Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 21.06.2012, 10:48   #1
Ceyx74
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi Community,

bin neu hier und habe schon diverse Berichte zu dem GVU/ BSI Trojaner gelesen, nachdem dieser den Lap meiner Mutter Gestern befallen hat. Im Gegensatz zu vielen, hatte ich die Gelegenheit im abgesicherten Modus mit Netzwerk zu starten.

Was ich bisher gamcht habe, Malewarebytes laufengelassen, leider ohne treffer, habe den Kontonamen geändert (warum auch immer, nicht fragen bin Leihe) und habe einen Reboot gemacht. Reboot erfolgreich, habe dann auch wieder Interzugang gehabt und nachfolgend alle offen Updates durchgeführt und noch Maleware von Emisoft geladen und gescannt. Der hatte dann noch etwas gefunden und gelöscht...die Hinweise zum nicht löschen hatte ich leider in der Hektik nicht gelesen, sorry dafür!

Jetzt läuft das Ding wieder ohen Probleme, trau dem Frieden jedoch nicht ganz, daher habe ich noch OTL geladen und ausgeführt und den Log anbei angefügt. Würde mich über Feedback aus der Reihe der Wissenden freuen und gerne wissen ob noch etwas zu tun ist und wenn was?

Gruß und besten Dank im Voraus --> sorry for typos

Code:
ATTFilter
 OTL logfile created on: 21.06.2012 10:09:05 - Run 1
OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\...\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,73% Memory free
7,49 Gb Paging File | 5,13 Gb Available in Paging File | 68,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,28 Gb Total Space | 527,46 Gb Free Space | 90,74% Space Free | Partition Type: NTFS
Drive D: | 14,60 Gb Total Space | 1,80 Gb Free Space | 12,33% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: ...-LAP1 | User Name: ... | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.06.21 10:06:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
PRC - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012.06.17 15:44:44 | 003,367,328 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2011.08.19 15:48:44 | 000,379,960 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
PRC - [2011.03.23 09:16:38 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2010.12.15 22:01:28 | 000,249,672 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
PRC - [2010.12.15 22:01:22 | 000,635,208 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
PRC - [2010.12.15 22:01:08 | 000,142,664 | ---- | M] (HP) -- C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
PRC - [2010.12.11 04:32:56 | 000,154,816 | ---- | M] (Zecter Inc.) -- C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\zumodrive.exe
PRC - [2010.11.18 12:57:28 | 001,040,952 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\PictureMover\Bin\PictureMover.exe
PRC - [2010.11.17 19:53:16 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.11.09 16:20:36 | 000,586,296 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.04.23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
PRC - [2010.01.04 12:07:06 | 000,083,280 | ---- | M] (Trend Micro Inc.) -- C:\Programme\Trend Micro\TrendSecure\TISProToolbar\ProToolbarUpdate.exe
PRC - [2009.07.25 03:09:14 | 000,329,040 | ---- | M] (Trend Micro Inc.) -- C:\Programme\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.21 07:02:36 | 000,379,904 | ---- | M] () -- C:\Users\...\AppData\Local\Temp\libsqlitejdbc-3938884281665348199.lib
MOD - [2012.06.21 07:02:28 | 000,199,168 | ---- | M] () -- C:\Users\...\AppData\Local\Temp\WindowsAPI.dll1905712988578935392.lib
MOD - [2010.11.18 13:07:50 | 001,700,920 | ---- | M] () -- C:\Users\...\AppData\Roaming\PictureMover\DE-DE\Presentation.dll
MOD - [2010.11.18 12:57:42 | 012,284,984 | ---- | M] () -- C:\Users\...\AppData\Roaming\PictureMover\Bin\Core.dll
MOD - [2010.08.16 13:21:30 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010.08.16 13:21:30 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010.08.16 13:21:30 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009.07.14 03:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2011.12.28 19:51:30 | 000,570,632 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Program Files\Trend Micro\BM\TMBMSRV.exe -- (TMBMServer)
SRV:64bit: - [2011.05.27 12:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010.12.10 09:05:42 | 000,203,776 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2010.12.09 23:33:22 | 000,354,304 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV - [2012.06.17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2011.12.28 19:51:30 | 000,917,768 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Programme\Trend Micro\Internet Security\TmProxy.exe -- (TmProxy)
SRV - [2011.12.28 19:51:30 | 000,595,960 | ---- | M] (Trend Micro Inc.) [On_Demand | Running] -- C:\Programme\Trend Micro\Internet Security\TmPfw.exe -- (TmPfw)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011.09.01 18:06:50 | 000,227,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010.12.15 22:01:28 | 000,249,672 | ---- | M] (HP) [Auto | Running] -- C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe -- (FPLService)
SRV - [2010.12.02 06:44:08 | 000,275,968 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2010.11.09 16:20:34 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2010.11.08 18:52:56 | 000,836,504 | ---- | M] (Trend Micro Inc.) [Auto | Running] -- C:\Programme\Trend Micro\Internet Security\SfCtlCom.exe -- (SfCtlCom)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.09.21 15:49:00 | 002,286,976 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.08.05 20:51:08 | 000,291,896 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV - [2010.07.21 15:33:00 | 000,103,992 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Programme\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe -- (HP Wireless Assistant Service)
