Smart Fortress 2012/Probleme nach Bereinigung

cosinus · 15.04.2012, 19:05

Dann hättest du zuvor aber AntiVir deinstallieren müssen! Oder geht das auch nicht mehr

3Vx23² · 15.04.2012, 20:46

Dann hätte ich ja gar keinen Virenschutz mehr??

cosinus · 16.04.2012, 09:36

Zitat:

Dann hätte ich ja gar keinen Virenschutz mehr??

Und was glaubst du wohl was AVG ist?

Oder ist das nichts wenn du Antivir deinstallierst....

Selbst komplett ohne Virenscanner ware der Rechner nicht automatisch unsicher; die Softwareindustrie hat die Konsumgesellschaft schön in den Glauben getrieben, dass man ohne ihre Produkte ja völlig aufgeschmissen sei...

3Vx23² · 16.04.2012, 10:26

AVG hat aber keine Funktion mehr. Ich kann da nichts aktivieren noch deaktivieren noch scannen etc. Das Bedienfeld von AVG ist komplett leer aus "Speedtest"!

Soll ich jetzt trotzdem avira löschen??

Ich blick gerade nicht so ganz durch was ich tun soll?

cosinus · 16.04.2012, 11:45

Es ist hochproblematisch zwei solcher Virenscanner wie zB AntiVir und AVG parallel zu nutzen! Was ist daran nicht zu verstehen? Die kommen sich gegenseitig in die Quere und bremsen das System aus

Nun deinstalliere bitte endlich Avira

3Vx23² · 16.04.2012, 12:32

Okay, mach ich.

cosinus · 16.04.2012, 19:20

Mach danach bitte wieder ein neues OTL-Log

3Vx23² · 22.04.2012, 17:14

Code:

ATTFilter

OTL logfile created on: 4/22/2012 5:56:44 PM - Run 2
OTL by OldTimer - Version 3.2.40.0     Folder = C:\Users\******\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3.91 Gb Total Physical Memory | 2.06 Gb Available Physical Memory | 52.76% Memory free
7.82 Gb Paging File | 6.05 Gb Available in Paging File | 77.43% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 657.54 Gb Total Space | 582.87 Gb Free Space | 88.64% Space Free | Partition Type: NTFS
Drive D: | 38.00 Gb Total Space | 16.15 Gb Free Space | 42.50% Space Free | Partition Type: NTFS
Drive E: | 5.84 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF
 
Computer Name: ******-PC | User Name: ****** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/04/22 00:07:51 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\******\Downloads\OTL.exe
PRC - [2012/04/15 19:35:19 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
PRC - [2012/04/01 01:57:21 | 000,918,880 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
PRC - [2012/02/16 04:57:46 | 002,575,712 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgtray.exe
PRC - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/01/13 14:53:18 | 000,460,872 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/02/11 21:40:00 | 000,997,712 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/02/11 21:39:58 | 001,304,912 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
PRC - [2011/02/11 21:39:54 | 000,985,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
PRC - [2011/02/11 21:39:54 | 000,907,600 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2010/12/16 00:23:02 | 000,207,400 | ---- | M] (Wistron) -- C:\Program Files (x86)\Launch Manager\HotkeyApp.exe
PRC - [2010/11/17 10:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010/11/06 09:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/21 22:53:44 | 000,436,264 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WButton.exe
PRC - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
PRC - [2009/12/12 00:18:16 | 000,348,960 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\OSD.exe
PRC - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
PRC - [2009/11/02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/01/26 15:31:16 | 002,144,088 | RHS- | M] (Safer Networking Limited) -- C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/04/15 19:35:19 | 000,982,880 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\vprot.exe
MOD - [2011/09/27 07:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 07:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2009/11/02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011/11/21 16:10:10 | 000,036,160 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011/03/22 14:29:02 | 002,421,384 | ---- | M] (mobile concepts GmbH) [On_Demand | Stopped] -- C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe -- (CGVPNCliSrvc)
SRV:64bit: - [2011/02/17 05:08:56 | 001,133,568 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/02/09 13:49:18 | 000,134,928 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) Intel(R) Centrino(R) Wireless Bluetooth(R)
SRV:64bit: - [2011/02/05 01:34:20 | 001,515,792 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) Intel(R)
SRV:64bit: - [2011/02/05 01:24:24 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/02/05 01:19:50 | 000,836,880 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) Intel(R)
SRV:64bit: - [2010/09/23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012/04/01 01:57:21 | 000,918,880 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe -- (vToolbarUpdater10.2.0)
SRV - [2012/03/30 22:46:24 | 000,253,600 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/01/13 14:53:18 | 000,652,360 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/01/03 06:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/12/19 19:25:11 | 000,607,040 | ---- | M] (TuneUp Software) [On_Demand | Stopped] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe -- (TuneUp.Defrag) @C:\Program Files (x86)
SRV - [2011/11/21 16:12:56 | 001,403,200 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2011/11/21 16:10:04 | 000,030,016 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/01 09:17:00 | 001,025,352 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe -- (AVG Security Toolbar Service)
SRV - [2011/02/11 21:40:00 | 000,997,712 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/02/11 21:39:58 | 001,304,912 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/02/11 21:39:54 | 000,907,600 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2010/12/06 12:52:40 | 000,062,464 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\watchmi\TvdService.exe -- (watchmi)
SRV - [2010/11/06 09:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010/03/18 23:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/10 14:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2009/11/07 12:46:52 | 000,020,480 | ---- | M] (X10) [Auto | Running] -- C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe -- (x10nets)
SRV - [2009/10/23 02:05:40 | 000,118,560 | ---- | M] (Wistron Corp.) [On_Demand | Running] -- C:\Program Files (x86)\Launch Manager\WisLMSvc.exe -- (WisLMSvc)
SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2007/12/17 04:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01) EPSON V5 Service4(01)
SRV - [2007/01/11 04:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01) EPSON V3 Service4(01)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012/03/01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:50 | 000,382,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:32:02 | 000,026,704 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidseha.sys -- (AVGIDSEH)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/12/10 15:24:08 | 000,023,152 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/26 01:17:50 | 012,262,336 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/24 20:40:20 | 008,591,872 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64) ___ Intel(R)
DRV:64bit: - [2011/02/17 02:46:36 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/02/16 23:45:48 | 000,261,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP) Intel(R) Centrino(R)
DRV:64bit: - [2011/02/16 23:45:48 | 000,261,632 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL) Intel(R) Centrino(R)
DRV:64bit: - [2011/02/10 15:52:34 | 000,181,760 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2011/02/10 15:52:34 | 000,082,432 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2011/01/25 21:48:04 | 000,077,424 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/01/24 11:24:52 | 000,058,128 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/01/24 11:22:48 | 000,059,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/01/24 10:56:06 | 000,274,944 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2010/11/21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/11/06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/10/29 05:07:44 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2010/10/21 12:20:44 | 000,299,520 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2010/10/15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud) Intel(R)
DRV:64bit: - [2010/09/16 09:08:50 | 001,077,416 | ---- | M] (DiBcom SA) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mod77-64.sys -- (mod7764)
DRV:64bit: - [2010/09/03 14:46:48 | 001,392,688 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010/02/25 16:51:02 | 000,029,696 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/05/13 21:47:44 | 000,032,792 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\x10ufx2.sys -- (XUIF)
DRV:64bit: - [2009/05/13 21:26:14 | 000,015,896 | ---- | M] (X10 Wireless Technology, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\x10hid.sys -- (X10Hid)
DRV:64bit: - [2008/08/06 14:42:26 | 000,022,216 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\DRHARD64.sys -- (DRHARD64)
DRV - [2010/02/24 13:41:50 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2008/08/06 14:42:26 | 000,022,216 | ---- | M] (Licensed for Gebhard Software) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\DRHARD64.sys -- (DRHARD64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://plasmoo.com
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\..\SearchScopes,DefaultScope = {8E1B5B6E-1428-445C-BCFB-A3793E37F0DE}
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\..\SearchScopes\{8E1B5B6E-1428-445C-BCFB-A3793E37F0DE}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393DE431
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={34CE70AD-A02B-42BC-8526-3935EC1BD70B}&mid=ebb7a94c867147d19c2cd16f6b22b0d7-bf8900b1ff22764e5645b6c86d485fc7b3b7d1e2&lang=de&ds=AVG&pr=fr&d=2012-04-15 19:35:20&v=10.2.0.3&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\..\SearchScopes\Plasmoo: "URL" = hxxp://plasmoo.com/index.htm?SearchMashine=true&q={searchTerms}
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultthis.engineName: "Plasmoo"
FF - prefs.js..browser.search.defaulturl: "hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}"
FF - prefs.js..browser.startup.homepage: "hxxp://ixquick.com/deu/"
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_2_202_228.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/04/01 01:57:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011/06/09 13:15:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011/06/09 13:15:25 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\8.0.0.40\ [2012/01/22 13:03:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack\ [2012/04/01 01:55:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/03/29 23:07:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012/02/23 20:47:14 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\9.0.0.22 [2012/04/17 16:17:39 | 000,000,000 | ---D | M]
 
[2011/05/15 12:03:40 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Extensions
[2012/01/06 23:27:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\skt606fk.default\extensions
[2011/05/22 19:39:39 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\******\AppData\Roaming\mozilla\Firefox\Profiles\skt606fk.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/12/07 16:50:21 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012/04/01 01:55:28 | 000,000,000 | ---D | M] (AVG Do-Not-Track) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX\DONOTTRACK
[2012/04/01 01:57:40 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES (X86)\AVG\AVG2012\FIREFOX4
[2012/04/17 16:17:39 | 000,000,000 | ---D | M] (AVG Security Toolbar) -- C:\PROGRAMDATA\AVG SECURE SEARCH\9.0.0.22
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SKT606FK.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\USERS\******\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\SKT606FK.DEFAULT\EXTENSIONS\DIVXWEBPLAYER@DIVX.COM.XPI
[2012/02/22 12:43:28 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/02/22 12:43:26 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/04/15 19:35:18 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2012/02/22 12:43:26 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/02/22 12:43:26 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012/02/22 12:43:26 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/02/22 12:43:26 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/02/22 12:43:26 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
 
O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do-Not-Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (AVG Do-Not-Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\10.2.0.3\AVG Secure Search_toolbar.dll ()
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HotkeyApp] C:\Program Files (x86)\Launch Manager\HotkeyApp.exe (Wistron)
O4 - HKLM..\Run: [LMgrVolOSD] C:\Program Files (x86)\Launch Manager\OSD.exe (Wistron Corp.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [ROC_roc_dec12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_dec12.exe" /PROMPT /CMPID=roc_dec12 File not found
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [Wbutton] C:\Program Files (x86)\Launch Manager\Wbutton.exe (Wistron Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_SEE77.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [EPSON SX525WD Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_SFCC9.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_228_Plugin.exe (Adobe Systems Incorporated)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O8 - Extra context menu item: Free YouTube Download - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html File not found
O9:64bit: - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9:64bit: - Extra Button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.5 - {7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - C:\Program Files (x86)\ICQ7.5\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: AVG Do-Not-Track - {DA58ACA7-18A6-403A-93DA-6E4172D43709} - C:\Program Files (x86)\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{43FB6CDF-625E-4C67-9F13-7BE2CE75BEA5}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B630595A-1F98-41CA-B659-BC7CD3604FEA}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\10.2.0\ViProtocol.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/19 16:42:28 | 000,654,872 | R--- | M] (Black Hole Entertainment) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011/08/24 17:21:49 | 000,000,093 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/09/16 14:24:38 | 005,852,582 | R--- | M] () - E:\Autorun.orc -- [ UDF ]
O33 - MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2011/09/19 16:37:02 | 000,808,912 | R--- | M] (Ubisoft)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2011/09/19 16:42:28 | 000,654,872 | R--- | M] (Black Hole Entertainment)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/04/09 13:49:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012/04/07 05:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom Shareware for Windows 95
[2012/04/07 05:51:54 | 000,000,000 | ---D | C] -- C:\Program Files\Doom Shareware for Windows 95
[2012/04/07 05:51:26 | 000,000,000 | ---D | C] -- C:\Users\******\Desktop\Doom 95
[2012/04/02 20:42:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2012/04/02 20:41:57 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2012/04/02 20:41:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip
[2012/04/02 20:35:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012/04/02 20:35:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012/04/01 21:34:38 | 000,000,000 | ---D | C] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2012/04/01 21:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/04/01 21:34:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/04/01 21:34:31 | 000,023,152 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012/04/01 21:34:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/04/01 01:57:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/04/01 01:57:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AVG Secure Search
[2012/04/01 01:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
[2012/04/01 01:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2012/04/01 01:47:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy
[2012/03/28 22:56:31 | 000,000,000 | ---D | C] -- C:\850bcebae922aaa405b4270ec3c1
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012/04/22 17:42:40 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/04/22 17:42:30 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/04/22 17:42:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/04/22 00:17:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/04/21 23:52:06 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/04/21 23:52:06 | 000,016,752 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/04/21 23:43:58 | 3148,140,544 | -HS- | M] () -- C:\hiberfil.sys
[2012/04/21 20:21:23 | 001,500,294 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/04/21 20:21:23 | 000,654,852 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012/04/21 20:21:23 | 000,616,694 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/04/21 20:21:23 | 000,130,434 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012/04/21 20:21:23 | 000,106,816 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/04/15 19:39:31 | 001,375,847 | ---- | M] () -- C:\Users\******\Desktop\AVGInstLog.cab
[2012/04/02 20:42:17 | 000,002,235 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/04/02 19:39:20 | 000,000,000 | ---- | M] () -- C:\Users\******\defogger_reenable
[2012/04/01 20:21:34 | 093,288,619 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\incavi.avm
[2012/04/01 20:20:47 | 000,118,711 | ---- | M] () -- C:\Windows\SysNative\drivers\AVG\iavichjg.avm
[2012/03/30 20:06:55 | 000,392,488 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012/04/15 19:39:31 | 001,375,847 | ---- | C] () -- C:\Users\******\Desktop\AVGInstLog.cab
[2012/04/07 05:51:55 | 000,004,711 | ---- | C] () -- C:\Windows\SysNative\dmouse.vxd
[2012/04/02 20:42:17 | 000,002,235 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2012/04/02 19:39:20 | 000,000,000 | ---- | C] () -- C:\Users\******\defogger_reenable
[2012/03/30 22:46:26 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2011/08/03 18:03:04 | 000,007,602 | ---- | C] () -- C:\Users\******\AppData\Local\Resmon.ResmonCfg
[2011/05/20 17:28:11 | 000,011,103 | ---- | C] () -- C:\Windows\scunin.dat
[2011/05/15 11:34:10 | 001,527,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/03/26 01:16:10 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/03/26 01:16:10 | 000,216,876 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/03/14 06:04:53 | 000,072,017 | ---- | C] () -- C:\Windows\SysWow64\Uninstall ALDI SÜD Mah Jong.exe
[2011/03/14 05:23:13 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2011/03/14 05:23:12 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2011/02/04 13:38:56 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== LOP Check ==========
 
[2011/05/30 23:21:22 | 000,000,000 | -HSD | M] -- C:\Users\******\AppData\Roaming\.#
[2011/10/26 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\AVG2012
[2012/04/12 21:59:14 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ICQ
[2012/01/12 20:22:02 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Might & Magic Heroes VI
[2011/07/24 13:30:26 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\OpenOffice.org
[2012/04/20 07:30:26 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SoftGrid Client
[2011/10/03 16:55:45 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Thunderbird
[2011/10/02 15:00:02 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2011/06/13 11:54:37 | 000,000,000 | -HSD | M] -- C:\Users\******\AppData\Roaming\.#
[2011/06/13 09:27:26 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ALDI_SUED_Mah_Jong
[2011/10/26 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\AVG2012
[2011/05/28 13:16:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers
[2012/02/23 14:29:55 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ICQ
[2012/01/08 16:36:01 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Might & Magic Heroes VI
[2011/05/16 22:03:11 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\OpenOffice.org
[2012/03/29 23:03:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SoftGrid Client
[2011/05/22 12:03:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TP
[2011/10/02 14:36:01 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2011/08/12 15:00:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
[2011/12/05 16:27:28 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011/06/13 11:54:37 | 000,000,000 | -HSD | M] -- C:\Users\******\AppData\Roaming\.#
[2011/05/14 20:45:59 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Adobe
[2011/06/13 09:27:26 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ALDI_SUED_Mah_Jong
[2011/05/22 17:53:58 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Apple Computer
[2011/10/26 18:32:36 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\AVG2012
[2011/12/01 18:05:52 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Corel
[2011/05/16 21:46:12 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\CyberLink
[2011/06/09 13:15:04 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DivX
[2011/05/28 13:16:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/05/14 20:50:48 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Google
[2012/02/23 14:29:55 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\ICQ
[2011/05/14 20:36:38 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Identities
[2011/05/14 20:36:28 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Intel
[2011/03/12 22:07:58 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Macromedia
[2012/04/01 21:34:38 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Malwarebytes
[2010/11/21 09:16:41 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Media Center Programs
[2011/12/24 03:57:05 | 000,000,000 | --SD | M] -- C:\Users\******\AppData\Roaming\Microsoft
[2012/01/08 16:36:01 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Might & Magic Heroes VI
[2011/05/15 12:03:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\Mozilla
[2011/05/16 22:03:11 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\OpenOffice.org
[2012/03/29 23:03:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\SoftGrid Client
[2011/05/22 12:03:17 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TP
[2011/10/02 14:36:01 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\TuneUp Software
[2011/06/29 18:37:02 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\WinRAR
[2011/08/12 15:00:40 | 000,000,000 | ---D | M] -- C:\Users\******\AppData\Roaming\{90140011-0066-0407-0000-0000000FF1CE}
 
< %APPDATA%\*.exe /s >
[2011/03/12 22:07:44 | 000,053,632 | ---- | M] (Adobe Systems Inc.) -- C:\Users\******\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007/11/07 09:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009/07/14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009/07/14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009/07/14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009/07/14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2008/06/06 23:03:52 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files (x86)\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2010/11/06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010/11/06 09:45:48 | 000,438,808 | ---- | M] (Intel Corporation) MD5=D7921D5A870B11CC1ADAB198A519D50A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_710b330fb3531234\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010/11/21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011/03/11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010/11/21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010/11/21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010/11/21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010/11/21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010/11/21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010/11/21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2010/11/21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010/11/21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010/11/21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010/11/21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009/07/14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009/07/14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010/11/21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2012/01/13 14:53:20 | 000,182,856 | ---- | M] () MD5=63EEC8A8B221AB79045E776E5F592868 -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009/07/14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

< End of report >

cosinus · 22.04.2012, 20:03

Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Hinweis: Falls Du Deinen Benutzernamen unkenntlich gemacht hast, musst Du das Ausgesternte in Deinen richtigen Benutzernamen wieder verwandeln, sonst funktioniert das Script nicht!!

