 13836 NDProxy - ok
18:43:10.0864 13836 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:43:10.0956 13836 NetBIOS - ok
18:43:10.0980 13836 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:43:11.0123 13836 NetBT - ok
18:43:11.0143 13836 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
18:43:11.0182 13836 Netlogon - ok
18:43:11.0224 13836 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
18:43:11.0309 13836 Netman - ok
18:43:11.0343 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0356 13836 NetMsmqActivator - ok
18:43:11.0362 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0391 13836 NetPipeActivator - ok
18:43:11.0414 13836 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
18:43:11.0483 13836 netprofm - ok
18:43:11.0490 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0501 13836 NetTcpActivator - ok
18:43:11.0507 13836 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:43:11.0518 13836 NetTcpPortSharing - ok
18:43:11.0541 13836 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:43:11.0555 13836 nfrd960 - ok
18:43:11.0602 13836 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
18:43:11.0645 13836 NlaSvc - ok
18:43:11.0652 13836 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:43:11.0741 13836 Npfs - ok
18:43:11.0776 13836 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
18:43:11.0835 13836 nsi - ok
18:43:11.0841 13836 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:43:11.0883 13836 nsiproxy - ok
18:43:11.0925 13836 [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:43:11.0992 13836 Ntfs - ok
18:43:12.0001 13836 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
18:43:12.0028 13836 Null - ok
18:43:12.0075 13836 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
18:43:12.0114 13836 NVENETFD - ok
18:43:12.0324 13836 [ 0B2E7B39411FAA44EBDA76FB38673964 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:43:12.0611 13836 nvlddmkm - ok
18:43:12.0670 13836 [ 1DE923088878B495CD4219E47BA34EB8 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
18:43:12.0691 13836 NVNET - ok
18:43:12.0719 13836 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:43:12.0732 13836 nvraid - ok
18:43:12.0740 13836 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:43:12.0759 13836 nvstor - ok
18:43:12.0797 13836 [ 439FD6A5A34113388C51C48D0E5092AA ] nvsvc C:\Windows\system32\nvvsvc.exe
18:43:12.0848 13836 nvsvc - ok
18:43:12.0934 13836 [ E3C7676582502C5E4BB9288C3617AB59 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:43:13.0080 13836 nvUpdatusService - ok
18:43:13.0098 13836 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:43:13.0112 13836 nv_agp - ok
18:43:13.0133 13836 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:43:13.0269 13836 ohci1394 - ok
18:43:13.0295 13836 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:43:13.0307 13836 ose - ok
18:43:13.0413 13836 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:43:13.0626 13836 osppsvc - ok
18:43:13.0663 13836 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:43:13.0836 13836 p2pimsvc - ok
18:43:13.0874 13836 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
18:43:14.0021 13836 p2psvc - ok
18:43:14.0057 13836 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:43:14.0200 13836 Parport - ok
18:43:14.0222 13836 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:43:14.0235 13836 partmgr - ok
18:43:14.0249 13836 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
18:43:14.0283 13836 Parvdm - ok
18:43:14.0305 13836 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
18:43:14.0378 13836 PcaSvc - ok
18:43:14.0395 13836 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
18:43:14.0410 13836 pci - ok
18:43:14.0416 13836 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
18:43:14.0428 13836 pciide - ok
18:43:14.0450 13836 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:43:14.0477 13836 pcmcia - ok
18:43:14.0484 13836 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
18:43:14.0495 13836 pcw - ok
18:43:14.0520 13836 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:43:14.0639 13836 PEAUTH - ok
18:43:14.0695 13836 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:43:14.0764 13836 PeerDistSvc - ok
18:43:14.0823 13836 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
18:43:14.0921 13836 pla - ok
18:43:14.0967 13836 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:43:15.0050 13836 PlugPlay - ok
18:43:15.0073 13836 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:43:15.0210 13836 PNRPAutoReg - ok
18:43:15.0238 13836 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:43:15.0262 13836 PNRPsvc - ok
18:43:15.0285 13836 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:43:15.0382 13836 PolicyAgent - ok
18:43:15.0410 13836 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
18:43:15.0457 13836 Power - ok
18:43:15.0475 13836 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:43:15.0525 13836 PptpMiniport - ok
18:43:15.0545 13836 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:43:15.0599 13836 Processor - ok