SRV - [2010.06.17 05:23:36 | 000,194,496 | ---- | M] (Advanced Micro Devices) [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe -- (AMD Reservation Manager)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.09.20 12:55:20 | 001,037,824 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.03 12:42:58 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\IDT\WDM\AESTSr64.exe -- (AESTFilters)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.28 19:51:31 | 000,339,984 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmwfp.sys -- (tmwfp)
DRV:64bit: - [2011.12.28 19:51:31 | 000,200,720 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmlwf.sys -- (tmlwf)
DRV:64bit: - [2011.12.28 19:51:31 | 000,107,536 | ---- | M] (Trend Micro Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tmtdi.sys -- (tmtdi)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.08.01 16:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.07.12 12:56:50 | 000,342,288 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmxpflt.sys -- (tmxpflt)
DRV:64bit: - [2011.07.12 12:56:36 | 000,042,768 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\tmpreflt.sys -- (tmpreflt)
DRV:64bit: - [2011.07.12 12:47:06 | 002,077,456 | ---- | M] (Trend Micro Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vsapint.sys -- (vsapint)
DRV:64bit: - [2011.05.27 12:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011.05.27 12:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011.05.18 09:08:32 | 000,047,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d) MS Hardware Device Detection Driver (USB)
DRV:64bit: - [2011.03.23 09:17:06 | 000,031,088 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.17 04:28:38 | 001,403,440 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.12.10 11:40:38 | 008,121,344 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.12.10 08:24:20 | 000,291,328 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.12.08 23:30:08 | 000,329,832 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2010.12.02 06:44:08 | 000,520,192 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.11.19 20:34:26 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010.11.19 20:34:26 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010.10.19 21:56:44 | 000,406,632 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.09.28 13:54:56 | 002,562,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athwx.sys -- (AR5416)
DRV:64bit: - [2010.09.26 20:15:22 | 002,374,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.06.17 15:15:36 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie) AMD PCI Express (3GIO)
DRV:64bit: - [2010.05.06 14:21:46 | 000,125,456 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.29 14:43:20 | 000,038,528 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2010.02.18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel(R)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012.04.30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2012.04.30 18:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2011.05.19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010.05.05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {ec29edf6-ad3c-4e1c-a087-d6cb81400c43}
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKLM\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\...\Desktop
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes,DefaultScope = {734E87CA-0C26-44BC-B70A-AE0ED8B086BB}
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{734E87CA-0C26-44BC-B70A-AE0ED8B086BB}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{7BC37B0B-ED6D-4949-AD42-9B19E901DD70}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
IE - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_33: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.27 18:58:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22181a4d-af90-4ca3-a569-faed9118d6bc}: C:\Program Files\Trend Micro\TrendSecure\TISProToolbar\FirefoxExtension [2011.12.28 20:16:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.12.27 18:58:39 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\16.0.912.75\gcswf32.dll
CHR - plugin: Simple Pass 2011 (Enabled) = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\npwebsitelogon.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.220.4 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U22 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0\
CHR - Extension: Google-Suche = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0\
CHR - Extension: Website Logon = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhfpefkeidlhbjljfdojcnngjbddgein\1.0_0\
CHR - Extension: Google Mail = C:\Users\...\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (TSToolbarBHO) - {43C6D902-A1C5-45c9-91F6-FD9E90337E18} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (TrueSuite Website Log On) - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Trend Micro Toolbar) - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe ()
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4:64bit: - HKLM..\Run: [UfSeAgnt.exe] C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe (Trend Micro Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [TrendSecure Remote File Lock] C:\Program Files\Trend Micro\TrendSecure\RemoteFileLock\FLMain.exe (Trend Micro Inc.)
O4 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001..\Run: [ZumoDrive] C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ZumoLauncher.lnk ()