Code:

ATTFilter

:OTL
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [EPSON SX210 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFDE.EXE /FU "C:\Windows\TEMP\E_SEE77.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [EPSON SX525WD Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU "C:\Windows\TEMP\E_SFCC9.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-21-3918067246-3647149079-1834319354-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer Networking Limited)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/09/19 16:42:28 | 000,654,872 | R--- | M] (Black Hole Entertainment) - E:\Autorun.exe -- [ UDF ]
O32 - AutoRun File - [2011/08/24 17:21:49 | 000,000,093 | R--- | M] () - E:\Autorun.inf -- [ UDF ]
O32 - AutoRun File - [2011/09/16 14:24:38 | 005,852,582 | R--- | M] () - E:\Autorun.orc -- [ UDF ]
O33 - MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\Shell\AutoRun\command - "" = E:\setup.exe -- [2011/09/19 16:37:02 | 000,808,912 | R--- | M] (Ubisoft)
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2011/09/19 16:42:28 | 000,654,872 | R--- | M] (Black Hole Entertainment)
[2011/05/30 23:21:22 | 000,000,000 | -HSD | M] -- C:\Users\******\AppData\Roaming\.#
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]

Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

3Vx23² · 22.04.2012, 21:28

Code:

ATTFilter

All processes killed
========== OTL ==========
Registry value HKEY_USERS\S-1-5-21-3918067246-3647149079-1834319354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON SX210 Series deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3918067246-3647149079-1834319354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON SX525WD Series deleted successfully.
Registry value HKEY_USERS\S-1-5-21-3918067246-3647149079-1834319354-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SpybotSD TeaTimer deleted successfully.
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe moved successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\Autorun.orc scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6674628b-7ea2-11e0-b34c-806e6f6e6963}\ not found.
File move failed. E:\setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E\ not found.
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
C:\Users\Vincent\AppData\Roaming\.# folder moved successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: .wh..wh.orph
 
User: .wh..wh.plnk
 
User: All Users
 
User: ******
->Temp folder emptied: 667227 bytes
->Temporary Internet Files folder emptied: 1403852 bytes
->Java cache emptied: 6144725 bytes
->FireFox cache emptied: 127086663 bytes
->Flash cache emptied: 58398 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56502 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes
 
User: Public
 
User: ******
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 442770 bytes
->Java cache emptied: 1728527 bytes
->FireFox cache emptied: 49920470 bytes
->Flash cache emptied: 57102 bytes
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 9571232 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 119624 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 188.00 mb
 
 
[EMPTYFLASH]
 
User: .wh..wh.orph
 
User: .wh..wh.plnk
 
User: All Users
 
User: ******
->Flash cache emptied: 0 bytes
 
User: Default
->Flash cache emptied: 0 bytes
 
User: Default User
->Flash cache emptied: 0 bytes
 
User: Public
 
User: ******
->Flash cache emptied: 0 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.40.0 log created on 04222012_221901

Files\Folders moved on Reboot...
File move failed. E:\Autorun.exe scheduled to be moved on reboot.
File move failed. E:\Autorun.inf scheduled to be moved on reboot.
File move failed. E:\Autorun.orc scheduled to be moved on reboot.
File move failed. E:\setup.exe scheduled to be moved on reboot.
File move failed. C:\Users\******\AppData\Local\Temp\FXSAPIDebugLogFile.txt scheduled to be moved on reboot.

Registry entries deleted on Reboot...

cosinus · 23.04.2012, 08:03

Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten, Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C

nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

3Vx23² · 23.04.2012, 19:02

Code:

ATTFilter

19:52:46.0490 2820	TDSS rootkit removing tool 2.7.31.0 Apr 20 2012 19:49:47
19:52:46.0552 2820	============================================================
19:52:46.0552 2820	Current date / time: 2012/04/23 19:52:46.0552
19:52:46.0552 2820	SystemInfo:
19:52:46.0552 2820	
19:52:46.0552 2820	OS Version: 6.1.7601 ServicePack: 1.0
19:52:46.0552 2820	Product type: Workstation
19:52:46.0552 2820	ComputerName: ******-C
19:52:46.0552 2820	UserName: *****
19:52:46.0552 2820	Windows directory: C:\Windows
19:52:46.0552 2820	System windows directory: C:\Windows
19:52:46.0552 2820	Running under WOW64
19:52:46.0552 2820	Processor architecture: Intel x64
19:52:46.0552 2820	Number of processors: 4
19:52:46.0552 2820	Page size: 0x1000
19:52:46.0552 2820	Boot type: Normal boot
19:52:46.0552 2820	============================================================
19:52:47.0317 2820	Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:52:47.0317 2820	\Device\Harddisk0\DR0:
19:52:47.0317 2820	MBR partitions:
19:52:47.0317 2820	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
19:52:47.0317 2820	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x52312800
19:52:47.0363 2820	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x52345800, BlocksNum 0x4BFE000
19:52:47.0504 2820	C: <-> \Device\Harddisk0\DR0\Partition1
19:52:47.0675 2820	D: <-> \Device\Harddisk0\DR0\Partition2
19:52:47.0675 2820	Initialize success
19:52:47.0675 2820	============================================================
19:53:55.0080 3112	============================================================
19:53:55.0080 3112	Scan started
19:53:55.0080 3112	Mode: Manual; SigCheck; TDLFS; 
19:53:55.0080 3112	============================================================
19:53:55.0454 3112	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:53:55.0579 3112	1394ohci - ok
19:53:55.0657 3112	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:53:55.0673 3112	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:53:55.0766 3112	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:53:55.0782 3112	ACPI - ok
19:53:55.0860 3112	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:53:55.0938 3112	AcpiPmi - ok
19:53:56.0016 3112	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:53:56.0016 3112	AdobeARMservice - ok
19:53:56.0234 3112	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:53:56.0234 3112	AdobeFlashPlayerUpdateSvc - ok
19:53:56.0328 3112	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:53:56.0359 3112	adp94xx - ok
19:53:56.0515 3112	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:53:56.0531 3112	adpahci - ok
19:53:56.0624 3112	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:53:56.0640 3112	adpu320 - ok
19:53:56.0702 3112	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:53:56.0936 3112	AeLookupSvc - ok
19:53:57.0077 3112	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:53:57.0139 3112	AFD - ok
19:53:57.0233 3112	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:53:57.0248 3112	agp440 - ok
19:53:57.0311 3112	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:53:57.0373 3112	ALG - ok
19:53:57.0451 3112	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:53:57.0451 3112	aliide - ok
19:53:57.0529 3112	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:53:57.0529 3112	amdide - ok
19:53:57.0623 3112	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:53:57.0670 3112	AmdK8 - ok
19:53:57.0826 3112	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:53:57.0950 3112	AmdPPM - ok
19:53:58.0075 3112	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:53:58.0091 3112	amdsata - ok
19:53:58.0106 3112	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:53:58.0122 3112	amdsbs - ok
19:53:58.0200 3112	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:53:58.0200 3112	amdxata - ok
19:53:58.0294 3112	AMPPAL          (da11f970926c91646aaf872e019ed780) C:\Windows\system32\DRIVERS\AMPPAL.sys
19:53:58.0340 3112	AMPPAL - ok
19:53:58.0418 3112	AMPPALP         (da11f970926c91646aaf872e019ed780) C:\Windows\system32\DRIVERS\amppal.sys
19:53:58.0434 3112	AMPPALP - ok
19:53:58.0512 3112	AMPPALR3        (d32ea788018156ae505be68b39391ddf) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:53:58.0621 3112	AMPPALR3 - ok
19:53:58.0699 3112	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:53:58.0855 3112	AppID - ok
19:53:58.0964 3112	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:53:59.0027 3112	AppIDSvc - ok
19:53:59.0105 3112	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:53:59.0152 3112	Appinfo - ok
19:53:59.0308 3112	Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:53:59.0308 3112	Apple Mobile Device - ok
19:53:59.0448 3112	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:53:59.0464 3112	arc - ok
19:53:59.0526 3112	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:53:59.0542 3112	arcsas - ok
19:53:59.0557 3112	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:53:59.0620 3112	AsyncMac - ok
19:53:59.0698 3112	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:53:59.0698 3112	atapi - ok
19:53:59.0744 3112	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:53:59.0822 3112	AudioEndpointBuilder - ok
19:53:59.0869 3112	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:53:59.0900 3112	AudioSrv - ok
19:53:59.0994 3112	AVG Security Toolbar Service (3a457c2f798cad79cd30224e723e01fb) C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
19:54:00.0025 3112	AVG Security Toolbar Service - ok
19:54:00.0088 3112	AVGIDSDriver    (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:54:00.0103 3112	AVGIDSDriver - ok
19:54:00.0290 3112	AVGIDSEH        (9650578c511527e218328df6d311b4fa) C:\Windows\system32\DRIVERS\avgidseha.sys
19:54:00.0306 3112	AVGIDSEH - ok
19:54:00.0415 3112	AVGIDSFilter    (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:54:00.0415 3112	AVGIDSFilter - ok
19:54:00.0493 3112	Avgldx64        (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:54:00.0509 3112	Avgldx64 - ok
19:54:00.0587 3112	Avgmfx64        (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:54:00.0602 3112	Avgmfx64 - ok
19:54:00.0696 3112	Avgrkx64 - ok
19:54:00.0743 3112	Avgtdia         (e601444168adfb78afa22a1e270d9253) C:\Windows\system32\DRIVERS\avgtdia.sys
19:54:00.0758 3112	Avgtdia - ok
19:54:00.0852 3112	avgwd           (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:54:00.0852 3112	avgwd - ok
19:54:00.0930 3112	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:54:00.0992 3112	AxInstSV - ok
19:54:01.0070 3112	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:54:01.0133 3112	b06bdrv - ok
19:54:01.0226 3112	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:54:01.0258 3112	b57nd60a - ok
19:54:01.0351 3112	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:54:01.0414 3112	BDESVC - ok
19:54:01.0492 3112	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:54:01.0554 3112	Beep - ok
19:54:01.0663 3112	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:54:01.0726 3112	BFE - ok
19:54:01.0819 3112	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:54:01.0913 3112	BITS - ok
19:54:02.0006 3112	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:54:02.0053 3112	blbdrive - ok
19:54:02.0256 3112	Bluetooth Device Monitor (832314a5ac804dee429a009a3d41b99b) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:54:02.0287 3112	Bluetooth Device Monitor - ok
19:54:02.0474 3112	Bluetooth Media Service (35c701c5a286543973f0fc8bc195515e) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:54:02.0506 3112	Bluetooth Media Service - ok
19:54:02.0662 3112	Bluetooth OBEX Service (a475d68b03febf6c371f0d9644c2e12d) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:54:02.0693 3112	Bluetooth OBEX Service - ok
19:54:02.0771 3112	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:54:02.0786 3112	Bonjour Service - ok
19:54:02.0849 3112	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:54:02.0896 3112	bowser - ok
19:54:02.0989 3112	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:54:03.0020 3112	BrFiltLo - ok
19:54:03.0098 3112	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:54:03.0161 3112	BrFiltUp - ok
19:54:03.0239 3112	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:54:03.0286 3112	Browser - ok
19:54:03.0379 3112	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:54:03.0457 3112	Brserid - ok
19:54:03.0535 3112	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:54:03.0566 3112	BrSerWdm - ok
19:54:03.0644 3112	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:54:03.0660 3112	BrUsbMdm - ok
19:54:03.0754 3112	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:54:03.0769 3112	BrUsbSer - ok
19:54:03.0800 3112	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
19:54:03.0863 3112	BthEnum - ok
19:54:03.0925 3112	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:54:03.0972 3112	BTHMODEM - ok
19:54:04.0050 3112	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:54:04.0081 3112	BthPan - ok
19:54:04.0206 3112	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:54:04.0253 3112	BTHPORT - ok
19:54:04.0315 3112	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:54:04.0378 3112	bthserv - ok
19:54:04.0440 3112	BTHSSecurityMgr (af9fe631d24147249c6282f8fbdc1963) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:54:04.0440 3112	BTHSSecurityMgr - ok
19:54:04.0518 3112	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:54:04.0549 3112	BTHUSB - ok
19:54:04.0658 3112	btmaux          (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
19:54:04.0658 3112	btmaux - ok
19:54:04.0736 3112	btmhsf          (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
19:54:04.0799 3112	btmhsf - ok
19:54:04.0955 3112	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:54:05.0033 3112	cdfs - ok
19:54:05.0111 3112	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:54:05.0126 3112	cdrom - ok
19:54:05.0236 3112	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:05.0282 3112	CertPropSvc - ok
19:54:05.0392 3112	CGVPNCliSrvc    (d46a2f17c1d0f8637c115ebcb34aeebb) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
19:54:05.0454 3112	CGVPNCliSrvc - ok
19:54:05.0516 3112	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:54:05.0548 3112	circlass - ok
19:54:05.0672 3112	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:54:05.0688 3112	CLFS - ok
19:54:05.0766 3112	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:54:05.0766 3112	clr_optimization_v2.0.50727_32 - ok
19:54:05.0828 3112	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:54:05.0844 3112	clr_optimization_v2.0.50727_64 - ok
19:54:05.0891 3112	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:54:05.0906 3112	clr_optimization_v4.0.30319_32 - ok
19:54:05.0969 3112	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:54:05.0984 3112	clr_optimization_v4.0.30319_64 - ok
19:54:06.0078 3112	clwvd           (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
19:54:06.0094 3112	clwvd - ok
19:54:06.0156 3112	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:54:06.0187 3112	CmBatt - ok
19:54:06.0281 3112	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:54:06.0296 3112	cmdide - ok
19:54:06.0328 3112	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:54:06.0359 3112	CNG - ok
19:54:06.0421 3112	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:54:06.0437 3112	Compbatt - ok
19:54:06.0515 3112	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:54:06.0546 3112	CompositeBus - ok
19:54:06.0608 3112	COMSysApp - ok
19:54:06.0640 3112	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:54:06.0655 3112	crcdisk - ok
19:54:06.0718 3112	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:54:06.0780 3112	CryptSvc - ok
19:54:06.0936 3112	cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:54:06.0952 3112	cvhsvc - ok
19:54:07.0076 3112	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:07.0154 3112	DcomLaunch - ok
19:54:07.0232 3112	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:54:07.0279 3112	defragsvc - ok
19:54:07.0373 3112	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:54:07.0420 3112	DfsC - ok
19:54:07.0544 3112	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:54:07.0607 3112	Dhcp - ok
19:54:07.0685 3112	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:54:07.0763 3112	discache - ok
19:54:07.0856 3112	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:54:07.0856 3112	Disk - ok
19:54:07.0966 3112	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:54:08.0044 3112	Dnscache - ok
19:54:08.0246 3112	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:54:08.0309 3112	dot3svc - ok
19:54:08.0402 3112	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:54:08.0449 3112	DPS - ok
19:54:08.0543 3112	DRHARD64        (2a53aa388eb00fb6c57d43dbfe89c972) C:\Windows\system32\drivers\DRHARD64.sys
19:54:08.0543 3112	DRHARD64 - ok
19:54:08.0590 3112	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:54:08.0621 3112	drmkaud - ok
19:54:08.0714 3112	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:54:08.0746 3112	DXGKrnl - ok
19:54:08.0792 3112	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:54:08.0824 3112	EapHost - ok
19:54:09.0011 3112	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:54:09.0120 3112	ebdrv - ok
19:54:09.0229 3112	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:54:09.0276 3112	EFS - ok
19:54:09.0370 3112	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:54:09.0463 3112	ehRecvr - ok
19:54:09.0510 3112	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:54:09.0541 3112	ehSched - ok
19:54:09.0635 3112	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:54:09.0666 3112	elxstor - ok
19:54:09.0728 3112	EPSON_EB_RPCV4_01 (b5581646636759d0dafa8b008881c079) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
19:54:09.0728 3112	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
19:54:09.0728 3112	EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
19:54:09.0744 3112	EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
19:54:09.0760 3112	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
19:54:09.0760 3112	EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
19:54:09.0822 3112	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:54:09.0853 3112	ErrDev - ok
19:54:09.0947 3112	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:54:10.0009 3112	EventSystem - ok
19:54:10.0103 3112	EvtEng          (23e539016fb73c9a095270cdb9451bed) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:54:10.0134 3112	EvtEng - ok
19:54:10.0228 3112	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:54:10.0290 3112	exfat - ok
19:54:10.0368 3112	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:54:10.0430 3112	fastfat - ok
19:54:10.0493 3112	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:54:10.0555 3112	Fax - ok
19:54:10.0649 3112	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:54:10.0680 3112	fdc - ok
19:54:10.0742 3112	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:54:10.0805 3112	fdPHost - ok
19:54:10.0898 3112	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:54:10.0945 3112	FDResPub - ok
19:54:11.0039 3112	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:54:11.0054 3112	FileInfo - ok
19:54:11.0070 3112	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:54:11.0132 3112	Filetrace - ok
19:54:11.0226 3112	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:54:11.0273 3112	flpydisk - ok
19:54:11.0335 3112	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:54:11.0351 3112	FltMgr - ok
19:54:11.0444 3112	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:54:11.0522 3112	FontCache - ok
19:54:11.0600 3112	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:54:11.0616 3112	FontCache3.0.0.0 - ok
19:54:11.0694 3112	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:54:11.0694 3112	FsDepends - ok
19:54:11.0772 3112	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:54:11.0788 3112	Fs_Rec - ok
19:54:11.0866 3112	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:54:11.0881 3112	fvevol - ok
19:54:11.0912 3112	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:54:11.0928 3112	gagp30kx - ok
19:54:11.0990 3112	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:54:12.0006 3112	GEARAspiWDM - ok
19:54:12.0115 3112	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:54:12.0178 3112	gpsvc - ok
19:54:12.0271 3112	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:12.0271 3112	gupdate - ok
19:54:12.0318 3112	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:54:12.0318 3112	gupdatem - ok
19:54:12.0349 3112	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:54:12.0349 3112	gusvc - ok
19:54:12.0427 3112	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:54:12.0490 3112	hcw85cir - ok
19:54:12.0568 3112	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:54:12.0599 3112	HdAudAddService - ok
19:54:12.0677 3112	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:54:12.0708 3112	HDAudBus - ok
19:54:12.0786 3112	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:54:12.0833 3112	HidBatt - ok
19:54:13.0067 3112	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:54:13.0098 3112	HidBth - ok
19:54:13.0192 3112	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:54:13.0207 3112	HidIr - ok
19:54:13.0270 3112	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:54:13.0332 3112	hidserv - ok
19:54:13.0410 3112	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:54:13.0410 3112	HidUsb - ok
19:54:13.0504 3112	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:54:13.0566 3112	hkmsvc - ok
19:54:13.0644 3112	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:54:13.0691 3112	HomeGroupListener - ok
19:54:13.0784 3112	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:54:13.0831 3112	HomeGroupProvider - ok
19:54:13.0894 3112	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:54:13.0909 3112	HpSAMD - ok
19:54:13.0972 3112	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:54:14.0034 3112	HTTP - ok
19:54:14.0112 3112	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:54:14.0128 3112	hwpolicy - ok
19:54:14.0252 3112	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:54:14.0268 3112	i8042prt - ok
19:54:14.0346 3112	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:54:14.0362 3112	iaStor - ok
19:54:14.0440 3112	IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:54:14.0440 3112	IAStorDataMgrSvc - ok
19:54:14.0518 3112	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:54:14.0533 3112	iaStorV - ok
19:54:14.0627 3112	iBtFltCoex      (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:54:14.0642 3112	iBtFltCoex - ok
19:54:14.0736 3112	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:54:14.0752 3112	idsvc - ok
19:54:15.0048 3112	igfx            (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:54:15.0391 3112	igfx - ok
19:54:15.0532 3112	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:54:15.0532 3112	iirsp - ok
19:54:15.0610 3112	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:54:15.0688 3112	IKEEXT - ok
19:54:15.0828 3112	IntcAzAudAddService (e7b8803bd792aa1a11383199e61d38d6) C:\Windows\system32\drivers\RTKVHD64.sys
19:54:15.0890 3112	IntcAzAudAddService - ok
19:54:15.0968 3112	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:54:16.0015 3112	IntcDAud - ok
19:54:16.0124 3112	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:54:16.0140 3112	intelide - ok
19:54:16.0171 3112	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:54:16.0202 3112	intelppm - ok
19:54:16.0374 3112	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:54:16.0421 3112	IPBusEnum - ok
19:54:16.0546 3112	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:54:16.0592 3112	IpFilterDriver - ok
19:54:16.0717 3112	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:54:16.0795 3112	iphlpsvc - ok
19:54:16.0873 3112	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:54:16.0904 3112	IPMIDRV - ok
19:54:16.0982 3112	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:54:17.0029 3112	IPNAT - ok
19:54:17.0107 3112	iPod Service    (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
19:54:17.0123 3112	iPod Service - ok
19:54:17.0185 3112	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:54:17.0232 3112	IRENUM - ok
19:54:17.0310 3112	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:54:17.0326 3112	isapnp - ok
19:54:17.0357 3112	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:54:17.0372 3112	iScsiPrt - ok
19:54:17.0450 3112	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:54:17.0466 3112	kbdclass - ok
19:54:17.0575 3112	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:54:17.0606 3112	kbdhid - ok
19:54:17.0684 3112	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:17.0684 3112	KeyIso - ok
19:54:17.0731 3112	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:54:17.0747 3112	KSecDD - ok
19:54:17.0794 3112	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:54:17.0809 3112	KSecPkg - ok
19:54:17.0887 3112	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:54:17.0934 3112	ksthunk - ok
19:54:18.0074 3112	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:54:18.0137 3112	KtmRm - ok
19:54:18.0215 3112	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:54:18.0230 3112	L1C - ok
19:54:18.0308 3112	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:54:18.0371 3112	LanmanServer - ok
19:54:18.0433 3112	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:54:18.0480 3112	LanmanWorkstation - ok
19:54:18.0574 3112	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:54:18.0620 3112	lltdio - ok
19:54:18.0730 3112	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:54:18.0776 3112	lltdsvc - ok
19:54:18.0854 3112	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:54:18.0901 3112	lmhosts - ok
19:54:19.0010 3112	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:54:19.0026 3112	LSI_FC - ok
19:54:19.0042 3112	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:54:19.0057 3112	LSI_SAS - ok
19:54:19.0120 3112	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:54:19.0135 3112	LSI_SAS2 - ok
19:54:19.0322 3112	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:54:19.0338 3112	LSI_SCSI - ok
19:54:19.0416 3112	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:54:19.0478 3112	luafv - ok
19:54:19.0572 3112	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:54:19.0572 3112	MBAMProtector - ok
19:54:19.0681 3112	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:54:19.0697 3112	MBAMService - ok
19:54:19.0775 3112	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:54:19.0806 3112	Mcx2Svc - ok
19:54:19.0900 3112	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:54:19.0900 3112	megasas - ok
19:54:19.0978 3112	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:54:19.0993 3112	MegaSR - ok
19:54:20.0102 3112	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:20.0149 3112	MMCSS - ok
19:54:20.0243 3112	mod7764         (97b041bb78636edc0a7b0ab68c98eb9b) C:\Windows\system32\DRIVERS\mod77-64.sys
19:54:20.0274 3112	mod7764 - ok
19:54:20.0352 3112	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:54:20.0383 3112	Modem - ok
19:54:20.0446 3112	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:54:20.0492 3112	monitor - ok
19:54:20.0570 3112	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:54:20.0570 3112	mouclass - ok
19:54:20.0648 3112	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:54:20.0680 3112	mouhid - ok
19:54:20.0773 3112	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:54:20.0773 3112	mountmgr - ok
19:54:20.0851 3112	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:54:20.0867 3112	mpio - ok
19:54:20.0945 3112	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:54:20.0976 3112	mpsdrv - ok
19:54:21.0116 3112	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:54:21.0163 3112	MpsSvc - ok
19:54:21.0241 3112	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:54:21.0288 3112	MRxDAV - ok
19:54:21.0366 3112	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:54:21.0428 3112	mrxsmb - ok
19:54:21.0538 3112	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:54:21.0569 3112	mrxsmb10 - ok
19:54:21.0647 3112	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:54:21.0678 3112	mrxsmb20 - ok
19:54:21.0772 3112	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:54:21.0772 3112	msahci - ok
19:54:21.0850 3112	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:54:21.0865 3112	msdsm - ok
19:54:21.0943 3112	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:54:21.0990 3112	MSDTC - ok
19:54:22.0068 3112	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:54:22.0115 3112	Msfs - ok
19:54:22.0177 3112	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:54:22.0224 3112	mshidkmdf - ok
19:54:22.0318 3112	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:54:22.0333 3112	msisadrv - ok
19:54:22.0396 3112	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:54:22.0442 3112	MSiSCSI - ok
19:54:22.0505 3112	msiserver - ok
19:54:22.0552 3112	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:54:22.0598 3112	MSKSSRV - ok
19:54:22.0676 3112	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:54:22.0723 3112	MSPCLOCK - ok
19:54:22.0848 3112	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:54:22.0910 3112	MSPQM - ok
19:54:22.0988 3112	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:54:23.0004 3112	MsRPC - ok
19:54:23.0082 3112	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:54:23.0098 3112	mssmbios - ok
19:54:23.0176 3112	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:54:23.0222 3112	MSTEE - ok
19:54:23.0316 3112	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:54:23.0332 3112	MTConfig - ok
19:54:23.0441 3112	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:54:23.0441 3112	Mup - ok
19:54:23.0503 3112	MyWiFiDHCPDNS   (1571e40ee767b28df9a94b68d69c9605) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:54:23.0519 3112	MyWiFiDHCPDNS - ok