18:43:15.0631 13836 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
18:43:15.0752 13836 ProfSvc - ok
18:43:15.0781 13836 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:43:15.0846 13836 ProtectedStorage - ok
18:43:15.0862 13836 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:43:15.0939 13836 Psched - ok
18:43:15.0971 13836 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:43:16.0025 13836 ql2300 - ok
18:43:16.0032 13836 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:43:16.0045 13836 ql40xx - ok
18:43:16.0068 13836 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
18:43:16.0111 13836 QWAVE - ok
18:43:16.0119 13836 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:43:16.0156 13836 QWAVEdrv - ok
18:43:16.0169 13836 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:43:16.0282 13836 RasAcd - ok
18:43:16.0302 13836 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:43:16.0366 13836 RasAgileVpn - ok
18:43:16.0380 13836 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
18:43:16.0502 13836 RasAuto - ok
18:43:16.0511 13836 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:43:16.0568 13836 Rasl2tp - ok
18:43:16.0607 13836 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
18:43:16.0688 13836 RasMan - ok
18:43:16.0717 13836 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:43:16.0753 13836 RasPppoe - ok
18:43:16.0760 13836 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:43:16.0817 13836 RasSstp - ok
18:43:16.0850 13836 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:43:16.0937 13836 rdbss - ok
18:43:16.0944 13836 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:43:16.0991 13836 rdpbus - ok
18:43:17.0017 13836 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:43:17.0084 13836 RDPCDD - ok
18:43:17.0115 13836 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:43:17.0189 13836 RDPDR - ok
18:43:17.0210 13836 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:43:17.0288 13836 RDPENCDD - ok
18:43:17.0297 13836 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:43:17.0355 13836 RDPREFMP - ok
18:43:17.0413 13836 [ 65375DF758CA1872AB7EBBBA457FD5E6 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:43:17.0475 13836 RdpVideoMiniport - ok
18:43:17.0516 13836 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:43:17.0598 13836 RDPWD - ok
18:43:17.0622 13836 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:43:17.0637 13836 rdyboost - ok
18:43:17.0661 13836 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
18:43:17.0710 13836 RemoteAccess - ok
18:43:17.0733 13836 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:43:17.0824 13836 RemoteRegistry - ok
18:43:17.0843 13836 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:43:17.0930 13836 RpcEptMapper - ok
18:43:17.0953 13836 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
18:43:18.0013 13836 RpcLocator - ok
18:43:18.0033 13836 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
18:43:18.0083 13836 RpcSs - ok
18:43:18.0096 13836 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:43:18.0172 13836 rspndr - ok
18:43:18.0212 13836 [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167 C:\Windows\system32\DRIVERS\Rt86win7.sys
18:43:18.0232 13836 RTL8167 - ok
18:43:18.0262 13836 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
18:43:18.0347 13836 s3cap - ok
18:43:18.0366 13836 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
18:43:18.0413 13836 SamSs - ok
18:43:18.0445 13836 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:43:18.0458 13836 sbp2port - ok
18:43:18.0467 13836 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:43:18.0519 13836 SCardSvr - ok
18:43:18.0537 13836 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:43:18.0632 13836 scfilter - ok
18:43:18.0691 13836 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
18:43:18.0785 13836 Schedule - ok
18:43:18.0806 13836 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
18:43:18.0849 13836 SCPolicySvc - ok
18:43:18.0876 13836 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:43:18.0960 13836 SDRSVC - ok
18:43:18.0986 13836 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:43:19.0044 13836 secdrv - ok
18:43:19.0059 13836 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
18:43:19.0147 13836 seclogon - ok
18:43:19.0181 13836 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
18:43:19.0279 13836 SENS - ok
18:43:19.0308 13836 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:43:19.0384 13836 SensrSvc - ok
18:43:19.0404 13836 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:43:19.0452 13836 Serenum - ok
18:43:19.0469 13836 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:43:19.0551 13836 Serial - ok
18:43:19.0579 13836 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:43:19.0631 13836 sermouse - ok
18:43:19.0669 13836 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
18:43:19.0759 13836 SessionEnv - ok
18:43:19.0785 13836 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:43:19.0827 13836 sffdisk - ok