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0
O7 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O7 - HKU\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9 - Extra Button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe (PokerStars)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab (Java Plug-in 1.6.0_33)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{614482C6-7F92-452A-82C1-791D345C532C}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{973D5F0A-BFF5-4882-B62C-6BF82B644C81}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\tmtb - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\tmtb {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Programme\Trend Micro\TrendSecure\TISProToolbar\TSToolbar.dll (Trend Micro Inc.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
ActiveX: {166B1BCA-3F9C-11CF-8075-444553540000} - Macromedia Shockwave Director 10.1
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {233C1507-6A77-46A4-9443-F871F945D258} - Adobe Shockwave Director 10.4
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2A202491-F00D-11cf-87CC-0020AFEECF20} - Macromedia Shockwave Director 10.1
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.06.21 10:06:32 | 000,596,992 | ---- | C] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
[2012.06.20 22:53:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.06.20 22:53:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012.06.20 22:53:06 | 000,000,000 | ---D | C] -- C:\Users\...\Documents\Anti-Malware
[2012.06.20 22:40:17 | 137,888,424 | ---- | C] (Emsisoft GmbH                                               ) -- C:\Users\...\Desktop\EmsisoftAntiMalwareSetup.exe
[2012.06.20 20:57:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2012.06.20 20:56:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2012.06.20 20:55:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.06.20 20:49:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012.06.20 17:01:43 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Roaming\Malwarebytes
[2012.06.20 17:01:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.06.20 17:01:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.06.20 17:01:31 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.06.20 17:01:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.16 09:07:52 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A3B38392-0552-4D70-9910-3D85962F2626}
[2012.06.13 14:47:54 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{FB7E3D9E-4EA2-4892-8A91-6CB98D0A685D}
[2012.06.13 14:47:30 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{3D6C78F9-924F-4B89-8BAF-34838D4B8AC3}
[2012.06.12 19:59:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{EAB44E5E-9418-450A-AD9C-83AC48B85064}
[2012.06.12 10:25:32 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{3705DD42-A5D6-49A0-AEFE-AB1B69400F7D}
[2012.06.12 10:25:08 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{1F07B979-6BFB-4A22-9005-054540B6EE14}
[2012.06.12 08:15:23 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{8B3B8087-AE0C-40B7-9015-E9908638FE2F}
[2012.06.12 08:15:11 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B59B7C38-E1D6-4906-A6E7-42EA09386FEB}
[2012.06.12 07:17:04 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{4DF2B4B9-1643-4E14-9479-31DCEFC990B9}
[2012.06.12 07:16:50 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A1ABFA58-323A-4282-8908-D08A05992EAC}
[2012.06.08 11:38:05 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B3C90258-506F-402F-87F7-494F71659C81}
[2012.06.08 11:37:39 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{57D46025-55FF-4130-8A39-AEC6751BA8F6}
[2012.06.07 22:27:32 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{E77816A4-E26E-41B9-8154-D74752B279C5}
[2012.06.07 22:27:08 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{65B19811-EE13-4D3F-AC90-C53781EE569D}
[2012.06.06 20:02:54 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{C686887E-D3AA-425E-958B-0AB1137AA755}
[2012.06.06 20:02:30 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{E1D08AB3-301E-40DB-9E79-8BE75BA7EA69}
[2012.06.06 17:51:44 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{A6037A2D-5CC5-4223-A34B-E73CC8D0AFBD}
[2012.06.06 17:51:18 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{7E266F56-38A7-4261-9E9C-95BB723FF6E1}
[2012.06.05 20:29:03 | 000,000,000 | --SD | C] -- C:\Users\...\Documents\Meine Datenquellen
[2012.06.05 20:26:46 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{70944899-0B1A-452D-A416-032B67BA628F}
[2012.06.05 20:26:19 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{B26E6A1C-A1C7-44FC-A962-E5A96A7F8D25}
[2012.06.05 08:26:19 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{7B52FB50-5948-4D0E-A4FA-8A8C86299D84}
[2012.06.05 08:25:24 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{93F5350A-82B5-4410-BFE8-428EC98B44BF}
[2012.06.05 07:56:25 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{870ED6CD-7E75-48F6-ADF9-57E28CD09B81}
[2012.06.04 09:22:38 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{83CB33AA-2683-462D-8CB5-BD944F3DF35C}
[2012.06.04 09:21:56 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{C06DF006-E21C-4D6E-9E3F-DB21201CD3E4}
[2012.06.03 18:56:57 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{FA27F347-A6F8-4D04-BB1F-CDE91115983F}
[2012.06.03 18:56:42 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{69803FED-32AC-44B8-AA64-0303B5EDBDBD}
[2012.06.01 12:11:36 | 000,000,000 | ---D | C] -- C:\Users\...\AppData\Local\{1C21036E-0E5F-4584-A4D8-7AA2BD354A18}
[2012.05.27 10:25:50 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
 