19:54:23.0644 3112	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:54:23.0690 3112	napagent - ok
19:54:23.0800 3112	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:54:23.0831 3112	NativeWifiP - ok
19:54:23.0924 3112	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:54:23.0956 3112	NDIS - ok
19:54:24.0034 3112	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:54:24.0080 3112	NdisCap - ok
19:54:24.0158 3112	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:54:24.0221 3112	NdisTapi - ok
19:54:24.0268 3112	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:54:24.0314 3112	Ndisuio - ok
19:54:24.0439 3112	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:54:24.0486 3112	NdisWan - ok
19:54:24.0564 3112	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:54:24.0611 3112	NDProxy - ok
19:54:24.0673 3112	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:54:24.0736 3112	NetBIOS - ok
19:54:24.0829 3112	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:54:24.0892 3112	NetBT - ok
19:54:24.0970 3112	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:24.0985 3112	Netlogon - ok
19:54:25.0110 3112	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:54:25.0157 3112	Netman - ok
19:54:25.0250 3112	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:54:25.0328 3112	netprofm - ok
19:54:25.0406 3112	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:54:25.0406 3112	NetTcpPortSharing - ok
19:54:25.0672 3112	NETwNs64        (2b26c8a6b4fb519e1849101a10e6c68d) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:54:25.0937 3112	NETwNs64 - ok
19:54:26.0015 3112	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:54:26.0030 3112	nfrd960 - ok
19:54:26.0140 3112	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:54:26.0186 3112	NlaSvc - ok
19:54:26.0264 3112	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:54:26.0296 3112	Npfs - ok
19:54:26.0358 3112	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:54:26.0389 3112	nsi - ok
19:54:26.0452 3112	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:54:26.0514 3112	nsiproxy - ok
19:54:26.0608 3112	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:54:26.0654 3112	Ntfs - ok
19:54:26.0748 3112	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:54:26.0810 3112	Null - ok
19:54:26.0904 3112	nusb3hub        (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\drivers\nusb3hub.sys
19:54:26.0966 3112	nusb3hub - ok
19:54:27.0044 3112	nusb3xhc        (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\drivers\nusb3xhc.sys
19:54:27.0091 3112	nusb3xhc - ok
19:54:27.0216 3112	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:54:27.0232 3112	nvraid - ok
19:54:27.0310 3112	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:54:27.0325 3112	nvstor - ok
19:54:27.0419 3112	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:54:27.0419 3112	nv_agp - ok
19:54:27.0481 3112	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:54:27.0512 3112	ohci1394 - ok
19:54:27.0575 3112	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:54:27.0590 3112	ose - ok
19:54:27.0746 3112	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:54:27.0902 3112	osppsvc - ok
19:54:28.0074 3112	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:28.0183 3112	p2pimsvc - ok
19:54:28.0246 3112	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:54:28.0277 3112	p2psvc - ok
19:54:28.0370 3112	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:54:28.0402 3112	Parport - ok
19:54:28.0480 3112	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:54:28.0495 3112	partmgr - ok
19:54:28.0558 3112	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:54:28.0604 3112	PcaSvc - ok
19:54:28.0682 3112	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:54:28.0698 3112	pci - ok
19:54:28.0776 3112	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:54:28.0792 3112	pciide - ok
19:54:28.0823 3112	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:54:28.0838 3112	pcmcia - ok
19:54:28.0901 3112	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:54:28.0901 3112	pcw - ok
19:54:29.0010 3112	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:54:29.0072 3112	PEAUTH - ok
19:54:29.0166 3112	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:54:29.0213 3112	PerfHost - ok
19:54:29.0306 3112	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:54:29.0384 3112	pla - ok
19:54:29.0478 3112	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:54:29.0540 3112	PlugPlay - ok
19:54:29.0618 3112	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:54:29.0650 3112	PNRPAutoReg - ok
19:54:29.0728 3112	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:54:29.0743 3112	PNRPsvc - ok
19:54:29.0837 3112	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:54:29.0899 3112	PolicyAgent - ok
19:54:29.0962 3112	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:54:30.0024 3112	Power - ok
19:54:30.0086 3112	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:54:30.0180 3112	PptpMiniport - ok
19:54:30.0289 3112	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:54:30.0336 3112	Processor - ok
19:54:30.0523 3112	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:54:30.0570 3112	ProfSvc - ok
19:54:30.0632 3112	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:30.0648 3112	ProtectedStorage - ok
19:54:30.0695 3112	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:54:30.0757 3112	Psched - ok
19:54:30.0804 3112	PSI_SVC_2       (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:54:30.0820 3112	PSI_SVC_2 - ok
19:54:30.0929 3112	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:54:30.0976 3112	ql2300 - ok
19:54:31.0054 3112	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:54:31.0069 3112	ql40xx - ok
19:54:31.0194 3112	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:54:31.0210 3112	QWAVE - ok
19:54:31.0334 3112	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:54:31.0366 3112	QWAVEdrv - ok
19:54:31.0444 3112	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:54:31.0490 3112	RasAcd - ok
19:54:31.0615 3112	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:54:31.0678 3112	RasAgileVpn - ok
19:54:31.0787 3112	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:54:31.0834 3112	RasAuto - ok
19:54:31.0912 3112	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:54:31.0974 3112	Rasl2tp - ok
19:54:32.0036 3112	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:54:32.0083 3112	RasMan - ok
19:54:32.0192 3112	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:54:32.0255 3112	RasPppoe - ok
19:54:32.0317 3112	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:54:32.0380 3112	RasSstp - ok
19:54:32.0458 3112	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:54:32.0520 3112	rdbss - ok
19:54:32.0598 3112	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:54:32.0629 3112	rdpbus - ok
19:54:32.0707 3112	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:54:32.0770 3112	RDPCDD - ok
19:54:32.0848 3112	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:54:32.0894 3112	RDPENCDD - ok
19:54:32.0988 3112	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:54:33.0050 3112	RDPREFMP - ok
19:54:33.0128 3112	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:54:33.0191 3112	RDPWD - ok
19:54:33.0269 3112	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:54:33.0284 3112	rdyboost - ok
19:54:33.0378 3112	RegSrvc         (156757a092b9350f475d24353239e78e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:54:33.0409 3112	RegSrvc - ok
19:54:33.0503 3112	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:54:33.0534 3112	RemoteAccess - ok
19:54:33.0612 3112	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:54:33.0674 3112	RemoteRegistry - ok
19:54:33.0737 3112	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:54:33.0768 3112	RFCOMM - ok
19:54:33.0862 3112	RichVideo       (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:54:33.0862 3112	RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:54:33.0862 3112	RichVideo - detected UnsignedFile.Multi.Generic (1)
19:54:33.0940 3112	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:54:33.0971 3112	RpcEptMapper - ok
19:54:34.0064 3112	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:54:34.0096 3112	RpcLocator - ok
19:54:34.0158 3112	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:54:34.0205 3112	RpcSs - ok
19:54:34.0267 3112	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:54:34.0330 3112	rspndr - ok
19:54:34.0423 3112	RSUSBVSTOR      (89dfb71b370d82dfe75183f677043cee) C:\Windows\System32\Drivers\RtsUVStor.sys
19:54:34.0439 3112	RSUSBVSTOR - ok
19:54:34.0517 3112	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:34.0532 3112	SamSs - ok
19:54:34.0579 3112	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:54:34.0595 3112	sbp2port - ok
19:54:34.0766 3112	SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:54:34.0813 3112	SBSDWSCService - ok
19:54:34.0876 3112	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:54:34.0954 3112	SCardSvr - ok
19:54:35.0000 3112	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:54:35.0047 3112	scfilter - ok
19:54:35.0156 3112	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:54:35.0219 3112	Schedule - ok
19:54:35.0312 3112	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:54:35.0344 3112	SCPolicySvc - ok
19:54:35.0406 3112	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:54:35.0453 3112	SDRSVC - ok
19:54:35.0531 3112	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:54:35.0593 3112	secdrv - ok
19:54:35.0656 3112	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:54:35.0718 3112	seclogon - ok
19:54:35.0812 3112	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:54:35.0858 3112	SENS - ok
19:54:35.0952 3112	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:54:35.0999 3112	SensrSvc - ok
19:54:36.0077 3112	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:54:36.0092 3112	Serenum - ok
19:54:36.0217 3112	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:54:36.0233 3112	Serial - ok
19:54:36.0326 3112	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:54:36.0373 3112	sermouse - ok
19:54:36.0451 3112	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:54:36.0498 3112	SessionEnv - ok
19:54:36.0623 3112	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:54:36.0654 3112	sffdisk - ok
19:54:36.0748 3112	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:54:36.0779 3112	sffp_mmc - ok
19:54:36.0841 3112	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:54:36.0872 3112	sffp_sd - ok
19:54:36.0982 3112	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:54:37.0013 3112	sfloppy - ok
19:54:37.0091 3112	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:54:37.0138 3112	Sftfs - ok
19:54:37.0231 3112	sftlist         (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:54:37.0247 3112	sftlist - ok
19:54:37.0356 3112	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:54:37.0356 3112	Sftplay - ok
19:54:37.0496 3112	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:54:37.0512 3112	Sftredir - ok
19:54:37.0590 3112	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:54:37.0606 3112	Sftvol - ok
19:54:37.0699 3112	sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:54:37.0699 3112	sftvsa - ok
19:54:37.0808 3112	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:54:37.0871 3112	SharedAccess - ok
19:54:37.0980 3112	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:54:38.0042 3112	ShellHWDetection - ok
19:54:38.0136 3112	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:54:38.0136 3112	SiSRaid2 - ok
19:54:38.0214 3112	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:54:38.0230 3112	SiSRaid4 - ok
19:54:38.0308 3112	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:54:38.0339 3112	Smb - ok
19:54:38.0432 3112	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:54:38.0479 3112	SNMPTRAP - ok
19:54:38.0557 3112	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:54:38.0573 3112	spldr - ok
19:54:38.0698 3112	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:54:38.0744 3112	Spooler - ok
19:54:38.0869 3112	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:54:38.0978 3112	sppsvc - ok
19:54:39.0103 3112	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:54:39.0134 3112	sppuinotify - ok
19:54:39.0181 3112	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:54:39.0244 3112	srv - ok
19:54:39.0337 3112	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:54:39.0368 3112	srv2 - ok
19:54:39.0462 3112	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:54:39.0493 3112	srvnet - ok
19:54:39.0618 3112	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:54:39.0680 3112	SSDPSRV - ok
19:54:39.0805 3112	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:54:39.0852 3112	SstpSvc - ok
19:54:39.0946 3112	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:54:39.0961 3112	stexstor - ok
19:54:40.0055 3112	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:54:40.0117 3112	stisvc - ok
19:54:40.0211 3112	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:54:40.0226 3112	swenum - ok
19:54:40.0304 3112	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:54:40.0351 3112	swprv - ok
19:54:40.0398 3112	SynTP           (b3ad15fa10ebeafc1275f34050e4e230) C:\Windows\system32\drivers\SynTP.sys
19:54:40.0445 3112	SynTP - ok
19:54:40.0585 3112	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:54:40.0648 3112	SysMain - ok
19:54:40.0772 3112	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:54:40.0788 3112	TabletInputService - ok
19:54:40.0882 3112	tap0901         (4ef44915e522f3ecd1a3ff540aa64126) C:\Windows\system32\DRIVERS\tap0901.sys
19:54:40.0928 3112	tap0901 - ok
19:54:41.0006 3112	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:54:41.0069 3112	TapiSrv - ok
19:54:41.0178 3112	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:54:41.0225 3112	TBS - ok
19:54:41.0303 3112	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:54:41.0350 3112	Tcpip - ok
19:54:41.0459 3112	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:54:41.0490 3112	TCPIP6 - ok
19:54:41.0584 3112	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:54:41.0646 3112	tcpipreg - ok
19:54:41.0724 3112	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:54:41.0740 3112	TDPIPE - ok
19:54:41.0833 3112	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:54:41.0864 3112	TDTCP - ok
19:54:41.0942 3112	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:54:41.0989 3112	tdx - ok
19:54:42.0083 3112	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:54:42.0083 3112	TermDD - ok
19:54:42.0176 3112	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:54:42.0239 3112	TermService - ok
19:54:42.0348 3112	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:54:42.0379 3112	Themes - ok
19:54:42.0473 3112	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:54:42.0504 3112	THREADORDER - ok
19:54:42.0566 3112	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:54:42.0629 3112	TrkWks - ok
19:54:42.0691 3112	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:54:42.0754 3112	TrustedInstaller - ok
19:54:42.0847 3112	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:54:42.0910 3112	tssecsrv - ok
19:54:42.0988 3112	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:54:43.0034 3112	TsUsbFlt - ok
19:54:43.0112 3112	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:54:43.0144 3112	TsUsbGD - ok
19:54:43.0315 3112	TuneUp.Defrag   (41a3f69fbb7ca37a3fc5cd8ef424f199) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
19:54:43.0331 3112	TuneUp.Defrag - ok
19:54:43.0549 3112	TuneUp.UtilitiesSvc (eba3abffdada40a2b590adef1a24ca24) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
19:54:43.0580 3112	TuneUp.UtilitiesSvc - ok
19:54:43.0674 3112	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
19:54:43.0674 3112	TuneUpUtilitiesDrv - ok
19:54:43.0830 3112	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:54:43.0892 3112	tunnel - ok
19:54:43.0970 3112	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:54:43.0970 3112	uagp35 - ok
19:54:44.0048 3112	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:54:44.0111 3112	udfs - ok
19:54:44.0189 3112	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:54:44.0220 3112	UI0Detect - ok
19:54:44.0314 3112	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:54:44.0329 3112	uliagpkx - ok
19:54:44.0360 3112	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:54:44.0376 3112	umbus - ok
19:54:44.0454 3112	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:54:44.0470 3112	UmPass - ok
19:54:44.0594 3112	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:54:44.0657 3112	upnphost - ok
19:54:44.0750 3112	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:54:44.0782 3112	USBAAPL64 - ok
19:54:44.0875 3112	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:54:44.0922 3112	usbccgp - ok
19:54:45.0016 3112	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:54:45.0062 3112	usbcir - ok
19:54:45.0281 3112	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:54:45.0296 3112	usbehci - ok
19:54:45.0406 3112	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:54:45.0437 3112	usbhub - ok
19:54:45.0515 3112	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:54:45.0546 3112	usbohci - ok
19:54:45.0640 3112	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:54:45.0671 3112	usbprint - ok
19:54:45.0764 3112	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:54:45.0796 3112	usbscan - ok
19:54:45.0874 3112	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:54:45.0936 3112	USBSTOR - ok
19:54:46.0045 3112	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:54:46.0076 3112	usbuhci - ok
19:54:46.0232 3112	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:54:46.0279 3112	UxSms - ok
19:54:46.0357 3112	UxTuneUp        (9ac0c072fd7ede138842bef7da73b0e6) C:\Windows\System32\uxtuneup.dll
19:54:46.0373 3112	UxTuneUp - ok
19:54:46.0451 3112	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:54:46.0466 3112	VaultSvc - ok
19:54:46.0513 3112	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:54:46.0529 3112	vdrvroot - ok
19:54:46.0638 3112	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:54:46.0685 3112	vds - ok
19:54:46.0763 3112	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:54:46.0778 3112	vga - ok
19:54:46.0856 3112	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:54:46.0903 3112	VgaSave - ok
19:54:47.0012 3112	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:54:47.0028 3112	vhdmp - ok
19:54:47.0106 3112	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:54:47.0122 3112	viaide - ok
19:54:47.0200 3112	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:54:47.0200 3112	volmgr - ok
19:54:47.0293 3112	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:54:47.0309 3112	volmgrx - ok
19:54:47.0356 3112	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:54:47.0356 3112	volsnap - ok
19:54:47.0418 3112	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:54:47.0434 3112	vsmraid - ok
19:54:47.0480 3112	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:54:47.0558 3112	VSS - ok
19:54:47.0683 3112	vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
19:54:47.0699 3112	vToolbarUpdater10.2.0 - ok
19:54:47.0761 3112	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:54:47.0792 3112	vwifibus - ok
19:54:47.0917 3112	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:54:47.0964 3112	vwififlt - ok
19:54:48.0026 3112	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:54:48.0073 3112	vwifimp - ok
19:54:48.0151 3112	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:54:48.0214 3112	W32Time - ok
19:54:48.0323 3112	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:54:48.0354 3112	WacomPen - ok
19:54:48.0432 3112	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:48.0479 3112	WANARP - ok
19:54:48.0494 3112	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:54:48.0526 3112	Wanarpv6 - ok
19:54:48.0588 3112	watchmi         (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
19:54:48.0619 3112	watchmi ( UnsignedFile.Multi.Generic ) - warning
19:54:48.0619 3112	watchmi - detected UnsignedFile.Multi.Generic (1)
19:54:48.0744 3112	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:54:48.0806 3112	wbengine - ok
19:54:48.0900 3112	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:54:48.0947 3112	WbioSrvc - ok
19:54:49.0009 3112	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:54:49.0056 3112	wcncsvc - ok
19:54:49.0196 3112	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:54:49.0243 3112	WcsPlugInService - ok
19:54:49.0321 3112	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:54:49.0337 3112	Wd - ok
19:54:49.0399 3112	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:54:49.0415 3112	Wdf01000 - ok
19:54:49.0477 3112	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:49.0540 3112	WdiServiceHost - ok
19:54:49.0540 3112	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:54:49.0555 3112	WdiSystemHost - ok
19:54:49.0618 3112	wdkmd           (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
19:54:49.0618 3112	wdkmd - ok
19:54:49.0696 3112	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:54:49.0711 3112	WebClient - ok
19:54:49.0789 3112	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:54:49.0820 3112	Wecsvc - ok
19:54:49.0883 3112	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:54:49.0945 3112	wercplsupport - ok
19:54:50.0023 3112	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:54:50.0070 3112	WerSvc - ok
19:54:50.0164 3112	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:54:50.0195 3112	WfpLwf - ok
19:54:50.0226 3112	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:54:50.0226 3112	WIMMount - ok
19:54:50.0273 3112	WinDefend - ok
19:54:50.0273 3112	WinHttpAutoProxySvc - ok
19:54:50.0398 3112	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:54:50.0460 3112	Winmgmt - ok
19:54:50.0616 3112	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:54:50.0694 3112	WinRM - ok
19:54:50.0850 3112	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:54:50.0866 3112	WinUsb - ok
19:54:50.0928 3112	WisLMSvc        (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
19:54:50.0928 3112	WisLMSvc - ok
19:54:51.0068 3112	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:54:51.0146 3112	Wlansvc - ok
19:54:51.0240 3112	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:54:51.0256 3112	wlcrasvc - ok
19:54:51.0396 3112	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:54:51.0474 3112	wlidsvc - ok
19:54:51.0536 3112	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:54:51.0536 3112	WmiAcpi - ok
19:54:51.0692 3112	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:54:51.0708 3112	wmiApSrv - ok
19:54:51.0739 3112	WMPNetworkSvc - ok
19:54:51.0817 3112	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:54:51.0833 3112	WPCSvc - ok
19:54:51.0942 3112	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:54:51.0989 3112	WPDBusEnum - ok
19:54:52.0082 3112	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:54:52.0114 3112	ws2ifsl - ok
19:54:52.0223 3112	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:54:52.0254 3112	wscsvc - ok
19:54:52.0332 3112	WSearch - ok
19:54:52.0472 3112	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:54:52.0550 3112	wuauserv - ok
19:54:52.0628 3112	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:54:52.0691 3112	WudfPf - ok
19:54:52.0769 3112	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:54:52.0831 3112	WUDFRd - ok
19:54:52.0925 3112	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:54:52.0956 3112	wudfsvc - ok
19:54:53.0034 3112	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:54:53.0065 3112	WwanSvc - ok
19:54:53.0174 3112	X10Hid          (baa813a76f5db6cc3c2ceab7d82b6972) C:\Windows\System32\Drivers\x10hid.sys
19:54:53.0190 3112	X10Hid - ok
19:54:53.0268 3112	x10nets         (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
19:54:53.0299 3112	x10nets ( UnsignedFile.Multi.Generic ) - warning
19:54:53.0299 3112	x10nets - detected UnsignedFile.Multi.Generic (1)
19:54:53.0393 3112	XUIF            (a4b2a8751a8f96134be6063b8a759116) C:\Windows\system32\Drivers\x10ufx2.sys
19:54:53.0408 3112	XUIF - ok
19:54:53.0455 3112	MBR (0x1B8)     (01c6ae8eadd5f5b4c22dd5848d9cb4b9) \Device\Harddisk0\DR0
19:54:55.0936 3112	\Device\Harddisk0\DR0 - ok
19:54:55.0967 3112	Boot (0x1200)   (29d658ab03047f0aad8bc5d2552b4fac) \Device\Harddisk0\DR0\Partition0
19:54:55.0967 3112	\Device\Harddisk0\DR0\Partition0 - ok
19:54:55.0982 3112	Boot (0x1200)   (ffd155fd02e253d892b7cd9864fd795d) \Device\Harddisk0\DR0\Partition1
19:54:55.0982 3112	\Device\Harddisk0\DR0\Partition1 - ok
19:54:56.0014 3112	Boot (0x1200)   (7b8a5632e986a97e74617f3f9101b17a) \Device\Harddisk0\DR0\Partition2
19:54:56.0014 3112	\Device\Harddisk0\DR0\Partition2 - ok
19:54:56.0014 3112	============================================================
19:54:56.0014 3112	Scan finished
19:54:56.0014 3112	============================================================
19:54:56.0029 4056	Detected object count: 5
19:54:56.0029 4056	Actual detected object count: 5
19:55:35.0123 4056	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:35.0123 4056	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:35.0123 4056	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:35.0123 4056	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:35.0123 4056	RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:35.0123 4056	RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:35.0123 4056	watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:35.0123 4056	watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:35.0123 4056	x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:35.0123 4056	x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:37.0354 1612	============================================================