18:43:19.0839 13836 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:43:20.0000 13836 sffp_mmc - ok
18:43:20.0015 13836 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:43:20.0196 13836 sffp_sd - ok
18:43:20.0218 13836 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:43:20.0312 13836 sfloppy - ok
18:43:20.0341 13836 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:43:20.0501 13836 SharedAccess - ok
18:43:20.0526 13836 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:43:20.0593 13836 ShellHWDetection - ok
18:43:20.0610 13836 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
18:43:20.0623 13836 sisagp - ok
18:43:20.0651 13836 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:43:20.0703 13836 SiSRaid2 - ok
18:43:20.0710 13836 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:43:20.0724 13836 SiSRaid4 - ok
18:43:20.0737 13836 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:43:20.0787 13836 Smb - ok
18:43:20.0824 13836 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:43:20.0911 13836 SNMPTRAP - ok
18:43:20.0928 13836 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
18:43:20.0940 13836 spldr - ok
18:43:20.0976 13836 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
18:43:21.0088 13836 Spooler - ok
18:43:21.0174 13836 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
18:43:21.0399 13836 sppsvc - ok
18:43:21.0426 13836 [ 761B6D9D80FF93D83E2542AF190E3E24 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:43:21.0501 13836 sppuinotify ( UnsignedFile.Multi.Generic ) - warning
18:43:21.0501 13836 sppuinotify - detected UnsignedFile.Multi.Generic (1)
18:43:21.0521 13836 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:43:21.0609 13836 srv - ok
18:43:21.0637 13836 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:43:21.0722 13836 srv2 - ok
18:43:21.0730 13836 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:43:21.0750 13836 srvnet - ok
18:43:21.0771 13836 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:43:21.0857 13836 SSDPSRV - ok
18:43:21.0875 13836 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:43:21.0933 13836 SstpSvc - ok
18:43:21.0978 13836 [ CA22092117F4F8BA3700B4BF9962444A ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
18:43:22.0021 13836 ssudmdm - ok
18:43:22.0076 13836 [ 306521935042FC0A6988D528643619B3 ] StarOpen C:\Windows\system32\drivers\StarOpen.sys
18:43:22.0101 13836 StarOpen ( UnsignedFile.Multi.Generic ) - warning
18:43:22.0101 13836 StarOpen - detected UnsignedFile.Multi.Generic (1)
18:43:22.0147 13836 [ 81F177C1954453AF407604160BD149CB ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:43:22.0175 13836 Stereo Service - ok
18:43:22.0199 13836 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:43:22.0211 13836 stexstor - ok
18:43:22.0242 13836 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
18:43:22.0314 13836 StiSvc - ok
18:43:22.0321 13836 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
18:43:22.0334 13836 storflt - ok
18:43:22.0357 13836 [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc C:\Windows\system32\storsvc.dll
18:43:22.0431 13836 StorSvc - ok
18:43:22.0464 13836 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
18:43:22.0475 13836 storvsc - ok
18:43:22.0488 13836 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\drivers\swenum.sys
18:43:22.0500 13836 swenum - ok
18:43:22.0544 13836 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
18:43:22.0597 13836 swprv - ok
18:43:22.0632 13836 Synth3dVsc - ok
18:43:22.0676 13836 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
18:43:22.0743 13836 SysMain - ok
18:43:22.0800 13836 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:43:22.0956 13836 TabletInputService - ok
18:43:22.0985 13836 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
18:43:23.0026 13836 TapiSrv - ok
18:43:23.0043 13836 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
18:43:23.0077 13836 TBS - ok
18:43:23.0121 13836 [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:43:23.0186 13836 Tcpip - ok
18:43:23.0210 13836 [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:43:23.0236 13836 TCPIP6 - ok
18:43:23.0268 13836 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:43:23.0347 13836 tcpipreg - ok
18:43:23.0374 13836 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:43:23.0420 13836 TDPIPE - ok
18:43:23.0427 13836 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:43:23.0506 13836 TDTCP - ok
18:43:23.0531 13836 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:43:23.0593 13836 tdx - ok
18:43:23.0608 13836 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\drivers\termdd.sys
18:43:23.0621 13836 TermDD - ok
18:43:23.0659 13836 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
18:43:23.0743 13836 TermService - ok
18:43:23.0763 13836 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
18:43:23.0829 13836 Themes - ok
18:43:23.0848 13836 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
18:43:23.0929 13836 THREADORDER - ok
18:43:23.0949 13836 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