========== Files - Modified Within 30 Days ==========
 
[2012.06.21 10:22:31 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfud.bin
[2012.06.21 10:19:05 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.06.21 10:18:25 | 000,000,824 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\tmvsthfss.bin
[2012.06.21 10:06:34 | 000,596,992 | ---- | M] (OldTimer Tools) -- C:\Users\...\Desktop\OTL.exe
[2012.06.21 09:57:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.06.21 07:08:25 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 07:08:25 | 000,023,024 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.06.21 07:01:32 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.06.21 07:00:21 | 3015,888,896 | -HS- | M] () -- C:\hiberfil.sys
[2012.06.21 06:27:21 | 000,654,610 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.06.21 06:27:21 | 000,616,452 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.06.21 06:27:21 | 000,130,192 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.06.21 06:27:21 | 000,106,574 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.06.21 06:27:20 | 001,500,018 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.06.20 22:53:35 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.06.20 22:52:54 | 137,888,424 | ---- | M] (Emsisoft GmbH                                               ) -- C:\Users\...\Desktop\EmsisoftAntiMalwareSetup.exe
[2012.06.20 22:04:28 | 000,277,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.20 21:04:21 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.06.20 19:18:01 | 004,503,728 | ---- | M] () -- C:\ProgramData\ni_0_evas.pad
[2012.06.20 17:01:33 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.20 10:28:32 | 000,001,883 | ---- | M] () -- C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.20 10:19:28 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\WebReg HP Photosmart C5100 series.job
[2012.06.18 17:37:56 | 000,226,755 | ---- | M] () -- C:\Windows\hpoins18.dat
[2012.06.15 09:34:40 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor....job
[2012.05.26 16:53:04 | 000,000,346 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleFor...-LAP1$.job
 
========== Files Created - No Company Name ==========
 
[2012.06.20 22:53:35 | 000,001,051 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.06.20 17:01:33 | 000,001,069 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.06.20 10:28:32 | 004,503,728 | ---- | C] () -- C:\ProgramData\ni_0_evas.pad
[2012.06.20 10:28:32 | 000,001,883 | ---- | C] () -- C:\Users\...\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.18 17:37:49 | 000,000,326 | ---- | C] () -- C:\Windows\tasks\WebReg HP Photosmart C5100 series.job
[2011.12.27 18:53:16 | 000,226,755 | ---- | C] () -- C:\Windows\hpoins18.dat
[2011.12.27 18:53:16 | 000,005,355 | ---- | C] () -- C:\Windows\hpomdl18.dat
[2011.12.27 17:58:21 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.08.16 09:38:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.08.16 09:25:27 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat
[2011.01.06 13:42:07 | 000,000,202 | ---- | C] () -- C:\Windows\SysWow64\HPWA.ini
[2011.01.06 13:36:08 | 000,009,988 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat
[2010.12.17 04:26:22 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2010.09.24 15:41:34 | 000,007,736 | ---- | C] () -- C:\Windows\hpDSTRES.DLL
[2010.09.18 00:17:02 | 000,002,888 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== LOP Check ==========
 