3Vx23² · 23.04.2012, 19:08

War zu groß für einen Post

Code:

ATTFilter

19:55:37.0354 1612	Scan started
19:55:37.0354 1612	Mode: Manual; SigCheck; TDLFS; 
19:55:37.0354 1612	============================================================
19:55:37.0541 1612	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
19:55:37.0557 1612	1394ohci - ok
19:55:37.0744 1612	ABBYY.Licensing.FineReader.Sprint.9.0 (b33cf4de909a5b30f526d82053a63c8e) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
19:55:37.0759 1612	ABBYY.Licensing.FineReader.Sprint.9.0 - ok
19:55:37.0915 1612	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
19:55:37.0915 1612	ACPI - ok
19:55:37.0993 1612	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
19:55:38.0009 1612	AcpiPmi - ok
19:55:38.0087 1612	AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:55:38.0087 1612	AdobeARMservice - ok
19:55:38.0227 1612	AdobeFlashPlayerUpdateSvc (0d4c486a24a711a45fd83acdf4d18506) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:55:38.0227 1612	AdobeFlashPlayerUpdateSvc - ok
19:55:38.0305 1612	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
19:55:38.0321 1612	adp94xx - ok
19:55:38.0399 1612	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
19:55:38.0415 1612	adpahci - ok
19:55:38.0477 1612	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
19:55:38.0493 1612	adpu320 - ok
19:55:38.0555 1612	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
19:55:38.0586 1612	AeLookupSvc - ok
19:55:38.0695 1612	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
19:55:38.0711 1612	AFD - ok
19:55:38.0789 1612	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
19:55:38.0789 1612	agp440 - ok
19:55:38.0883 1612	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
19:55:38.0898 1612	ALG - ok
19:55:38.0961 1612	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
19:55:38.0976 1612	aliide - ok
19:55:39.0039 1612	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
19:55:39.0054 1612	amdide - ok
19:55:39.0132 1612	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
19:55:39.0148 1612	AmdK8 - ok
19:55:39.0226 1612	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
19:55:39.0226 1612	AmdPPM - ok
19:55:39.0351 1612	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
19:55:39.0351 1612	amdsata - ok
19:55:39.0429 1612	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
19:55:39.0444 1612	amdsbs - ok
19:55:39.0538 1612	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
19:55:39.0553 1612	amdxata - ok
19:55:39.0616 1612	AMPPAL          (da11f970926c91646aaf872e019ed780) C:\Windows\system32\DRIVERS\AMPPAL.sys
19:55:39.0631 1612	AMPPAL - ok
19:55:39.0709 1612	AMPPALP         (da11f970926c91646aaf872e019ed780) C:\Windows\system32\DRIVERS\amppal.sys
19:55:39.0725 1612	AMPPALP - ok
19:55:39.0803 1612	AMPPALR3        (d32ea788018156ae505be68b39391ddf) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
19:55:39.0819 1612	AMPPALR3 - ok
19:55:39.0912 1612	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
19:55:39.0943 1612	AppID - ok
19:55:40.0006 1612	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
19:55:40.0037 1612	AppIDSvc - ok
19:55:40.0115 1612	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
19:55:40.0146 1612	Appinfo - ok
19:55:40.0240 1612	Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:55:40.0255 1612	Apple Mobile Device - ok
19:55:40.0333 1612	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
19:55:40.0349 1612	arc - ok
19:55:40.0380 1612	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
19:55:40.0380 1612	arcsas - ok
19:55:40.0443 1612	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
19:55:40.0474 1612	AsyncMac - ok
19:55:40.0552 1612	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
19:55:40.0567 1612	atapi - ok
19:55:40.0599 1612	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:55:40.0645 1612	AudioEndpointBuilder - ok
19:55:40.0645 1612	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
19:55:40.0692 1612	AudioSrv - ok
19:55:40.0817 1612	AVG Security Toolbar Service (3a457c2f798cad79cd30224e723e01fb) C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
19:55:40.0848 1612	AVG Security Toolbar Service - ok
19:55:40.0926 1612	AVGIDSDriver    (1b2e9fcdc26dc7c81d4131430e2dc936) C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:55:40.0926 1612	AVGIDSDriver - ok
19:55:41.0067 1612	AVGIDSEH        (9650578c511527e218328df6d311b4fa) C:\Windows\system32\DRIVERS\avgidseha.sys
19:55:41.0067 1612	AVGIDSEH - ok
19:55:41.0160 1612	AVGIDSFilter    (0f293406f64b48d5d2f0d3a1117f3a83) C:\Windows\system32\DRIVERS\avgidsfiltera.sys
19:55:41.0176 1612	AVGIDSFilter - ok
19:55:41.0223 1612	Avgldx64        (59955b4c288dd2a8b9fd2cd5158355c5) C:\Windows\system32\DRIVERS\avgldx64.sys
19:55:41.0223 1612	Avgldx64 - ok
19:55:41.0238 1612	Avgmfx64        (a6aec362aae5e2dda7445e7690cb0f33) C:\Windows\system32\DRIVERS\avgmfx64.sys
19:55:41.0254 1612	Avgmfx64 - ok
19:55:41.0285 1612	Avgrkx64 - ok
19:55:41.0347 1612	Avgtdia         (e601444168adfb78afa22a1e270d9253) C:\Windows\system32\DRIVERS\avgtdia.sys
19:55:41.0363 1612	Avgtdia - ok
19:55:41.0472 1612	avgwd           (ea1145debcd508fd25bd1e95c4346929) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
19:55:41.0472 1612	avgwd - ok
19:55:41.0597 1612	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
19:55:41.0613 1612	AxInstSV - ok
19:55:41.0691 1612	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
19:55:41.0706 1612	b06bdrv - ok
19:55:41.0815 1612	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
19:55:41.0831 1612	b57nd60a - ok
19:55:41.0893 1612	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
19:55:41.0893 1612	BDESVC - ok
19:55:41.0971 1612	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
19:55:42.0003 1612	Beep - ok
19:55:42.0112 1612	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
19:55:42.0143 1612	BFE - ok
19:55:42.0237 1612	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
19:55:42.0283 1612	BITS - ok
19:55:42.0361 1612	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
19:55:42.0377 1612	blbdrive - ok
19:55:42.0471 1612	Bluetooth Device Monitor (832314a5ac804dee429a009a3d41b99b) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
19:55:42.0502 1612	Bluetooth Device Monitor - ok
19:55:42.0611 1612	Bluetooth Media Service (35c701c5a286543973f0fc8bc195515e) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
19:55:42.0642 1612	Bluetooth Media Service - ok
19:55:42.0751 1612	Bluetooth OBEX Service (a475d68b03febf6c371f0d9644c2e12d) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
19:55:42.0767 1612	Bluetooth OBEX Service - ok
19:55:42.0876 1612	Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
19:55:42.0892 1612	Bonjour Service - ok
19:55:42.0954 1612	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
19:55:42.0970 1612	bowser - ok
19:55:43.0048 1612	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
19:55:43.0063 1612	BrFiltLo - ok
19:55:43.0126 1612	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
19:55:43.0126 1612	BrFiltUp - ok
19:55:43.0204 1612	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
19:55:43.0235 1612	Browser - ok
19:55:43.0329 1612	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
19:55:43.0344 1612	Brserid - ok
19:55:43.0422 1612	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
19:55:43.0438 1612	BrSerWdm - ok
19:55:43.0531 1612	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
19:55:43.0547 1612	BrUsbMdm - ok
19:55:43.0609 1612	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
19:55:43.0625 1612	BrUsbSer - ok
19:55:43.0719 1612	BthEnum         (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\DRIVERS\BthEnum.sys
19:55:43.0734 1612	BthEnum - ok
19:55:43.0750 1612	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
19:55:43.0765 1612	BTHMODEM - ok
19:55:43.0843 1612	BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
19:55:43.0859 1612	BthPan - ok
19:55:43.0968 1612	BTHPORT         (64c198198501f7560ee41d8d1efa7952) C:\Windows\system32\Drivers\BTHport.sys
19:55:43.0984 1612	BTHPORT - ok
19:55:44.0062 1612	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
19:55:44.0093 1612	bthserv - ok
19:55:44.0187 1612	BTHSSecurityMgr (af9fe631d24147249c6282f8fbdc1963) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
19:55:44.0187 1612	BTHSSecurityMgr - ok
19:55:44.0265 1612	BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\system32\Drivers\BTHUSB.sys
19:55:44.0280 1612	BTHUSB - ok
19:55:44.0358 1612	btmaux          (ba554bfcbf21201d310738a42c9c19e1) C:\Windows\system32\DRIVERS\btmaux.sys
19:55:44.0374 1612	btmaux - ok
19:55:44.0452 1612	btmhsf          (0010a54571f525a97eed8c091e96eaa9) C:\Windows\system32\DRIVERS\btmhsf.sys
19:55:44.0452 1612	btmhsf - ok
19:55:44.0545 1612	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
19:55:44.0592 1612	cdfs - ok
19:55:44.0623 1612	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
19:55:44.0639 1612	cdrom - ok
19:55:44.0701 1612	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:55:44.0733 1612	CertPropSvc - ok
19:55:44.0826 1612	CGVPNCliSrvc    (d46a2f17c1d0f8637c115ebcb34aeebb) C:\Program Files\S.A.D\CyberGhost VPN\CGVPNCliService.exe
19:55:44.0873 1612	CGVPNCliSrvc - ok
19:55:44.0967 1612	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
19:55:44.0982 1612	circlass - ok
19:55:45.0013 1612	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
19:55:45.0029 1612	CLFS - ok
19:55:45.0091 1612	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:45.0107 1612	clr_optimization_v2.0.50727_32 - ok
19:55:45.0185 1612	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:55:45.0185 1612	clr_optimization_v2.0.50727_64 - ok
19:55:45.0232 1612	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:55:45.0247 1612	clr_optimization_v4.0.30319_32 - ok
19:55:45.0310 1612	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:55:45.0310 1612	clr_optimization_v4.0.30319_64 - ok
19:55:45.0388 1612	clwvd           (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
19:55:45.0388 1612	clwvd - ok
19:55:45.0419 1612	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
19:55:45.0435 1612	CmBatt - ok
19:55:45.0513 1612	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
19:55:45.0513 1612	cmdide - ok
19:55:45.0622 1612	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
19:55:45.0637 1612	CNG - ok
19:55:45.0715 1612	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
19:55:45.0731 1612	Compbatt - ok
19:55:45.0809 1612	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
19:55:45.0825 1612	CompositeBus - ok
19:55:45.0856 1612	COMSysApp - ok
19:55:45.0887 1612	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
19:55:45.0903 1612	crcdisk - ok
19:55:45.0981 1612	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
19:55:46.0012 1612	CryptSvc - ok
19:55:46.0090 1612	cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
19:55:46.0105 1612	cvhsvc - ok
19:55:46.0183 1612	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:55:46.0230 1612	DcomLaunch - ok
19:55:46.0277 1612	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
19:55:46.0324 1612	defragsvc - ok
19:55:46.0371 1612	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
19:55:46.0402 1612	DfsC - ok
19:55:46.0480 1612	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
19:55:46.0511 1612	Dhcp - ok
19:55:46.0589 1612	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
19:55:46.0620 1612	discache - ok
19:55:46.0698 1612	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
19:55:46.0714 1612	Disk - ok
19:55:46.0776 1612	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
19:55:46.0792 1612	Dnscache - ok
19:55:46.0885 1612	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
19:55:46.0917 1612	dot3svc - ok
19:55:46.0979 1612	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
19:55:47.0010 1612	DPS - ok
19:55:47.0073 1612	DRHARD64        (2a53aa388eb00fb6c57d43dbfe89c972) C:\Windows\system32\drivers\DRHARD64.sys
19:55:47.0088 1612	DRHARD64 - ok
19:55:47.0166 1612	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
19:55:47.0182 1612	drmkaud - ok
19:55:47.0307 1612	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
19:55:47.0338 1612	DXGKrnl - ok
19:55:47.0400 1612	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
19:55:47.0431 1612	EapHost - ok
19:55:47.0556 1612	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
19:55:47.0603 1612	ebdrv - ok
19:55:47.0712 1612	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
19:55:47.0712 1612	EFS - ok
19:55:47.0790 1612	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
19:55:47.0806 1612	ehRecvr - ok
19:55:47.0868 1612	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
19:55:47.0884 1612	ehSched - ok
19:55:47.0962 1612	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
19:55:47.0977 1612	elxstor - ok
19:55:48.0024 1612	EPSON_EB_RPCV4_01 (b5581646636759d0dafa8b008881c079) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
19:55:48.0040 1612	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
19:55:48.0040 1612	EPSON_EB_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
19:55:48.0055 1612	EPSON_PM_RPCV4_01 (1e345f2a2d95da3190596e691cde9342) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
19:55:48.0055 1612	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - warning
19:55:48.0055 1612	EPSON_PM_RPCV4_01 - detected UnsignedFile.Multi.Generic (1)
19:55:48.0118 1612	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
19:55:48.0133 1612	ErrDev - ok
19:55:48.0196 1612	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
19:55:48.0227 1612	EventSystem - ok
19:55:48.0321 1612	EvtEng          (23e539016fb73c9a095270cdb9451bed) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:55:48.0352 1612	EvtEng - ok
19:55:48.0414 1612	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
19:55:48.0445 1612	exfat - ok
19:55:48.0523 1612	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
19:55:48.0570 1612	fastfat - ok
19:55:48.0633 1612	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
19:55:48.0648 1612	Fax - ok
19:55:48.0726 1612	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
19:55:48.0742 1612	fdc - ok
19:55:48.0804 1612	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
19:55:48.0835 1612	fdPHost - ok
19:55:48.0960 1612	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
19:55:48.0991 1612	FDResPub - ok
19:55:49.0069 1612	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
19:55:49.0085 1612	FileInfo - ok
19:55:49.0132 1612	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
19:55:49.0163 1612	Filetrace - ok
19:55:49.0225 1612	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
19:55:49.0241 1612	flpydisk - ok
19:55:49.0366 1612	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
19:55:49.0366 1612	FltMgr - ok
19:55:49.0459 1612	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
19:55:49.0475 1612	FontCache - ok
19:55:49.0569 1612	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:55:49.0569 1612	FontCache3.0.0.0 - ok
19:55:49.0693 1612	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
19:55:49.0709 1612	FsDepends - ok
19:55:49.0787 1612	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
19:55:49.0803 1612	Fs_Rec - ok
19:55:49.0865 1612	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
19:55:49.0881 1612	fvevol - ok
19:55:49.0990 1612	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
19:55:50.0005 1612	gagp30kx - ok
19:55:50.0068 1612	GEARAspiWDM     (e403aacf8c7bb11375122d2464560311) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:55:50.0068 1612	GEARAspiWDM - ok
19:55:50.0193 1612	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
19:55:50.0224 1612	gpsvc - ok
19:55:50.0302 1612	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:50.0317 1612	gupdate - ok
19:55:50.0317 1612	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:55:50.0317 1612	gupdatem - ok
19:55:50.0458 1612	gusvc           (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:55:50.0473 1612	gusvc - ok
19:55:50.0536 1612	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
19:55:50.0551 1612	hcw85cir - ok
19:55:50.0629 1612	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
19:55:50.0645 1612	HdAudAddService - ok
19:55:50.0723 1612	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
19:55:50.0739 1612	HDAudBus - ok
19:55:50.0817 1612	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
19:55:50.0832 1612	HidBatt - ok
19:55:50.0926 1612	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
19:55:50.0941 1612	HidBth - ok
19:55:51.0004 1612	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
19:55:51.0019 1612	HidIr - ok
19:55:51.0129 1612	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
19:55:51.0160 1612	hidserv - ok
19:55:51.0238 1612	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
19:55:51.0238 1612	HidUsb - ok
19:55:51.0347 1612	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
19:55:51.0378 1612	hkmsvc - ok
19:55:51.0456 1612	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
19:55:51.0472 1612	HomeGroupListener - ok
19:55:51.0550 1612	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
19:55:51.0565 1612	HomeGroupProvider - ok
19:55:51.0643 1612	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
19:55:51.0643 1612	HpSAMD - ok
19:55:51.0753 1612	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
19:55:51.0799 1612	HTTP - ok
19:55:51.0862 1612	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
19:55:51.0877 1612	hwpolicy - ok
19:55:51.0971 1612	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
19:55:51.0987 1612	i8042prt - ok
19:55:52.0065 1612	iaStor          (d7921d5a870b11cc1adab198a519d50a) C:\Windows\system32\drivers\iaStor.sys
19:55:52.0065 1612	iaStor - ok
19:55:52.0158 1612	IAStorDataMgrSvc (8fff9083252c16fe3960173722605e9e) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
19:55:52.0174 1612	IAStorDataMgrSvc - ok
19:55:52.0252 1612	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
19:55:52.0267 1612	iaStorV - ok
19:55:52.0377 1612	iBtFltCoex      (50b8ab6013ef9970ac85fdba0f622300) C:\Windows\system32\DRIVERS\iBtFltCoex.sys
19:55:52.0377 1612	iBtFltCoex - ok
19:55:52.0439 1612	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:55:52.0455 1612	idsvc - ok
19:55:52.0751 1612	igfx            (795c99dc4f574c97c03d0bb39cf099ee) C:\Windows\system32\DRIVERS\igdkmd64.sys
19:55:52.0907 1612	igfx - ok
19:55:53.0016 1612	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
19:55:53.0016 1612	iirsp - ok
19:55:53.0094 1612	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
19:55:53.0141 1612	IKEEXT - ok
19:55:53.0266 1612	IntcAzAudAddService (e7b8803bd792aa1a11383199e61d38d6) C:\Windows\system32\drivers\RTKVHD64.sys
19:55:53.0328 1612	IntcAzAudAddService - ok
19:55:53.0422 1612	IntcDAud        (fc727061c0f47c8059e88e05d5c8e381) C:\Windows\system32\DRIVERS\IntcDAud.sys
19:55:53.0437 1612	IntcDAud - ok
19:55:53.0500 1612	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
19:55:53.0500 1612	intelide - ok
19:55:53.0578 1612	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
19:55:53.0593 1612	intelppm - ok
19:55:53.0671 1612	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
19:55:53.0703 1612	IPBusEnum - ok
19:55:53.0765 1612	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:55:53.0796 1612	IpFilterDriver - ok
19:55:53.0874 1612	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
19:55:53.0905 1612	iphlpsvc - ok
19:55:53.0983 1612	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
19:55:53.0999 1612	IPMIDRV - ok
19:55:54.0093 1612	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
19:55:54.0124 1612	IPNAT - ok
19:55:54.0171 1612	iPod Service    (ee4c2a137c7088911a8919effc9812e7) C:\Program Files\iPod\bin\iPodService.exe
19:55:54.0186 1612	iPod Service - ok
19:55:54.0264 1612	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
19:55:54.0280 1612	IRENUM - ok
19:55:54.0373 1612	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
19:55:54.0373 1612	isapnp - ok
19:55:54.0483 1612	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
19:55:54.0483 1612	iScsiPrt - ok
19:55:54.0576 1612	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
19:55:54.0576 1612	kbdclass - ok
19:55:54.0685 1612	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
19:55:54.0701 1612	kbdhid - ok
19:55:54.0779 1612	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:55:54.0779 1612	KeyIso - ok
19:55:54.0904 1612	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
19:55:54.0919 1612	KSecDD - ok
19:55:54.0997 1612	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
19:55:55.0013 1612	KSecPkg - ok
19:55:55.0138 1612	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
19:55:55.0169 1612	ksthunk - ok
19:55:55.0216 1612	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
19:55:55.0263 1612	KtmRm - ok
19:55:55.0341 1612	L1C             (6dd5383c9413aae3113faf89e345663d) C:\Windows\system32\DRIVERS\L1C62x64.sys
19:55:55.0356 1612	L1C - ok
19:55:55.0465 1612	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
19:55:55.0497 1612	LanmanServer - ok
19:55:55.0528 1612	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
19:55:55.0559 1612	LanmanWorkstation - ok
19:55:55.0637 1612	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
19:55:55.0668 1612	lltdio - ok
19:55:55.0746 1612	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
19:55:55.0793 1612	lltdsvc - ok
19:55:55.0855 1612	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
19:55:55.0887 1612	lmhosts - ok
19:55:55.0965 1612	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
19:55:55.0980 1612	LSI_FC - ok
19:55:56.0058 1612	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
19:55:56.0058 1612	LSI_SAS - ok
19:55:56.0214 1612	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
19:55:56.0214 1612	LSI_SAS2 - ok
19:55:56.0292 1612	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
19:55:56.0308 1612	LSI_SCSI - ok
19:55:56.0370 1612	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
19:55:56.0401 1612	luafv - ok
19:55:56.0479 1612	MBAMProtector   (79da94b35371b9e7104460c7693dcb2c) C:\Windows\system32\drivers\mbam.sys
19:55:56.0479 1612	MBAMProtector - ok
19:55:56.0573 1612	MBAMService     (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
19:55:56.0589 1612	MBAMService - ok
19:55:56.0667 1612	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
19:55:56.0667 1612	Mcx2Svc - ok
19:55:56.0760 1612	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
19:55:56.0776 1612	megasas - ok
19:55:56.0854 1612	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
19:55:56.0869 1612	MegaSR - ok
19:55:56.0963 1612	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:55:56.0994 1612	MMCSS - ok
19:55:57.0057 1612	mod7764         (97b041bb78636edc0a7b0ab68c98eb9b) C:\Windows\system32\DRIVERS\mod77-64.sys
19:55:57.0072 1612	mod7764 - ok
19:55:57.0166 1612	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
19:55:57.0197 1612	Modem - ok
19:55:57.0197 1612	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
19:55:57.0213 1612	monitor - ok
19:55:57.0244 1612	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
19:55:57.0259 1612	mouclass - ok
19:55:57.0322 1612	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
19:55:57.0337 1612	mouhid - ok
19:55:57.0478 1612	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
19:55:57.0493 1612	mountmgr - ok
19:55:57.0587 1612	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
19:55:57.0587 1612	mpio - ok
19:55:57.0618 1612	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
19:55:57.0649 1612	mpsdrv - ok
19:55:57.0805 1612	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
19:55:57.0852 1612	MpsSvc - ok
19:55:57.0915 1612	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
19:55:57.0930 1612	MRxDAV - ok
19:55:58.0039 1612	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
19:55:58.0055 1612	mrxsmb - ok
19:55:58.0117 1612	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:55:58.0133 1612	mrxsmb10 - ok
19:55:58.0227 1612	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:55:58.0242 1612	mrxsmb20 - ok
19:55:58.0258 1612	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
19:55:58.0273 1612	msahci - ok
19:55:58.0336 1612	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
19:55:58.0351 1612	msdsm - ok
19:55:58.0461 1612	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
19:55:58.0461 1612	MSDTC - ok
19:55:58.0539 1612	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
19:55:58.0570 1612	Msfs - ok
19:55:58.0648 1612	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
19:55:58.0679 1612	mshidkmdf - ok
19:55:58.0695 1612	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
19:55:58.0710 1612	msisadrv - ok
19:55:58.0788 1612	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
19:55:58.0819 1612	MSiSCSI - ok
19:55:58.0882 1612	msiserver - ok
19:55:58.0913 1612	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
19:55:58.0944 1612	MSKSSRV - ok
19:55:59.0022 1612	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
19:55:59.0053 1612	MSPCLOCK - ok
19:55:59.0100 1612	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
19:55:59.0131 1612	MSPQM - ok
19:55:59.0163 1612	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
19:55:59.0178 1612	MsRPC - ok
19:55:59.0256 1612	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
19:55:59.0256 1612	mssmbios - ok
19:55:59.0319 1612	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
19:55:59.0350 1612	MSTEE - ok
19:55:59.0428 1612	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
19:55:59.0443 1612	MTConfig - ok
19:55:59.0506 1612	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
19:55:59.0521 1612	Mup - ok
19:55:59.0568 1612	MyWiFiDHCPDNS   (1571e40ee767b28df9a94b68d69c9605) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
19:55:59.0584 1612	MyWiFiDHCPDNS - ok
19:55:59.0693 1612	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
19:55:59.0724 1612	napagent - ok
19:55:59.0787 1612	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
19:55:59.0818 1612	NativeWifiP - ok
19:55:59.0911 1612	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
19:55:59.0943 1612	NDIS - ok
19:56:00.0005 1612	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:00.0036 1612	NdisCap - ok
19:56:00.0130 1612	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:00.0161 1612	NdisTapi - ok
19:56:00.0223 1612	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:00.0255 1612	Ndisuio - ok