18:43:24.0053 13836 TrkWks - ok
18:43:24.0108 13836 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:43:24.0205 13836 TrustedInstaller - ok
18:43:24.0231 13836 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:43:24.0324 13836 tssecsrv - ok
18:43:24.0382 13836 [ 9CE253214ACAA5A7D323327D2055EFAA ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:43:24.0408 13836 TsUsbFlt - ok
18:43:24.0415 13836 tsusbhub - ok
18:43:24.0491 13836 [ 3C4FE9B413AC1025EE0E0F3C895B73C9 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
18:43:24.0549 13836 TuneUp.UtilitiesSvc - ok
18:43:24.0592 13836 [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
18:43:24.0657 13836 TuneUpUtilitiesDrv - ok
18:43:24.0706 13836 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:43:24.0866 13836 tunnel - ok
18:43:24.0890 13836 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:43:24.0902 13836 uagp35 - ok
18:43:24.0927 13836 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:43:25.0055 13836 udfs - ok
18:43:25.0080 13836 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:43:25.0132 13836 UI0Detect - ok
18:43:25.0150 13836 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:43:25.0162 13836 uliagpkx - ok
18:43:25.0196 13836 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\drivers\umbus.sys
18:43:25.0269 13836 umbus - ok
18:43:25.0287 13836 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:43:25.0351 13836 UmPass - ok
18:43:25.0385 13836 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
18:43:25.0487 13836 UmRdpService - ok
18:43:25.0521 13836 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
18:43:25.0643 13836 upnphost - ok
18:43:25.0659 13836 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:43:25.0725 13836 usbccgp - ok
18:43:25.0761 13836 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:43:25.0832 13836 usbcir - ok
18:43:25.0839 13836 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:43:25.0882 13836 usbehci - ok
18:43:25.0891 13836 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:43:25.0973 13836 usbhub - ok
18:43:25.0981 13836 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:43:26.0050 13836 usbohci - ok
18:43:26.0084 13836 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:43:26.0156 13836 usbprint - ok
18:43:26.0182 13836 [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
18:43:26.0232 13836 usbscan - ok
18:43:26.0246 13836 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:43:26.0323 13836 USBSTOR - ok
18:43:26.0359 13836 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:43:26.0386 13836 usbuhci - ok
18:43:26.0398 13836 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
18:43:26.0486 13836 UxSms - ok
18:43:26.0525 13836 [ 2FEE0AAA981AC1685319778E647E9000 ] UxTuneUp C:\Windows\System32\uxtuneup.dll
18:43:26.0536 13836 UxTuneUp - ok
18:43:26.0553 13836 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
18:43:26.0603 13836 VaultSvc - ok
18:43:26.0613 13836 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:43:26.0625 13836 vdrvroot - ok
18:43:26.0652 13836 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
18:43:26.0776 13836 vds - ok
18:43:26.0794 13836 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:43:26.0871 13836 vga - ok
18:43:26.0901 13836 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:43:27.0028 13836 VgaSave - ok
18:43:27.0050 13836 VGPU - ok
18:43:27.0079 13836 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:43:27.0093 13836 vhdmp - ok
18:43:27.0146 13836 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
18:43:27.0158 13836 viaagp - ok
18:43:27.0182 13836 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
18:43:27.0280 13836 ViaC7 - ok
18:43:27.0299 13836 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
18:43:27.0310 13836 viaide - ok
18:43:27.0331 13836 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
18:43:27.0349 13836 vmbus - ok
18:43:27.0370 13836 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
18:43:27.0466 13836 VMBusHID - ok
18:43:27.0473 13836 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:43:27.0486 13836 volmgr - ok
18:43:27.0505 13836 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:43:27.0522 13836 volmgrx - ok
18:43:27.0545 13836 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:43:27.0590 13836 volsnap - ok
18:43:27.0612 13836 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:43:27.0651 13836 vsmraid - ok
18:43:27.0719 13836 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
18:43:27.0821 13836 VSS - ok
18:43:27.0844 13836 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
18:43:27.0891 13836 vwifibus - ok
18:43:27.0938 13836 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
18:43:28.0102 13836 W32Time - ok
18:43:28.0142 13836 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:43:28.0205 13836 WacomPen - ok
18:43:28.0269 13836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:43:28.0342 13836 WANARP - ok
18:43:28.0349 13836 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:43:28.0416 13836 Wanarpv6 - ok