[2012.02.09 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoft
[2012.02.09 10:41:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.12.27 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PictureMover
[2012.06.12 23:07:25 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SoftGrid Client
[2011.12.27 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Synaptics
[2011.12.27 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TP
[2012.01.02 23:10:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Windows Live Writer
[2012.06.21 07:02:38 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ZumoDrive
[2012.03.12 18:42:59 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\_MDLogs
[2012.02.27 20:19:51 | 000,032,624 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2011.12.27 19:40:09 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Adobe
[2011.12.27 17:47:58 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ATI
[2011.12.27 20:29:49 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\CyberLink
[2012.02.09 10:42:04 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoft
[2012.02.09 10:41:27 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.01.26 16:17:05 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Hewlett-Packard
[2011.12.27 19:01:42 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\HP
[2012.02.03 16:44:18 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\hpqlog
[2011.12.27 17:46:35 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Identities
[2011.12.27 17:54:09 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Macromedia
[2012.06.20 17:01:43 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Malwarebytes
[2011.08.16 18:19:53 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Media Center Programs
[2012.06.05 20:29:03 | 000,000,000 | --SD | M] -- C:\Users\...\AppData\Roaming\Microsoft
[2011.12.27 17:47:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\PictureMover
[2012.06.01 12:15:58 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Skype
[2012.06.12 23:07:25 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\SoftGrid Client
[2011.12.27 17:46:55 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Synaptics
[2011.12.27 17:59:21 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\TP
[2012.01.02 23:10:11 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Windows Live Writer
[2011.12.27 18:58:57 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\Yahoo!
[2012.06.21 07:02:38 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\ZumoDrive
[2012.03.12 18:42:59 | 000,000,000 | ---D | M] -- C:\Users\...\AppData\Roaming\_MDLogs
 
< %APPDATA%\*.exe /s >
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16552_none_394a8c733b252fb9\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16593_none_39204d0d3b44b8d4\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20545_none_39e1f82254380270\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20669_none_39d05b5854449cd5\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20713_none_3a006b1e5421763d\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.20776_none_39c28c74544f69e8\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.01.06 21:56:12 | 000,410,504 | ---- | M] (Intel Corporation) MD5=513DC087CFED7D2BB82F005385D3531F -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16592_none_0af87721a183cb70\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
[2011.01.06 21:56:12 | 000,410,496 | ---- | M] (Intel Corporation) MD5=E353CF970C5D4D6A092911E15FB78C07 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20712_none_0bd89532ba6088d9\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011.01.06 21:56:12 | 000,166,280 | ---- | M] (NVIDIA Corporation) MD5=0AF7B8136794E23E87BE138992880E64 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16592_none_95c1e7d0d8ba7548\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.01.06 21:56:12 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=CE76755AF933E728CEBA6C7A970838A4 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20712_none_96a205e1f19732b1\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2011.01.06 21:43:50 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2011.01.06 21:43:50 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
         

Alt 21.06.2012, 10:57   #2
Chris4You
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi,

sieht soweit gut aus, bitte noch das EXTRA-Log posten...

Fix für OTL:
  • Doppelklick auf die OTL.exe, um das Programm auszuführen.
  • Vista/Win7-User bitte per Rechtsklick und "Ausführen als Administrator" starten.
  • Kopiere den Inhalt der folgenden Codebox komplett in die OTL-Box unter "Custom Scan/Fixes"

Code:
ATTFilter
:OTL
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O4 - HKLM..\Run: []  File not found

:Commands
[emptytemp]
[Reboot]
         
  • Den roten Run Fixes! Button anklicken.
  • Bitte alles aus dem Ergebnisfenster (Results) herauskopieren.
  • Eine Kopie eines OTL-Fix-Logs wird in einer Textdatei in folgendem Ordner gespeichert:
  • %systemroot%\_OTL

chris
__________________

__________________

Alt 21.06.2012, 11:07   #3
Ceyx74
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Danke schonmal vorab für die schnelle Reaktion!