19:56:00.0348 1612	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:00.0379 1612	NdisWan - ok
19:56:00.0442 1612	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
19:56:00.0473 1612	NDProxy - ok
19:56:00.0582 1612	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
19:56:00.0613 1612	NetBIOS - ok
19:56:00.0691 1612	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
19:56:00.0723 1612	NetBT - ok
19:56:00.0801 1612	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:56:00.0801 1612	Netlogon - ok
19:56:00.0879 1612	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
19:56:00.0925 1612	Netman - ok
19:56:01.0003 1612	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
19:56:01.0035 1612	netprofm - ok
19:56:01.0113 1612	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:01.0113 1612	NetTcpPortSharing - ok
19:56:01.0362 1612	NETwNs64        (2b26c8a6b4fb519e1849101a10e6c68d) C:\Windows\system32\DRIVERS\NETwNs64.sys
19:56:01.0471 1612	NETwNs64 - ok
19:56:01.0565 1612	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
19:56:01.0581 1612	nfrd960 - ok
19:56:01.0612 1612	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
19:56:01.0643 1612	NlaSvc - ok
19:56:01.0721 1612	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
19:56:01.0752 1612	Npfs - ok
19:56:01.0799 1612	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
19:56:01.0830 1612	nsi - ok
19:56:01.0908 1612	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
19:56:01.0939 1612	nsiproxy - ok
19:56:02.0033 1612	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
19:56:02.0080 1612	Ntfs - ok
19:56:02.0205 1612	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
19:56:02.0236 1612	Null - ok
19:56:02.0314 1612	nusb3hub        (0ebc9d13cd96c15b1b18d8678a609e4b) C:\Windows\system32\drivers\nusb3hub.sys
19:56:02.0314 1612	nusb3hub - ok
19:56:02.0423 1612	nusb3xhc        (7bdec000d56d485021d9c1e63c2f81ca) C:\Windows\system32\drivers\nusb3xhc.sys
19:56:02.0439 1612	nusb3xhc - ok
19:56:02.0517 1612	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
19:56:02.0532 1612	nvraid - ok
19:56:02.0626 1612	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
19:56:02.0641 1612	nvstor - ok
19:56:02.0673 1612	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
19:56:02.0688 1612	nv_agp - ok
19:56:02.0751 1612	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
19:56:02.0751 1612	ohci1394 - ok
19:56:02.0813 1612	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:02.0813 1612	ose - ok
19:56:02.0938 1612	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:03.0016 1612	osppsvc - ok
19:56:03.0078 1612	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:56:03.0094 1612	p2pimsvc - ok
19:56:03.0172 1612	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
19:56:03.0187 1612	p2psvc - ok
19:56:03.0281 1612	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
19:56:03.0297 1612	Parport - ok
19:56:03.0328 1612	partmgr         (871eadac56b0a4c6512bbe32753ccf79) C:\Windows\system32\drivers\partmgr.sys
19:56:03.0343 1612	partmgr - ok
19:56:03.0406 1612	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
19:56:03.0421 1612	PcaSvc - ok
19:56:03.0515 1612	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
19:56:03.0531 1612	pci - ok
19:56:03.0609 1612	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
19:56:03.0624 1612	pciide - ok
19:56:03.0702 1612	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
19:56:03.0718 1612	pcmcia - ok
19:56:03.0765 1612	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
19:56:03.0780 1612	pcw - ok
19:56:03.0843 1612	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
19:56:03.0889 1612	PEAUTH - ok
19:56:03.0967 1612	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
19:56:03.0967 1612	PerfHost - ok
19:56:04.0077 1612	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
19:56:04.0123 1612	pla - ok
19:56:04.0186 1612	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
19:56:04.0201 1612	PlugPlay - ok
19:56:04.0264 1612	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
19:56:04.0279 1612	PNRPAutoReg - ok
19:56:04.0373 1612	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
19:56:04.0389 1612	PNRPsvc - ok
19:56:04.0451 1612	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
19:56:04.0498 1612	PolicyAgent - ok
19:56:04.0576 1612	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
19:56:04.0623 1612	Power - ok
19:56:04.0685 1612	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
19:56:04.0716 1612	PptpMiniport - ok
19:56:04.0794 1612	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
19:56:04.0794 1612	Processor - ok
19:56:04.0872 1612	ProfSvc         (5c78838b4d166d1a27db3a8a820c799a) C:\Windows\system32\profsvc.dll
19:56:04.0919 1612	ProfSvc - ok
19:56:04.0981 1612	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:56:04.0997 1612	ProtectedStorage - ok
19:56:05.0075 1612	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
19:56:05.0106 1612	Psched - ok
19:56:05.0169 1612	PSI_SVC_2       (543a4ef0923bf70d126625b034ef25af) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
19:56:05.0184 1612	PSI_SVC_2 - ok
19:56:05.0278 1612	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
19:56:05.0309 1612	ql2300 - ok
19:56:05.0387 1612	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
19:56:05.0403 1612	ql40xx - ok
19:56:05.0481 1612	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
19:56:05.0496 1612	QWAVE - ok
19:56:05.0574 1612	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
19:56:05.0590 1612	QWAVEdrv - ok
19:56:05.0652 1612	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
19:56:05.0683 1612	RasAcd - ok
19:56:05.0839 1612	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:05.0871 1612	RasAgileVpn - ok
19:56:05.0949 1612	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
19:56:05.0980 1612	RasAuto - ok
19:56:06.0042 1612	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:06.0073 1612	Rasl2tp - ok
19:56:06.0151 1612	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
19:56:06.0183 1612	RasMan - ok
19:56:06.0245 1612	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:06.0292 1612	RasPppoe - ok
19:56:06.0354 1612	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
19:56:06.0385 1612	RasSstp - ok
19:56:06.0448 1612	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
19:56:06.0495 1612	rdbss - ok
19:56:06.0573 1612	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
19:56:06.0573 1612	rdpbus - ok
19:56:06.0635 1612	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:06.0666 1612	RDPCDD - ok
19:56:06.0744 1612	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
19:56:06.0775 1612	RDPENCDD - ok
19:56:06.0869 1612	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
19:56:06.0900 1612	RDPREFMP - ok
19:56:06.0978 1612	RDPWD           (6d76e6433574b058adcb0c50df834492) C:\Windows\system32\drivers\RDPWD.sys
19:56:06.0994 1612	RDPWD - ok
19:56:07.0087 1612	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
19:56:07.0087 1612	rdyboost - ok
19:56:07.0165 1612	RegSrvc         (156757a092b9350f475d24353239e78e) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:56:07.0181 1612	RegSrvc - ok
19:56:07.0259 1612	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
19:56:07.0290 1612	RemoteAccess - ok
19:56:07.0353 1612	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
19:56:07.0399 1612	RemoteRegistry - ok
19:56:07.0477 1612	RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
19:56:07.0477 1612	RFCOMM - ok
19:56:07.0571 1612	RichVideo       (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
19:56:07.0587 1612	RichVideo ( UnsignedFile.Multi.Generic ) - warning
19:56:07.0587 1612	RichVideo - detected UnsignedFile.Multi.Generic (1)
19:56:07.0680 1612	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
19:56:07.0711 1612	RpcEptMapper - ok
19:56:07.0789 1612	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
19:56:07.0805 1612	RpcLocator - ok
19:56:07.0867 1612	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
19:56:07.0899 1612	RpcSs - ok
19:56:07.0977 1612	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
19:56:08.0008 1612	rspndr - ok
19:56:08.0086 1612	RSUSBVSTOR      (89dfb71b370d82dfe75183f677043cee) C:\Windows\System32\Drivers\RtsUVStor.sys
19:56:08.0086 1612	RSUSBVSTOR - ok
19:56:08.0195 1612	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:56:08.0211 1612	SamSs - ok
19:56:08.0257 1612	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
19:56:08.0273 1612	sbp2port - ok
19:56:08.0367 1612	SBSDWSCService  (794d4b48dfb6e999537c7c3947863463) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
19:56:08.0382 1612	SBSDWSCService - ok
19:56:08.0491 1612	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
19:56:08.0538 1612	SCardSvr - ok
19:56:08.0601 1612	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
19:56:08.0632 1612	scfilter - ok
19:56:08.0725 1612	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
19:56:08.0757 1612	Schedule - ok
19:56:08.0835 1612	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
19:56:08.0866 1612	SCPolicySvc - ok
19:56:08.0944 1612	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
19:56:08.0959 1612	SDRSVC - ok
19:56:09.0006 1612	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
19:56:09.0053 1612	secdrv - ok
19:56:09.0115 1612	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
19:56:09.0147 1612	seclogon - ok
19:56:09.0225 1612	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
19:56:09.0256 1612	SENS - ok
19:56:09.0303 1612	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
19:56:09.0303 1612	SensrSvc - ok
19:56:09.0381 1612	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
19:56:09.0381 1612	Serenum - ok
19:56:09.0459 1612	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
19:56:09.0474 1612	Serial - ok
19:56:09.0552 1612	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
19:56:09.0552 1612	sermouse - ok
19:56:09.0646 1612	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
19:56:09.0677 1612	SessionEnv - ok
19:56:09.0724 1612	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
19:56:09.0739 1612	sffdisk - ok
19:56:09.0817 1612	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
19:56:09.0817 1612	sffp_mmc - ok
19:56:09.0911 1612	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
19:56:09.0911 1612	sffp_sd - ok
19:56:09.0989 1612	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\drivers\sfloppy.sys
19:56:09.0989 1612	sfloppy - ok
19:56:10.0098 1612	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
19:56:10.0114 1612	Sftfs - ok
19:56:10.0207 1612	sftlist         (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
19:56:10.0223 1612	sftlist - ok
19:56:10.0348 1612	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
19:56:10.0348 1612	Sftplay - ok
19:56:10.0457 1612	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
19:56:10.0473 1612	Sftredir - ok
19:56:10.0566 1612	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
19:56:10.0566 1612	Sftvol - ok
19:56:10.0660 1612	sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
19:56:10.0660 1612	sftvsa - ok
19:56:10.0769 1612	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
19:56:10.0800 1612	SharedAccess - ok
19:56:10.0925 1612	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
19:56:10.0972 1612	ShellHWDetection - ok
19:56:11.0050 1612	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
19:56:11.0050 1612	SiSRaid2 - ok
19:56:11.0143 1612	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
19:56:11.0143 1612	SiSRaid4 - ok
19:56:11.0175 1612	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
19:56:11.0221 1612	Smb - ok
19:56:11.0299 1612	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
19:56:11.0299 1612	SNMPTRAP - ok
19:56:11.0409 1612	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
19:56:11.0409 1612	spldr - ok
19:56:11.0502 1612	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
19:56:11.0533 1612	Spooler - ok
19:56:11.0674 1612	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
19:56:11.0736 1612	sppsvc - ok
19:56:11.0830 1612	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
19:56:11.0861 1612	sppuinotify - ok
19:56:11.0939 1612	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
19:56:11.0955 1612	srv - ok
19:56:12.0033 1612	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
19:56:12.0048 1612	srv2 - ok
19:56:12.0142 1612	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
19:56:12.0157 1612	srvnet - ok
19:56:12.0235 1612	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
19:56:12.0267 1612	SSDPSRV - ok
19:56:12.0329 1612	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
19:56:12.0376 1612	SstpSvc - ok
19:56:12.0438 1612	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
19:56:12.0454 1612	stexstor - ok
19:56:12.0532 1612	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
19:56:12.0547 1612	stisvc - ok
19:56:12.0641 1612	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
19:56:12.0657 1612	swenum - ok
19:56:12.0719 1612	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
19:56:12.0766 1612	swprv - ok
19:56:12.0859 1612	SynTP           (b3ad15fa10ebeafc1275f34050e4e230) C:\Windows\system32\drivers\SynTP.sys
19:56:12.0891 1612	SynTP - ok
19:56:13.0000 1612	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
19:56:13.0031 1612	SysMain - ok
19:56:13.0093 1612	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
19:56:13.0109 1612	TabletInputService - ok
19:56:13.0171 1612	tap0901         (4ef44915e522f3ecd1a3ff540aa64126) C:\Windows\system32\DRIVERS\tap0901.sys
19:56:13.0187 1612	tap0901 - ok
19:56:13.0249 1612	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
19:56:13.0296 1612	TapiSrv - ok
19:56:13.0359 1612	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
19:56:13.0390 1612	TBS - ok
19:56:13.0499 1612	Tcpip           (fc62769e7bff2896035aeed399108162) C:\Windows\system32\drivers\tcpip.sys
19:56:13.0530 1612	Tcpip - ok
19:56:13.0639 1612	TCPIP6          (fc62769e7bff2896035aeed399108162) C:\Windows\system32\DRIVERS\tcpip.sys
19:56:13.0686 1612	TCPIP6 - ok
19:56:13.0811 1612	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
19:56:13.0842 1612	tcpipreg - ok
19:56:13.0905 1612	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
19:56:13.0920 1612	TDPIPE - ok
19:56:13.0998 1612	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
19:56:13.0998 1612	TDTCP - ok
19:56:14.0092 1612	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
19:56:14.0123 1612	tdx - ok
19:56:14.0201 1612	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
19:56:14.0201 1612	TermDD - ok
19:56:14.0295 1612	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
19:56:14.0326 1612	TermService - ok
19:56:14.0388 1612	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
19:56:14.0419 1612	Themes - ok
19:56:14.0497 1612	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
19:56:14.0529 1612	THREADORDER - ok
19:56:14.0591 1612	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
19:56:14.0622 1612	TrkWks - ok
19:56:14.0685 1612	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
19:56:14.0716 1612	TrustedInstaller - ok
19:56:14.0778 1612	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:14.0825 1612	tssecsrv - ok
19:56:14.0887 1612	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
19:56:14.0903 1612	TsUsbFlt - ok
19:56:14.0981 1612	TsUsbGD         (9cc2ccae8a84820eaecb886d477cbcb8) C:\Windows\system32\drivers\TsUsbGD.sys
19:56:14.0981 1612	TsUsbGD - ok
19:56:15.0075 1612	TuneUp.Defrag   (41a3f69fbb7ca37a3fc5cd8ef424f199) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpDefragService.exe
19:56:15.0090 1612	TuneUp.Defrag - ok
19:56:15.0215 1612	TuneUp.UtilitiesSvc (eba3abffdada40a2b590adef1a24ca24) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe
19:56:15.0246 1612	TuneUp.UtilitiesSvc - ok
19:56:15.0324 1612	TuneUpUtilitiesDrv (dcc94c51d27c7ec0dadeca8f64c94fcf) C:\Program Files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys
19:56:15.0324 1612	TuneUpUtilitiesDrv - ok
19:56:15.0387 1612	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
19:56:15.0418 1612	tunnel - ok
19:56:15.0496 1612	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
19:56:15.0511 1612	uagp35 - ok
19:56:15.0589 1612	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
19:56:15.0636 1612	udfs - ok
19:56:15.0699 1612	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
19:56:15.0714 1612	UI0Detect - ok
19:56:15.0792 1612	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
19:56:15.0808 1612	uliagpkx - ok
19:56:15.0870 1612	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\DRIVERS\umbus.sys
19:56:15.0886 1612	umbus - ok
19:56:15.0979 1612	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
19:56:15.0979 1612	UmPass - ok
19:56:16.0042 1612	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
19:56:16.0089 1612	upnphost - ok
19:56:16.0167 1612	USBAAPL64       (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
19:56:16.0167 1612	USBAAPL64 - ok
19:56:16.0245 1612	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:16.0260 1612	usbccgp - ok
19:56:16.0338 1612	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
19:56:16.0354 1612	usbcir - ok
19:56:16.0416 1612	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
19:56:16.0432 1612	usbehci - ok
19:56:16.0510 1612	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
19:56:16.0525 1612	usbhub - ok
19:56:16.0603 1612	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
19:56:16.0619 1612	usbohci - ok
19:56:16.0681 1612	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
19:56:16.0697 1612	usbprint - ok
19:56:16.0759 1612	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
19:56:16.0775 1612	usbscan - ok
19:56:16.0869 1612	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:16.0869 1612	USBSTOR - ok
19:56:16.0947 1612	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
19:56:16.0962 1612	usbuhci - ok
19:56:17.0025 1612	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
19:56:17.0056 1612	UxSms - ok
19:56:17.0134 1612	UxTuneUp        (9ac0c072fd7ede138842bef7da73b0e6) C:\Windows\System32\uxtuneup.dll
19:56:17.0134 1612	UxTuneUp - ok
19:56:17.0227 1612	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
19:56:17.0227 1612	VaultSvc - ok
19:56:17.0305 1612	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
19:56:17.0321 1612	vdrvroot - ok
19:56:17.0368 1612	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
19:56:17.0415 1612	vds - ok
19:56:17.0477 1612	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:17.0493 1612	vga - ok
19:56:17.0571 1612	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
19:56:17.0602 1612	VgaSave - ok
19:56:17.0680 1612	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
19:56:17.0695 1612	vhdmp - ok
19:56:17.0789 1612	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
19:56:17.0789 1612	viaide - ok
19:56:17.0867 1612	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
19:56:17.0883 1612	volmgr - ok
19:56:17.0945 1612	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
19:56:17.0961 1612	volmgrx - ok
19:56:17.0992 1612	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
19:56:18.0007 1612	volsnap - ok
19:56:18.0054 1612	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
19:56:18.0070 1612	vsmraid - ok
19:56:18.0163 1612	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
19:56:18.0210 1612	VSS - ok
19:56:18.0304 1612	vToolbarUpdater10.2.0 (3080f1f093869a19fb3d1f0226c73809) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\10.2.0\ToolbarUpdater.exe
19:56:18.0319 1612	vToolbarUpdater10.2.0 - ok
19:56:18.0397 1612	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:18.0397 1612	vwifibus - ok
19:56:18.0475 1612	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:18.0491 1612	vwififlt - ok
19:56:18.0553 1612	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
19:56:18.0569 1612	vwifimp - ok
19:56:18.0647 1612	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
19:56:18.0678 1612	W32Time - ok
19:56:18.0756 1612	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
19:56:18.0772 1612	WacomPen - ok
19:56:18.0834 1612	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:56:18.0865 1612	WANARP - ok
19:56:18.0865 1612	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
19:56:18.0897 1612	Wanarpv6 - ok
19:56:18.0959 1612	watchmi         (878c947c69ee89e4dbff9dbd6155c15d) C:\Program Files (x86)\watchmi\TvdService.exe
19:56:18.0975 1612	watchmi ( UnsignedFile.Multi.Generic ) - warning
19:56:18.0975 1612	watchmi - detected UnsignedFile.Multi.Generic (1)
19:56:19.0053 1612	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
19:56:19.0084 1612	wbengine - ok
19:56:19.0146 1612	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
19:56:19.0177 1612	WbioSrvc - ok
19:56:19.0240 1612	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
19:56:19.0255 1612	wcncsvc - ok
19:56:19.0318 1612	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
19:56:19.0333 1612	WcsPlugInService - ok
19:56:19.0411 1612	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
19:56:19.0427 1612	Wd - ok
19:56:19.0489 1612	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
19:56:19.0505 1612	Wdf01000 - ok
19:56:19.0583 1612	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:56:19.0599 1612	WdiServiceHost - ok
19:56:19.0599 1612	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
19:56:19.0630 1612	WdiSystemHost - ok
19:56:19.0692 1612	wdkmd           (5e1640435dd54d00451156ca5340b109) C:\Windows\system32\DRIVERS\WDKMD.sys
19:56:19.0692 1612	wdkmd - ok
19:56:19.0755 1612	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
19:56:19.0770 1612	WebClient - ok
19:56:19.0833 1612	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
19:56:19.0879 1612	Wecsvc - ok
19:56:19.0942 1612	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
19:56:19.0973 1612	wercplsupport - ok
19:56:20.0035 1612	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
19:56:20.0082 1612	WerSvc - ok
19:56:20.0160 1612	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:20.0191 1612	WfpLwf - ok
19:56:20.0254 1612	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
19:56:20.0269 1612	WIMMount - ok
19:56:20.0301 1612	WinDefend - ok
19:56:20.0316 1612	WinHttpAutoProxySvc - ok
19:56:20.0410 1612	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
19:56:20.0441 1612	Winmgmt - ok
19:56:20.0550 1612	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
19:56:20.0613 1612	WinRM - ok
19:56:20.0691 1612	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
19:56:20.0706 1612	WinUsb - ok
19:56:20.0769 1612	WisLMSvc        (4c69a8e2e159c1c59bc4b688e9dd7f8c) C:\Program Files (x86)\Launch Manager\WisLMSvc.exe
19:56:20.0784 1612	WisLMSvc - ok
19:56:20.0862 1612	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
19:56:20.0893 1612	Wlansvc - ok
19:56:20.0940 1612	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:56:20.0956 1612	wlcrasvc - ok
19:56:21.0065 1612	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:56:21.0112 1612	wlidsvc - ok
19:56:21.0174 1612	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
19:56:21.0190 1612	WmiAcpi - ok
19:56:21.0283 1612	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
19:56:21.0299 1612	wmiApSrv - ok
19:56:21.0330 1612	WMPNetworkSvc - ok
19:56:21.0408 1612	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
19:56:21.0408 1612	WPCSvc - ok
19:56:21.0486 1612	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
19:56:21.0502 1612	WPDBusEnum - ok
19:56:21.0564 1612	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
19:56:21.0595 1612	ws2ifsl - ok
19:56:21.0673 1612	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
19:56:21.0689 1612	wscsvc - ok
19:56:21.0736 1612	WSearch - ok
19:56:21.0876 1612	wuauserv        (9df12edbc698b0bc353b3ef84861e430) C:\Windows\system32\wuaueng.dll
19:56:21.0939 1612	wuauserv - ok
19:56:22.0001 1612	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
19:56:22.0032 1612	WudfPf - ok
19:56:22.0110 1612	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
19:56:22.0141 1612	WUDFRd - ok
19:56:22.0219 1612	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
19:56:22.0251 1612	wudfsvc - ok
19:56:22.0329 1612	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
19:56:22.0344 1612	WwanSvc - ok
19:56:22.0422 1612	X10Hid          (baa813a76f5db6cc3c2ceab7d82b6972) C:\Windows\System32\Drivers\x10hid.sys
19:56:22.0422 1612	X10Hid - ok
19:56:22.0485 1612	x10nets         (5a0c788c5bc5f2c993cb60940adcf95e) C:\PROGRA~2\COMMON~1\X10\Common\x10nets.exe
19:56:22.0485 1612	x10nets ( UnsignedFile.Multi.Generic ) - warning
19:56:22.0485 1612	x10nets - detected UnsignedFile.Multi.Generic (1)
19:56:22.0563 1612	XUIF            (a4b2a8751a8f96134be6063b8a759116) C:\Windows\system32\Drivers\x10ufx2.sys
19:56:22.0578 1612	XUIF - ok
19:56:22.0625 1612	MBR (0x1B8)     (01c6ae8eadd5f5b4c22dd5848d9cb4b9) \Device\Harddisk0\DR0
19:56:25.0293 1612	\Device\Harddisk0\DR0 - ok
19:56:25.0293 1612	Boot (0x1200)   (29d658ab03047f0aad8bc5d2552b4fac) \Device\Harddisk0\DR0\Partition0
19:56:25.0293 1612	\Device\Harddisk0\DR0\Partition0 - ok
19:56:25.0324 1612	Boot (0x1200)   (ffd155fd02e253d892b7cd9864fd795d) \Device\Harddisk0\DR0\Partition1
19:56:25.0324 1612	\Device\Harddisk0\DR0\Partition1 - ok
19:56:25.0355 1612	Boot (0x1200)   (7b8a5632e986a97e74617f3f9101b17a) \Device\Harddisk0\DR0\Partition2
19:56:25.0355 1612	\Device\Harddisk0\DR0\Partition2 - ok
19:56:25.0355 1612	============================================================
19:56:25.0355 1612	Scan finished
19:56:25.0355 1612	============================================================
19:56:25.0355 4032	Detected object count: 5
19:56:25.0355 4032	Actual detected object count: 5
20:00:22.0962 4032	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0962 4032	EPSON_EB_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0962 4032	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0962 4032	EPSON_PM_RPCV4_01 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0962 4032	RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0962 4032	RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0962 4032	watchmi ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0962 4032	watchmi ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:22.0962 4032	x10nets ( UnsignedFile.Multi.Generic ) - skipped by user
20:00:22.0962 4032	x10nets ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:00:26.0082 2660	Deinitialize success