18:43:28.0485 13836 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
18:43:28.0700 13836 wbengine - ok
18:43:28.0893 13836 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:43:28.0995 13836 WbioSrvc - ok
18:43:29.0255 13836 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:43:29.0366 13836 wcncsvc - ok
18:43:29.0420 13836 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:43:29.0500 13836 WcsPlugInService - ok
18:43:29.0517 13836 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:43:29.0529 13836 Wd - ok
18:43:29.0565 13836 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:43:29.0592 13836 Wdf01000 - ok
18:43:29.0654 13836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:43:29.0737 13836 WdiServiceHost - ok
18:43:29.0747 13836 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:43:29.0796 13836 WdiSystemHost - ok
18:43:29.0837 13836 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
18:43:29.0891 13836 WebClient - ok
18:43:29.0919 13836 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:43:30.0017 13836 Wecsvc - ok
18:43:30.0049 13836 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:43:30.0170 13836 wercplsupport - ok
18:43:30.0194 13836 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
18:43:30.0264 13836 WerSvc - ok
18:43:30.0321 13836 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:43:30.0390 13836 WfpLwf - ok
18:43:30.0431 13836 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:43:30.0443 13836 WIMMount - ok
18:43:30.0706 13836 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
18:43:30.0788 13836 WinDefend - ok
18:43:30.0801 13836 WinHttpAutoProxySvc - ok
18:43:30.0886 13836 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:43:30.0990 13836 Winmgmt - ok
18:43:31.0051 13836 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
18:43:31.0285 13836 WinRM - ok
18:43:31.0503 13836 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:43:31.0670 13836 Wlansvc - ok
18:43:31.0714 13836 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:43:31.0843 13836 WmiAcpi - ok
18:43:31.0880 13836 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:43:31.0923 13836 wmiApSrv - ok
18:43:32.0038 13836 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
18:43:32.0135 13836 WMPNetworkSvc - ok
18:43:32.0168 13836 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:43:32.0198 13836 WPCSvc - ok
18:43:32.0234 13836 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:43:32.0333 13836 WPDBusEnum - ok
18:43:32.0375 13836 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:43:32.0470 13836 ws2ifsl - ok
18:43:32.0512 13836 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
18:43:32.0759 13836 wscsvc - ok
18:43:32.0778 13836 WSearch - ok
18:43:33.0357 13836 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
18:43:33.0428 13836 wuauserv - ok
18:43:33.0504 13836 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:43:33.0537 13836 WudfPf - ok
18:43:33.0567 13836 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:43:33.0680 13836 WUDFRd - ok
18:43:33.0747 13836 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:43:33.0800 13836 wudfsvc - ok
18:43:33.0857 13836 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:43:33.0908 13836 WwanSvc - ok
18:43:33.0937 13836 ================ Scan global ===============================
18:43:33.0973 13836 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
18:43:34.0031 13836 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:43:34.0041 13836 [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
18:43:34.0080 13836 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:43:34.0156 13836 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:43:34.0171 13836 [Global] - ok
18:43:34.0174 13836 ================ Scan MBR ==================================
18:43:34.0226 13836 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:43:41.0486 13836 \Device\Harddisk0\DR0 - ok
18:43:41.0488 13836 ================ Scan VBR ==================================
18:43:41.0492 13836 [ 141B1B633DB405E447E255D0AE10E9FB ] \Device\Harddisk0\DR0\Partition1
18:43:41.0493 13836 \Device\Harddisk0\DR0\Partition1 - ok
18:43:41.0518 13836 [ 234F1169A687D87A5893F9F6B7D2CD54 ] \Device\Harddisk0\DR0\Partition2
18:43:41.0519 13836 \Device\Harddisk0\DR0\Partition2 - ok
18:43:41.0521 13836 ============================================================
18:43:41.0521 13836 Scan finished
18:43:41.0521 13836 ============================================================
18:43:41.0531 5184 Detected object count: 3
18:43:41.0531 5184 Actual detected object count: 3
18:44:17.0301 5184 ASPI32 ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0301 5184 ASPI32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:17.0302 5184 sppuinotify ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0302 5184 sppuinotify ( UnsignedFile.Multi.Generic ) - User select action: Skip
18:44:17.0304 5184 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
18:44:17.0304 5184 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

Louco