cosinus · 23.04.2012, 21:24

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

3Vx23² · 24.04.2012, 05:20

Ich hab meinen AVG Virenschutz jetzt repariert, kann Ihn allerdings immer noch nicht deinstallieren.

Wärend des Scans hatte Ich Ihn deaktiviert.
Combofix sagt trotzdem er wäre aktiviert O.o

Code:

ATTFilter

ComboFix 12-04-23.02 - ***** 24.04.2012   1:59.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4003.2349 [GMT 2:00]
ausgeführt von:: c:\users\*****\Downloads\ComboFix.exe
AV: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\programdata\Roaming
c:\users\*****\AppData\Roaming\.#
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\bookmarks.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\clients.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\forms.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\history.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\passwords.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\prefs.json
c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\weave\toFetch\tabs.json
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-03-24 bis 2012-04-24  ))))))))))))))))))))))))))))))
.
.
2012-04-24 00:06 . 2012-04-24 00:06	--------	d-----w-	c:\users\*****\AppData\Local\temp
2012-04-24 00:06 . 2012-04-24 00:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-04-23 23:44 . 2012-04-23 23:44	--------	d-----w-	c:\users\*****\AppData\Local\AVG Secure Search
2012-04-22 20:19 . 2012-04-22 20:19	--------	d-----w-	C:\_OTL
2012-04-11 20:30 . 2012-03-06 06:53	5559152	----a-w-	c:\windows\system32\ntoskrnl.exe
2012-04-11 20:30 . 2012-03-06 05:59	3968368	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2012-04-11 20:30 . 2012-03-06 05:59	3913072	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2012-04-11 20:28 . 2012-03-01 06:46	23408	----a-w-	c:\windows\system32\drivers\fs_rec.sys
2012-04-11 20:28 . 2012-03-01 06:33	81408	----a-w-	c:\windows\system32\imagehlp.dll
2012-04-11 20:28 . 2012-03-01 05:33	159232	----a-w-	c:\windows\SysWow64\imagehlp.dll
2012-04-11 20:28 . 2012-03-01 06:38	220672	----a-w-	c:\windows\system32\wintrust.dll
2012-04-11 20:28 . 2012-03-01 06:28	5120	----a-w-	c:\windows\system32\wmi.dll
2012-04-11 20:28 . 2012-03-01 05:37	172544	----a-w-	c:\windows\SysWow64\wintrust.dll
2012-04-11 20:28 . 2012-03-01 05:29	5120	----a-w-	c:\windows\SysWow64\wmi.dll
2012-04-09 11:49 . 2012-04-09 11:49	--------	d-----w-	c:\program files (x86)\ESET
2012-04-07 03:51 . 1996-05-29 01:04	4711	----a-w-	c:\windows\system32\dmouse.vxd
2012-04-07 03:51 . 2012-04-07 03:54	--------	d-----w-	c:\program files\Doom Shareware for Windows 95
2012-04-02 18:41 . 2012-04-02 18:42	--------	d-----w-	c:\programdata\WinZip
2012-04-02 18:35 . 2012-04-02 18:35	--------	d-----w-	c:\program files (x86)\7-Zip
2012-04-01 19:50 . 2012-04-01 19:50	--------	d-----w-	c:\users\*****\AppData\Roaming\Malwarebytes
2012-04-01 19:34 . 2012-04-01 19:34	--------	d-----w-	c:\users\*****\AppData\Roaming\Malwarebytes
2012-04-01 19:34 . 2012-04-01 19:34	--------	d-----w-	c:\programdata\Malwarebytes
2012-04-01 19:34 . 2012-04-01 19:34	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-04-01 19:34 . 2011-12-10 13:24	23152	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-03-31 23:57 . 2012-04-23 23:44	--------	d-----w-	c:\program files (x86)\AVG Secure Search
2012-03-31 23:47 . 2012-04-22 20:19	--------	d-----w-	c:\program files (x86)\Spybot - Search & Destroy
2012-03-31 23:47 . 2012-04-01 09:39	--------	d-----w-	c:\programdata\Spybot - Search & Destroy
2012-03-30 20:46 . 2012-03-30 20:46	418464	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-03-29 22:19 . 2012-02-03 04:34	3145728	----a-w-	c:\windows\system32\win32k.sys
2012-03-29 22:19 . 2012-02-10 06:36	1544192	----a-w-	c:\windows\system32\DWrite.dll
2012-03-29 22:19 . 2012-02-10 05:38	1077248	----a-w-	c:\windows\SysWow64\DWrite.dll
2012-03-29 22:18 . 2012-01-25 06:38	77312	----a-w-	c:\windows\system32\rdpwsx.dll
2012-03-29 22:18 . 2012-01-25 06:38	149504	----a-w-	c:\windows\system32\rdpcorekmts.dll
2012-03-29 22:18 . 2012-01-25 06:33	9216	----a-w-	c:\windows\system32\rdrmemptylst.exe
2012-03-29 22:18 . 2012-02-17 06:38	1031680	----a-w-	c:\windows\system32\rdpcore.dll
2012-03-29 22:18 . 2012-02-17 05:34	826880	----a-w-	c:\windows\SysWow64\rdpcore.dll
2012-03-29 22:18 . 2012-02-17 04:58	210944	----a-w-	c:\windows\system32\drivers\rdpwd.sys
2012-03-29 22:18 . 2012-02-17 04:57	23552	----a-w-	c:\windows\system32\drivers\tdtcp.sys
2012-03-28 18:30 . 2012-03-28 18:30	3993600	----a-w-	c:\program files (x86)\GUT8CFF.tmp
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-03-30 20:46 . 2011-05-18 20:04	70304	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-02-22 03:25 . 2012-02-22 03:25	382032	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2012-02-22 03:25 . 2012-02-22 03:25	289872	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2012-02-15 21:07 . 2010-06-24 10:33	18328	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 02062C0B390B7729EDC9E69C680A6F3C . 24128 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[7] 2009-07-14 . 02062C0B390B7729EDC9E69C680A6F3C . 24128 . . [6.1.7600.16385] .. c:\windows\system32\drivers\atapi.sys
[7] 2009-07-14 . 02062C0B390B7729EDC9E69C680A6F3C . 24128 . . [6.1.7600.16385] .. c:\windows\system32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
.
[7] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-rasbase-asyncmac_31bf3856ad364e35_6.1.7600.16385_none_804cc08a4e8a4516\asyncmac.sys
[7] 2009-07-14 . 769765CE2CC62867468CEA93969B2242 . 23040 . . [6.1.7600.16385] .. c:\windows\system32\drivers\asyncmac.sys
.
[7] 2009-07-14 . BC02336F1CBA7DCC7D1213BB588A68A5 . 50768 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_keyboard.inf_31bf3856ad364e35_6.1.7601.17514_none_f5747347ef9876bf\kbdclass.sys
[7] 2009-07-14 . BC02336F1CBA7DCC7D1213BB588A68A5 . 50768 . . [6.1.7600.16385] .. c:\windows\system32\drivers\kbdclass.sys
[7] 2009-07-14 . BC02336F1CBA7DCC7D1213BB588A68A5 . 50768 . . [6.1.7600.16385] .. c:\windows\system32\DriverStore\FileRepository\keyboard.inf_amd64_neutral_0684fdc43059f486\kbdclass.sys
.
[7] 2010-11-21 . 79B47FD40D9A817E932F9D26FAC0A81C . 951680 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-ndis_31bf3856ad364e35_6.1.7601.17514_none_05ed313632ae9759\ndis.sys
[7] 2010-11-21 . 79B47FD40D9A817E932F9D26FAC0A81C . 951680 . . [6.1.7600.16385] .. c:\windows\system32\drivers\ndis.sys
.
[7] 2011-03-11 . A2F74975097F52A00745F9637451FDD8 . 1659776 . . [6.1.7601.17577] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17577_none_0459508233b9177f\ntfs.sys
[7] 2011-03-11 . 87B104128D4D3BA3C13098BAEBF38082 . 1659776 . . [6.1.7601.21680] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.21680_none_04d11b5b4ce521d9\ntfs.sys
[7] 2010-11-21 . 05D78AA5CB5F3F5C31160BDB955D0B7C . 1659776 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-ntfs_31bf3856ad364e35_6.1.7601.17514_none_04972f2c338b23d4\ntfs.sys
[7] 2011-03-11 . A2F74975097F52A00745F9637451FDD8 . 1659776 . . [6.1.7600.16385] .. c:\windows\system32\drivers\ntfs.sys
.
[7] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-null_31bf3856ad364e35_6.1.7600.16385_none_055adf2434ae116e\null.sys
[7] 2009-07-13 . 9899284589F75FA8724FF3D16AED75C1 . 6144 . . [6.1.7600.16385] .. c:\windows\system32\drivers\null.sys
.
[7] 2011-09-29 . 3810F06A4D74A7D62641EE73D6B3C660 . 1912176 . . [6.1.7601.21828] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21828_none_11c6e9949627e69c\tcpip.sys
[7] 2011-09-29 . FC62769E7BFF2896035AEED399108162 . 1923952 . . [6.1.7601.17697] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17697_none_10f09b257d43f3eb\tcpip.sys
[7] 2011-06-21 . F0E98C00A09FDF791525829A1D14240F . 1923968 . . [6.1.7601.17638] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17638_none_11327af77d12659c\tcpip.sys
[7] 2011-06-21 . A0EB71E0DC047C7CC95CD6AB4036296E . 1914752 . . [6.1.7601.21754] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21754_none_11a276c29643d7ec\tcpip.sys
[7] 2011-04-25 . B77977AEB2FF159D01DB08A309989C5F . 1927552 . . [6.1.7601.21712] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.21712_none_11cbb5de9625357a\tcpip.sys
[7] 2011-04-25 . 92CE29D95AC9DD2D0EE9061D551BA250 . 1923968 . . [6.1.7601.17603] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17603_none_114de9497cfe9316\tcpip.sys
[7] 2010-11-21 . 509383E505C973ED7534A06B3D19688D . 1924480 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.1.7601.17514_none_114417c17d05cb37\tcpip.sys
[7] 2011-09-29 . FC62769E7BFF2896035AEED399108162 . 1923952 . . [6.1.7600.16385] .. c:\windows\system32\drivers\tcpip.sys
.
[7] 2010-11-21 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-tdi-over-tcpip_31bf3856ad364e35_6.1.7601.17514_none_4863cdbaf2b532f8\tdx.sys
[7] 2010-11-21 . DDAD5A7AB24D8B65F8D724F5C20FD806 . 119296 . . [6.1.7601.17514] .. c:\windows\system32\drivers\tdx.sys
.
[7] 2010-11-21 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-browserservice_31bf3856ad364e35_6.1.7601.17514_none_d70f2c28b49dffae\browser.dll
[7] 2010-11-21 . 8EF0D5C41EC907751B8429162B1239ED . 136192 . . [6.1.7600.16385] .. c:\windows\system32\browser.dll
.
[7] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17725_none_0466c45b7371f20d\lsass.exe
[7] 2011-11-17 . 0A10B74FBB437FF9A23F1D5DE4446A83 . 31232 . . [6.1.7601.21861] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.21861_none_04c1204e8cb39c3f\lsass.exe
[7] 2009-07-14 . 0793F40B9B8A1BDD266296409DBD91EA . 31232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-lsa_31bf3856ad364e35_6.1.7601.17514_none_04709031736ac277\lsass.exe
[7] 2011-11-17 . C118A82CD78818C29AB228366EBF81C3 . 31232 . . [6.1.7601.17725] .. c:\windows\system32\lsass.exe
.
[7] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-netman_31bf3856ad364e35_6.1.7600.16385_none_6bb20d3d6b80d9da\netman.dll
[7] 2009-07-14 . 847D3AE376C0817161A14A82C8922A9E . 360448 . . [6.1.7600.16385] .. c:\windows\system32\netman.dll
.
[7] 2010-11-21 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-bits-client_31bf3856ad364e35_6.1.7601.17514_none_81b6ca5c101195cd\qmgr.dll
[7] 2010-11-21 . 1EA7969E3271CBC59E1730697DC74682 . 849920 . . [7.5.7600.16385] .. c:\windows\system32\qmgr.dll
.
[7] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[7] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll
.
[7] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[7] 2009-07-14 . 24ACB7E5BE595468E3B9AA488B9B4FCB . 328704 . . [6.1.7600.16385] .. c:\windows\system32\services.exe
.
[7] 2010-11-21 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-printing-spooler-core_31bf3856ad364e35_6.1.7601.17514_none_3471a890d8284f57\spoolsv.exe
[7] 2010-11-21 . B96C17B5DC1424D56EEA3A99E97428CD . 559104 . . [6.1.7601.17514] .. c:\windows\system32\spoolsv.exe
.
[7] 2010-11-21 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[7] 2010-11-21 . 1151B1BAA6F350B1DB6598E0FEA7C457 . 390656 . . [6.1.7601.17514] .. c:\windows\system32\winlogon.exe
.
[7] 2010-11-21 . 7FBFAA84FE176D9AE932ABC585AB68D5 . 51200 . . [7.5.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_1f3413afc64d10c5\wuauclt.exe
[7] 2010-11-21 . 7FBFAA84FE176D9AE932ABC585AB68D5 . 51200 . . [7.5.7601.17514] .. c:\windows\system32\wuauclt.exe
.
[7] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll
[7] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
[7] 2010-11-21 . 7FA8FDC2C2A27817FD0F624E78D3B50C . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
[7] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[7] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-complus.res_31bf3856ad364e35_6.1.7600.16385_none_88a5cc7effe2dfca\comres.dll
[7] 2009-07-14 . 1A47D52E303B7543E4E6026595B95422 . 1297408 . . [2001.12.8530.16385] .. c:\windows\system32\comres.dll
.
[7] 2010-11-21 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[7] 2010-11-21 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[7] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\winsxs\amd64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_68e290c46b6ea6d0\es.dll
[7] 2009-07-14 . 4166F82BE4D24938977DD1746BE9B8A0 . 402944 . . [2001.12.8530.16385] .. c:\windows\system32\es.dll
.
[7] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7600.16385_none_b84b0fbd941c03a9\imm32.dll
[7] 2009-07-14 . AA2C08CE85653B1A0D2E4AB407FA176C . 167424 . . [6.1.7600.16385] .. c:\windows\system32\imm32.dll
.
[7] 2010-11-21 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_0b207e7d6f1bea6f\usp10.dll
[7] 2010-11-21 . 2F8B1E3EE3545D3B5A8D56FA1AE07B65 . 800256 . . [1.0626.7601.17514] .. c:\windows\system32\usp10.dll
.
[7] 2011-07-16 . B9B42A302325537D7B9DC52D47F33A73 . 1162752 . . [6.1.7601.17651] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_f1b5ac086d0e33d5\kernel32.dll
[7] 2011-07-16 . 27AC02D8EE4C02E7648C41CB880151DA . 1163264 . . [6.1.7601.21772] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_f22aa945863b24d8\kernel32.dll
[7] 2011-05-14 . 0E1B2E16235AA7F89F064EE75DFC905E . 1162752 . . [6.1.7601.17617] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_f1e6ed746ce85c1b\kernel32.dll
[7] 2011-05-14 . 6743E8705A96FCBF71279B5AE2CCFDBC . 1163264 . . [6.1.7601.21728] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_f266ba9d860d312d\kernel32.dll
[7] 2010-11-21 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[7] 2011-07-16 . B9B42A302325537D7B9DC52D47F33A73 . 1162752 . . [6.1.7600.16385] .. c:\windows\system32\kernel32.dll
.
[7] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_945a23c3bf051859\linkinfo.dll
[7] 2009-07-14 . A0A65D306A5490D2EB8E7DE66898ECFD . 29696 . . [6.1.7600.16385] .. c:\windows\system32\linkinfo.dll
.
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_07e67eed71336b74\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_07c20e01714f59eb\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_086f1b6e8a51f1e7\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_084cab168a6c130c\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\system32\lpk.dll
.
[7] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-i..ectionsharingconfig_31bf3856ad364e35_6.1.7600.16385_none_0c2b375bae4a8d38\hnetcfg.dll
[7] 2009-07-14 . 3B367397320C26DBA890B260F80D1B1B . 424448 . . [6.1.7600.16385] .. c:\windows\system32\hnetcfg.dll
.
[7] 2012-02-28 . D785A16A6F03F76CB862F28C9F8C9672 . 17790976 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16443_none_87cdb199f4dba857\mshtml.dll
[7] 2012-02-28 . D785A16A6F03F76CB862F28C9F8C9672 . 17790976 . . [9.00.8112.16421] .. c:\windows\system32\mshtml.dll
.
[7] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_2f5acf97b59df60f\msvcrt.dll
[7] 2011-12-16 . F9A4C695C86CC32048FE2C987A0BD387 . 634880 . . [7.0.7601.21878] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_2fc7fdc6ced04f08\msvcrt.dll
[7] 2009-07-14 . 7319BB10FA1F86E49E3DCF4136F6C957 . 634880 . . [7.0.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_2d4a27c7b8972454\msvcrt.dll
[7] 2011-12-16 . C391FC68282A000CDF953F8B6B55D2EF . 634880 . . [7.0.7601.17744] .. c:\windows\system32\msvcrt.dll
.
[7] 2010-11-21 . 1D5185A4C7E6695431AE4B55C3D7D333 . 326144 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_16795c7543eb48cf\mswsock.dll
[7] 2010-11-21 . 1D5185A4C7E6695431AE4B55C3D7D333 . 326144 . . [6.1.7600.16385] .. c:\windows\system32\mswsock.dll
.
[7] 2010-11-21 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[7] 2010-11-21 . AA339DD8BB128EF66660DFBBB59043D3 . 695808 . . [6.1.7600.16385] .. c:\windows\system32\netlogon.dll
.
[7] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_ff0e900816896618\powrprof.dll
[7] 2009-07-14 . 716175021BDA290504CE434273F666BC . 167424 . . [6.1.7600.16385] .. c:\windows\system32\powrprof.dll
.
[7] 2010-11-21 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
[7] 2010-11-21 . ED78427259134C63ED69804D2132B86C . 232960 . . [6.1.7600.16385] .. c:\windows\system32\scecli.dll
.
[7] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_032ab4f375e2ac1f\sfc.dll
[7] 2009-07-14 . C6DCD1D11ED6827F05C00773C3E7053C . 3072 . . [6.1.7600.16385] .. c:\windows\system32\sfc.dll
.
[7] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_11b04b481efec48c\svchost.exe
[7] 2009-07-14 . C78655BC80301D76ED4FEF1C1EA40A7D . 27136 . . [6.1.7600.16385] .. c:\windows\system32\svchost.exe
.
[7] 2010-11-21 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_4162de4afb9222c0\tapisrv.dll
[7] 2010-11-21 . 40F0849F65D13EE87B9A9AE3C1DD6823 . 316928 . . [6.1.7600.16385] .. c:\windows\system32\tapisrv.dll
.
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
[7] 2010-11-21 . FE70103391A64039A921DBFFF9C7AB1B . 1008128 . . [6.1.7601.17514] .. c:\windows\system32\user32.dll
.
[7] 2010-11-21 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[7] 2010-11-21 . BAFE84E637BF7388C96EF48D4D3FDD53 . 30720 . . [6.1.7600.16385] .. c:\windows\system32\userinit.exe
.
[7] 2012-02-28 . 228443FF3A1FB0B974D278F7C6403FAD . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_7673927b74853f21\wininet.dll
[7] 2012-02-28 . B70CDC073F70E6D082A62AB5880D6B07 . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_770230b88d9e5d9e\wininet.dll
[7] 2011-12-14 . B1AC85B6ADC005CF3F9EB4E28DFDCCE6 . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_767191e774870c73\wininet.dll
[7] 2011-12-14 . C2FA4DBD6BB91D1AFD7D155120654AB9 . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_770030248da02af0\wininet.dll
[7] 2011-11-04 . 244D45F786E33C169A93F70BA63BABF8 . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_76fe2f908da1f842\wininet.dll
[7] 2011-11-04 . 69151E566295E5A977FE71FFAFD3B3F8 . 1390080 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_7670919d7487f31c\wininet.dll
[7] 2011-09-01 . 271E8FB1354AA205A214F280A6766E30 . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_7682638f7479888c\wininet.dll
[7] 2011-09-01 . 1B2D2D8E611DE70CEB13F104D39814BA . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20537_none_770c005a8d972856\wininet.dll
[7] 2011-07-22 . 0732B49B250E306F7A6591029AF9885B . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16434_none_767f62b1747c3c87\wininet.dll
[7] 2011-07-22 . 1A5A6898E90546B476D4E8A56626FC96 . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20534_none_7708ff7c8d99dc51\wininet.dll
[7] 2011-05-21 . 1BF2BCC7E3C26FD4C8EF0C9EFB0CC25D . 1389056 . . [9.00.8112.16421] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_768731bf7476d491\wininet.dll
[7] 2011-03-07 . AB026A724960570803E90DC370893BD0 . 1188864 . . [8.00.7601.17573] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_7a8760522fa622f3\wininet.dll
[7] 2011-03-07 . 93679DC9407BFC602D7E6BFC027455E0 . 1189376 . . [8.00.7601.21676] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_7b13fdfb48c10ec2\wininet.dll
[7] 2010-11-21 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[7] 2012-02-28 . 228443FF3A1FB0B974D278F7C6403FAD . 1390080 . . [9.00.8112.16421] .. c:\windows\system32\wininet.dll
.
[7] 2010-11-21 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_50ddb631e4f59005\ws2_32.dll
[7] 2010-11-21 . 4BBFA57F594F7E8A8EDC8F377184C3F0 . 297984 . . [6.1.7600.16385] .. c:\windows\system32\ws2_32.dll
.
[7] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6079f415110c0210\ws2help.dll
[7] 2009-07-14 . 8396C6C26AADDFE4590CCEF0F419B6B7 . 4608 . . [6.1.7600.16385] .. c:\windows\system32\ws2help.dll
.
[7] 2010-11-21 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll
[7] 2010-11-21 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[7] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
[7] 2009-07-14 . 86FE1B1F8FD42CD0DB641AB1CDB13093 . 18944 . . [6.1.7600.16385] .. c:\windows\system32\cngaudit.dll
.
[7] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[7] 2009-07-14 . 94355C28C1970635A31B3FE52EB7CEBA . 129024 . . [6.1.7600.16385] .. c:\windows\system32\wininit.exe
.
[7] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_f9257e7aaa4290ce\ctfmon.exe
[7] 2009-07-14 . 42B6A94DD747DF2B5F628A2752E62A98 . 9728 . . [6.1.7600.16385] .. c:\windows\system32\ctfmon.exe
.
[7] 2010-11-21 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_2b566299338d2123\shsvcs.dll
[7] 2010-11-21 . AAF932B4011D14052955D4B212A4DA8D . 370688 . . [6.1.7600.16385] .. c:\windows\system32\shsvcs.dll
.
[7] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-remoteregistry-service_31bf3856ad364e35_6.1.7600.16385_none_e55af7609d2857a8\regsvc.dll
[7] 2009-07-14 . E4D94F24081440B5FC5AA556C7C62702 . 159232 . . [6.1.7600.16385] .. c:\windows\system32\regsvc.dll
.
[7] 2010-11-21 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll
[7] 2010-11-21 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[7] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-upnpssdp_31bf3856ad364e35_6.1.7600.16385_none_dbbe6492eae9505c\ssdpsrv.dll
[7] 2009-07-14 . 51B52FBD583CDE8AA9BA62B8B4298F33 . 193024 . . [6.1.7600.16385] .. c:\windows\system32\ssdpsrv.dll
.
[7] 2010-11-21 . 2E648163254233755035B46DD7B89123 . 680960 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-t..teconnectionmanager_31bf3856ad364e35_6.1.7601.17514_none_ecc547376ae3a1a3\termsrv.dll
[7] 2010-11-21 . 2E648163254233755035B46DD7B89123 . 680960 . . [6.1.7601.17514] .. c:\windows\system32\termsrv.dll
.
[7] 2012-03-06 . BAA66E360105F79B5948A2FDAF3AA8FE . 5559152 . . [6.1.7601.17790] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_c9fbea53cb071123\ntoskrnl.exe
[7] 2012-03-06 . FCAB208AC0F7263A84EB627B1517E5AC . 5561200 . . [6.1.7601.21936] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_cacc6a48e3ee9e78\ntoskrnl.exe
[7] 2011-11-19 . 1AFFF8D5352AECEF2ECD47FFA02D7F7D . 5559152 . . [6.1.7601.17727] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_ca4e9bcdcac7feed\ntoskrnl.exe
[7] 2011-11-19 . 70A2D18E0B2A1ADBAE90008684E030AC . 5561200 . . [6.1.7601.21863] .. c:\windows\winsxs\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_caa8f7c0e409a91f\ntoskrnl.exe
[7] 2012-03-06 . BAA66E360105F79B5948A2FDAF3AA8FE . 5559152 . . [6.1.7601.17790] .. c:\windows\system32\ntoskrnl.exe
.
[7] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_4627a1cbadebced2\ksuser.dll
[7] 2009-07-14 . 8560FFFC8EB3A806DCD4F82252CFC8C6 . 5120 . . [6.1.7600.16385] .. c:\windows\system32\ksuser.dll
.
[7] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
[7] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[7] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll
[7] 2010-11-21 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
.
[7] 2010-11-21 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[7] 2010-11-21 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
.
[7] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\SysWOW64\es.dll
[7] 2009-07-14 . F6916EFC29D9953D5D0DF06882AE8E16 . 271360 . . [2001.12.8530.16385] .. c:\windows\winsxs\wow64_microsoft-windows-c..complus-eventsystem_31bf3856ad364e35_6.1.7600.16385_none_73373b169fcf68cb\es.dll
.
[7] 2010-11-21 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\SysWOW64\imm32.dll
[7] 2010-11-21 . A6F09E5669D9A19035F6D942CAA15882 . 119808 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-imm32_31bf3856ad364e35_6.1.7601.17514_none_c4d0cdd7c56b493e\imm32.dll
.
[7] 2011-07-16 . D3CB12854171DF61D117D7C2BF22C675 . 1114112 . . [6.1.7601.21772] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21772_none_fc7f5397ba9be6d3\kernel32.dll
[7] 2011-07-16 . 99C3F8E9CC59D95666EB8D8A8B4C2BEB . 1114112 . . [6.1.7600.16385] .. c:\windows\SysWOW64\kernel32.dll
[7] 2011-07-16 . 99C3F8E9CC59D95666EB8D8A8B4C2BEB . 1114112 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17651_none_fc0a565aa16ef5d0\kernel32.dll
[7] 2011-05-14 . CC5CBC069944E7EA70D8674478A70A37 . 837632 . . [6.1.7601.21728] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.21728_none_fcbb64efba6df328\kernel32.dll
[7] 2011-05-14 . 166116134C58DC36400DE59ACD64FB39 . 837632 . . [6.1.7601.17617] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17617_none_fc3b97c6a1491e16\kernel32.dll
[7] 2010-11-21 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
.
[7] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\SysWOW64\linkinfo.dll
[7] 2009-07-14 . 5987EA8A82C53359BCD2C29D6588583E . 22016 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-linkinfo_31bf3856ad364e35_6.1.7600.16385_none_9eaece15f365da54\linkinfo.dll
.
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\SysWOW64\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17537_none_123b293fa5942d6f\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17563_none_1216b853a5b01be6\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21636_none_12c3c5c0beb2b3e2\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.21664_none_12a15568beccd507\lpk.dll
.
.
[7] 2011-12-16 . 2F740C4B458331357E825E94AFB0953A . 690688 . . [7.0.7601.21878] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.21878_none_d3a962431672ddd2\msvcrt.dll
[7] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\SysWOW64\msvcrt.dll
[7] 2011-12-16 . 9DC80A8AAAAAC397BDAB3C67165A824E . 690688 . . [7.0.7601.17744] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7601.17744_none_d33c3413fd4084d9\msvcrt.dll
[7] 2009-07-14 . E46D48A7FE961401F1CBF85531CDF05D . 690688 . . [7.0.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-msvcrt_31bf3856ad364e35_6.1.7600.16385_none_d12b8c440039b31e\msvcrt.dll
.
[7] 2010-11-21 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7600.16385] .. c:\windows\SysWOW64\mswsock.dll
[7] 2010-11-21 . 8999B8631C7FD9F7F9EC3CAFD953BA24 . 232448 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..-infrastructure-bsp_31bf3856ad364e35_6.1.7601.17514_none_ba5ac0f18b8dd799\mswsock.dll
.
[7] 2010-11-21 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\SysWOW64\netlogon.dll
[7] 2010-11-21 . C1809B9907ADEDAF16F50C894100883B . 563712 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
.
[7] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\SysWOW64\powrprof.dll
[7] 2009-07-14 . 08DFDBD2FD4EA951DC46B1C7661ED35A . 145408 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userpowermanagement_31bf3856ad364e35_6.1.7600.16385_none_a2eff4845e2bf4e2\powrprof.dll
.
[7] 2010-11-21 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7600.16385] .. c:\windows\SysWOW64\scecli.dll
[7] 2010-11-21 . 8124944EC89D6A1815E4E53F5B96AAF4 . 175616 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
.
[7] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\SysWOW64\sfc.dll
[7] 2009-07-14 . 40CAEEE0EAF1B8569F7C8DF6420F2CB9 . 2560 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-sfc_31bf3856ad364e35_6.1.7600.16385_none_a70c196fbd853ae9\sfc.dll
.
[7] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\SysWOW64\svchost.exe
[7] 2009-07-14 . 54A47F6B5E09A77E61649109C6A08866 . 20992 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.1.7600.16385_none_b591afc466a15356\svchost.exe
.
[7] 2010-11-21 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\SysWOW64\tapisrv.dll
[7] 2010-11-21 . 613BF4820361543956909043A265C6AC . 242176 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-tapiservice_31bf3856ad364e35_6.1.7601.17514_none_e54442c74334b18a\tapisrv.dll
.
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\SysWOW64\user32.dll
[7] 2010-11-21 . 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 . 833024 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
.
[7] 2010-11-21 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\SysWOW64\userinit.exe
[7] 2010-11-21 . 61AC3EFDFACFDD3F0F11DD4FD4044223 . 26624 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] .. c:\windows\SysWOW64\wininet.dll
[7] 2012-02-28 . 44465367256D1C72B58F5ABAA19E7016 . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16443_none_1a54f6f7bc27cdeb\wininet.dll
[7] 2012-02-28 . 11A34DCA08EB2A586246F2D6C2A81D58 . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20548_none_1ae39534d540ec68\wininet.dll
[7] 2011-12-14 . 1D94FA7C81D2FFE494AF094619BA706F . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16441_none_1a52f663bc299b3d\wininet.dll
[7] 2011-12-14 . 022A78194E2C7106F5AF9F2BC6AC8774 . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20546_none_1ae194a0d542b9ba\wininet.dll
[7] 2011-11-03 . 32569DF2F9BEF05DD7D56E30590EDFD9 . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20544_none_1adf940cd544870c\wininet.dll
[7] 2011-11-03 . 02F98B5C0E397AD06124D84428CF8F1A . 1127424 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16440_none_1a51f619bc2a81e6\wininet.dll
[7] 2011-09-01 . D3788D91530CFA005BD516189A4C676E . 1126912 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16437_none_1a63c80bbc1c1756\wininet.dll
[7] 2011-09-01 . C0FCEE8D760C70DB6EF858BB2262288E . 1126912 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20537_none_1aed64d6d539b720\wininet.dll
[7] 2011-07-22 . 2C7332C222D1FE1FC57D622699A8C001 . 1126912 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16434_none_1a60c72dbc1ecb51\wininet.dll
[7] 2011-07-22 . AA75F065975FCE762FC9BBF5A3C08368 . 1126912 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.20534_none_1aea63f8d53c6b1b\wininet.dll
[7] 2011-05-21 . A1236375B74EA63C75657D564890C436 . 1126912 . . [9.00.8112.16421] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16421_none_1a68963bbc19635b\wininet.dll
[7] 2011-03-07 . A5B19B240901CAB0C8E7767D2873613E . 981504 . . [8.00.7601.17573] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17573_none_1e68c4ce7748b1bd\wininet.dll
[7] 2011-03-07 . EDEB2904636B657782F824D8FF97D0B8 . 981504 . . [8.00.7601.21676] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.21676_none_1ef5627790639d8c\wininet.dll
[7] 2010-11-21 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
.
[7] 2010-11-21 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2_32.dll
[7] 2010-11-21 . 7FF15A4F092CD4A96055BA69F903E3E9 . 206848 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-w..nfrastructure-ws232_31bf3856ad364e35_6.1.7601.17514_none_f4bf1aae2c981ecf\ws2_32.dll
.
[7] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ws2help.dll
[7] 2009-07-14 . 808AABDF9337312195CAFF76D1804786 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-w..nfrastructure-other_31bf3856ad364e35_6.1.7600.16385_none_6ace9e67456cc40b\ws2help.dll
.
[7] 2011-02-26 . 3B69712041F3D63605529BD66DC00C48 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\explorer.exe
[7] 2011-02-25 . 332FEAB1435662FC6C672E25BEB37BE3 . 2871808 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[7] 2010-11-21 . AC4C51EB24AA95B77F705AB159189E24 . 2872320 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
.
[7] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 427008 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[7] 2009-07-14 . 2E2C937846A0B8789E5E91739284D17A . 398336 . . [6.1.7600.16385] .. c:\windows\regedit.exe
.
[7] 2010-11-21 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[7] 2010-11-21 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll
.
[7] 2010-11-21 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] .. c:\windows\SysWOW64\usp10.dll
[7] 2010-11-21 . 804AAAFEBB3AD5F49334DD906BCB1DE5 . 626176 . . [1.0626.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-usp_31bf3856ad364e35_6.1.7601.17514_none_af01e2f9b6be7939\usp10.dll
.
[7] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ksuser.dll
[7] 2009-07-14 . 9C67F6BBDA3881CFD02095160CF91576 . 4608 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-d..tshow-kernelsupport_31bf3856ad364e35_6.1.7601.17514_none_ea090647f58e5d9c\ksuser.dll
.
[7] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ctfmon.exe
[7] 2009-07-14 . 4A3CDCEF8ED41B221F3DBEF5792FB52D . 8704 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-t..cesframework-ctfmon_31bf3856ad364e35_6.1.7600.16385_none_9d06e2f6f1e51f98\ctfmon.exe
.
[7] 2010-11-21 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] .. c:\windows\SysWOW64\shsvcs.dll
[7] 2010-11-21 . 414DA952A35BF5D50192E28263B40577 . 328192 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-shsvcs_31bf3856ad364e35_6.1.7601.17514_none_35ab0ceb67ede31e\shsvcs.dll
.
[7] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cngaudit.dll
[7] 2009-07-14 . 50BA656134F78AF64E4DD3C8B6FEFD7E . 12288 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
.
[7] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\SysWOW64\wininit.exe
[7] 2009-07-14 . B5C5DCAD3899512020D135600129D665 . 96256 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
.
[7] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ias.dll
[7] 2009-07-14 . A1E91B5B5273573FC132B683E550B5E6 . 19456 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-n..ion_service_runtime_31bf3856ad364e35_6.1.7601.17514_none_fb08448fa0c85c23\ias.dll
.
[7] 2010-11-21 03:24 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6140] .. c:\windows\SysWOW64\mfc40u.dll
[7] 2010-11-21 03:24 . AB9EB3745B03AE67AB241A82338DEA7B . 954288 . . [4.1.6151] .. c:\windows\winsxs\x86_microsoft-windows-mfc40u_31bf3856ad364e35_6.1.7601.17514_none_f51a7bf0b3d25294\mfc40u.dll
.
[7] 2012-03-06 . 43711ABF8AE553A7B5FFFF61E60C419D . 3968368 . . [6.1.7601.17790] .. c:\windows\SysWOW64\ntkrnlpa.exe
[7] 2012-03-06 . 43711ABF8AE553A7B5FFFF61E60C419D . 3968368 . . [6.1.7601.17790] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntkrnlpa.exe
[7] 2012-03-06 . 07B026E7A2C873D09F0073141EE2099E . 3972464 . . [6.1.7601.21936] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntkrnlpa.exe
[7] 2011-11-19 . 31C59B0CA08B1203E35D2BA19319279E . 3968368 . . [6.1.7601.17727] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntkrnlpa.exe
[7] 2011-11-19 . 2EDA0DCCF5F00CDB91A9ECBE45CB0B3D . 3971440 . . [6.1.7601.21863] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntkrnlpa.exe
[7] 2011-06-23 . 3624D782F8B061B6FBA3A35E2FE53CFD . 3967872 . . [6.1.7601.21755] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntkrnlpa.exe
.
[7] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\SysWOW64\upnphost.dll
[7] 2009-07-14 . 833FBB672460EFCE8011D262175FAD33 . 266752 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-upnpdevicehost_31bf3856ad364e35_6.1.7600.16385_none_2831d06e8295c671\upnphost.dll
.
[7] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\SysWOW64\dsound.dll
[7] 2009-07-14 . 0E85C11F8850D524B02181C6E02BA9AE . 453632 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-dsound_31bf3856ad364e35_6.1.7600.16385_none_5872147ba3367471\dsound.dll
.
[7] 2010-11-21 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\SysWOW64\d3d9.dll
[7] 2010-11-21 . 6EF5F3F18413C367195F06E503AB86A6 . 1828352 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-directx-direct3d9_31bf3856ad364e35_6.1.7601.17514_none_c454d690bf084f04\d3d9.dll
.
[7] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ddraw.dll
[7] 2009-07-14 . 198552AEFECA69D646867EC8D792DE95 . 531968 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-directx-directdraw_31bf3856ad364e35_6.1.7600.16385_none_04dbf9102154d42e\ddraw.dll
.
[7] 2010-11-21 03:24 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\SysWOW64\olepro32.dll
[7] 2010-11-21 03:24 . 703FFD301AB900B047337C5D40FD6F96 . 90112 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_6.1.7601.17514_none_3c1b247e5ff65f89\olepro32.dll
.
[7] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\SysWOW64\perfctrs.dll
[7] 2009-07-14 . EDD2AD141DEBD425D74A52A4D7BE6AC4 . 39424 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-p..ormancebasecounters_31bf3856ad364e35_6.1.7600.16385_none_97bcd9bcab2b9b3a\perfctrs.dll
.
[7] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\SysWOW64\version.dll
[7] 2009-07-14 . 702254574E7E52052DE39408457B7149 . 21504 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-version_31bf3856ad364e35_6.1.7600.16385_none_14d4a552b2395165\version.dll
.
[7] 2011-05-21 . 904E13BA41AF2E353A32CF351CA53639 . 748336 . . [9.00.8112.16421] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_9.4.8112.16421_none_17a944edb4ca4c7a\iexplore.exe
[7] 2010-11-21 . C613E69C3B191BB02C7A191741A1D024 . 673040 . . [8.00.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_8.0.7601.17514_none_1beb53526fc80c8d\iexplore.exe
.
.
[7] 2012-03-06 . 53B4BDEA12A032EEC71E60B6BFF42F37 . 3913072 . . [6.1.7601.17790] .. c:\windows\SysWOW64\ntoskrnl.exe
[7] 2012-03-06 . 53B4BDEA12A032EEC71E60B6BFF42F37 . 3913072 . . [6.1.7601.17790] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17790_none_6ddd4ed012a99fed\ntoskrnl.exe
[7] 2012-03-06 . 57B7DE30C4E65AD19CA13AC3065EE60B . 3916656 . . [6.1.7601.21936] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21936_none_6eadcec52b912d42\ntoskrnl.exe
[7] 2011-11-19 . F0F0E99A65F598A1A7720F5111C4DA8F . 3913584 . . [6.1.7601.17727] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17727_none_6e30004a126a8db7\ntoskrnl.exe
[7] 2011-11-19 . 00B12EA93ED392FBD09F07B63E926647 . 3916656 . . [6.1.7601.21863] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21863_none_6e8a5c3d2bac37e9\ntoskrnl.exe
[7] 2011-06-23 . 90EFDB506F6140EEA9DEE398D9449D86 . 3912576 . . [6.1.7601.21755] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21755_none_6e972ad72ba2517f\ntoskrnl.exe
[7] 2011-06-23 . FB58ABD5E1F75A2CF713C9DFF0EC0804 . 3912576 . . [6.1.7601.17640] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17640_none_6e135c8612811711\ntoskrnl.exe
[7] 2011-04-09 . 5D21C487F79F8245E799071589E035BF . 3912576 . . [6.1.7601.17592] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17592_none_6ddf4b9812a7d84d\ntoskrnl.exe
[7] 2011-04-09 . D385343510B75545EC5DB3A64C2D2492 . 3912576 . . [6.1.7601.21701] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.21701_none_6ec9394b2b7d606e\ntoskrnl.exe
[7] 2010-11-21 . 2088D9994332583EDB3C561DE31EA5AD . 3911040 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-os-kernel_31bf3856ad364e35_6.1.7601.17514_none_6e37cb8c12652b73\ntoskrnl.exe
.
[7] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\SysWOW64\midimap.dll
[7] 2009-07-14 . 5A12C364AD1D4FCC0AD0E56DBBC34462 . 16896 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-audio-mmecore-other_31bf3856ad364e35_6.1.7600.16385_none_8cd41e2771e37717\midimap.dll
.
[7] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\SysWOW64\rasadhlp.dll
[7] 2009-07-14 . ED6EE83D61EBC683C2CD8E899EA6FEBE . 11776 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-rasautodial_31bf3856ad364e35_6.1.7600.16385_none_76239aafb364e805\rasadhlp.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2012-04-23 23:44	2067328	----a-w-	c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG Secure Search\11.0.0.9\AVG Secure Search_toolbar.dll" [2012-04-23 2067328]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2011-05-14 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="c:\program files (x86)\Launch Manager\HotkeyApp.exe" [2010-12-15 207400]
"LMgrVolOSD"="c:\program files (x86)\Launch Manager\OSD.exe" [2009-12-11 348960]
"Wbutton"="c:\program files (x86)\Launch Manager\Wbutton.exe" [2010-06-21 436264]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-11-17 113288]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2009-11-02 103720]
"AVG_TRAY"="c:\program files (x86)\AVG\AVG2012\avgtray.exe" [2012-02-16 2575712]
"vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2012-04-23 1116544]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2011-10-24 421888]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-01-16 421736]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute	REG_MULTI_SZ   	autocheck autochk *\0c:\progra~2\AVG\AVG2012\avgrsa.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
"FirewallOverride"=dword:00000001
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-14 136176]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 253600]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [x]
R3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\S.A.D\CyberGhost VPN\CGVPNCliService.exe [2011-03-22 2421384]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-14 136176]
R3 mod7764;Tv Tuner device;c:\windows\system32\DRIVERS\mod77-64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-02-04 340240]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUVStor.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x]
R4 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [2011-09-01 1025352]
R4 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 AVGIDSEH;AVGIDSEH;c:\windows\system32\DRIVERS\avgidseha.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [x]
S1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-02-17 1133568]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2012\avgidsagent.exe [2012-02-14 5104992]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-02-11 907600]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-02-11 997712]
S2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-02-09 134928]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 DRHARD64;DRHARD64;c:\windows\system32\drivers\DRHARD64.sys [2008-08-06 22216]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-06 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesService64.exe [2011-11-21 1403200]
S2 vToolbarUpdater11.0.2;vToolbarUpdater11.0.2;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\11.0.2\ToolbarUpdater.exe [2012-04-23 932736]
S2 watchmi;watchmi service;c:\program files (x86)\watchmi\TvdService.exe [2010-12-06 62464]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [x]
S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [x]
S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\DRIVERS\avgidsfiltera.sys [x]
S3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-02-11 1304912]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [x]
S3 NETwNs64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETwNs64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2010\TuneUpUtilitiesDriver64.sys [2010-02-24 11856]
S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys [x]
S3 WisLMSvc;WisLMSvc;c:\program files (x86)\Launch Manager\WisLMSvc.exe [2009-10-23 118560]
S3 X10Hid;X10 Hid Device;c:\windows\System32\Drivers\x10hid.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 89951436
*NewlyCreated* - AVGIDSDRIVER
*NewlyCreated* - AVGIDSFILTER
*Deregistered* - 89951436
.
Inhalt des "geplante Tasks" Ordners
.
2012-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-30 20:46]
.
2012-04-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-14 18:30]
.
2012-04-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-05-14 18:30]
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-09 11780712]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-03-09 2189416]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-02-11 10361616]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-03-25 167960]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-03-25 391704]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-03-25 418840]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://plasmoo.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to iPod Converter - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm
IE: Free YouTube to MP3 Converter - c:\users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Google Sidewiki... - c:\program files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_7461B1589E8B4FB7.dll/cmsidewiki.html
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
IE: {{7578ADEA-D65F-4C89-A249-B1C88B6FFC20} - c:\program files (x86)\ICQ7.5\ICQ.exe
TCP: DhcpNameServer = 192.168.0.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\11.0.2\ViProtocol.dll
FF - ProfilePath - c:\users\*****\AppData\Roaming\Mozilla\Firefox\Profiles\skt606fk.default\
FF - prefs.js: browser.search.defaulturl - hxxp://plasmoo.com/index.htm?SearchMashine=true&amp;q={searchTerms}
FF - prefs.js: browser.startup.homepage - hxxp://ixquick.com/deu/
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.max-persistent-connections-per-server - 4
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
Wow6432Node-HKLM-Run-ROC_roc_dec12 - c:\program files (x86)\AVG Secure Search\ROC_roc_dec12.exe
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-ALDI SÜD Mah Jong - c:\windows\system32\Uninstall ALDI SÜD Mah Jong.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="ChromeHTML"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10n_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10n.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-04-24  02:31:51
ComboFix-quarantined-files.txt  2012-04-24 00:31
.
Vor Suchlauf: 11 Verzeichnis(se), 624.903.610.368 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 624.651.915.264 Bytes frei
.
- - End Of File - - 3854BF81BDAA134E256DDB096BD89234

15.04.2012, 19:05	#16
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Smart Fortress 2012/Probleme nach Bereinigung Dann hättest du zuvor aber AntiVir deinstallieren müssen! Oder geht das auch nicht mehr __________________ Logfiles bitte immer in CODE-Tags posten

16.04.2012, 11:45	#20
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Smart Fortress 2012/Probleme nach Bereinigung Es ist hochproblematisch zwei solcher Virenscanner wie zB AntiVir und AVG parallel zu nutzen! Was ist daran nicht zu verstehen? Die kommen sich gegenseitig in die Quere und bremsen das System aus Nun deinstalliere bitte endlich Avira __________________ Logfiles bitte immer in CODE-Tags posten

16.04.2012, 19:20	#22
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Smart Fortress 2012/Probleme nach Bereinigung Mach danach bitte wieder ein neues OTL-Log __________________ Logfiles bitte immer in CODE-Tags posten

Smart Fortress 2012/Probleme nach Bereinigung

Log-Analyse und Auswertung: Smart Fortress 2012/Probleme nach Bereinigung