ExtraLog anbei

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.06.2012 10:09:05 - Run 1
OTL by OldTimer - Version 3.2.50.0     Folder = C:\Users\...\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,75 Gb Total Physical Memory | 1,97 Gb Available Physical Memory | 52,73% Memory free
7,49 Gb Paging File | 5,13 Gb Available in Paging File | 68,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,28 Gb Total Space | 527,46 Gb Free Space | 90,74% Space Free | Partition Type: NTFS
Drive D: | 14,60 Gb Total Space | 1,80 Gb Free Space | 12,33% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: ...-LAP1 | User Name: ... | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-408667139-1106771192-1307068543-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"AutoUpdateDisableNotify" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{19EE0C96-C720-4FD4-AE30-21A316CF6677}" = lport=7000 | protocol=17 | dir=in | name=udp-port für windows-easytransfer | 
"{9750A451-5B8E-4BA2-8A57-B64F46F040E6}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{B90C1E47-2621-47AF-85AB-5256BD63C0A6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{BC76AB8F-7AE7-4828-9135-87422E791042}" = lport=7000 | protocol=6 | dir=in | name=tcp-port für windows-easytransfer | 
"{EC1D0362-A007-4F97-BA7C-E8849CFC2B3B}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02563BCF-689F-4D24-91BA-7F6CBAB89B1E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{08D870C8-5950-4AE8-8EEA-50417FB16D3B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{118A94C5-1CCD-4727-951E-AFF808D91866}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe | 
"{18F8BA7C-30CA-40CD-B4C8-017610B61C20}" = dir=in | app=c:\users\...\appdata\local\temp\7zs46c9\setup\hpznui40.exe | 
"{1BD686DE-4DD8-4CF4-9D9C-D5D0960B3C34}" = protocol=17 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | 
"{29D44BC1-18D2-42BF-B8EF-DC9BB4F1BBC4}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{2EFD702B-64D7-46B8-9BBB-717CB36D7BFF}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{332FB473-FFB7-4988-9721-2ED1178AFC24}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{38FF31BF-B905-4F04-82FB-F21153B6915C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{3F20CC4F-D0B4-4D88-9883-58D70E08477E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{481574A7-D685-4A41-BF1E-E9ED44B4F074}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe | 
"{4FE6B739-259C-4C5D-86B2-A828DF96DFE3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe | 
"{554322D1-CB9B-439B-B256-E63850509AF0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{71BCB91C-58F5-4460-9F98-7125A3146E23}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe | 
"{765C5A44-831A-41E2-8653-C6ED06262F37}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe | 
"{7ECFF03E-B0E2-4781-BCEB-BF8379764D57}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{8ABEA37C-DE10-4466-BBF4-3D72C84A0975}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{8D4B33DD-F19B-4223-9963-E567D638D82F}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{90B3B2C2-79ED-4157-BEED-13E8D52BD1D1}" = protocol=6 | dir=in | app=c:\windows\system32\migwiz\migwiz.exe | 
"{9138FB82-1C26-47DB-8A16-2B69A35E8BA0}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{9F1692C1-1B84-484F-99EF-46CAC5CA384E}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{A6BD59DA-A981-4141-BA37-1DACB8535787}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{AF352C6E-32DD-4312-A0E0-237CEC5E30E7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe | 
"{AF4DD762-C2D2-400D-B528-282F5366B7EC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{BBC834EC-5AE9-4B4F-9942-732BA35919EE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe | 
"{BEBC24EE-1B28-4AD2-B4C9-40E7A3989EE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{BFEECE24-D276-4569-A5C7-FE7440483A25}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe | 
"{C984EFFF-89DD-4745-8734-E562457309D3}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe | 
"{CA023692-6603-46F5-83F8-4DA58251600F}" = dir=out | app=c:\program files (x86)\hewlett-packard\hp clouddrive\zumodrive.exe | 
"{CC6D256D-CCC0-44FE-AC14-35F3D7B3DF49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{CFA143DB-DC2E-4546-AD9E-A0E18ACD8262}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe | 
"{DC40C287-58BC-4680-88E3-A40215FC418F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{EBDC2E1C-0A44-405C-AF36-4F5D2578911C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{F12804F5-33E9-4812-88DE-305FE1589F05}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe | 
"{F674CED6-7C38-4749-9667-FF40A2D7D154}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1B6E46D9-BD48-F831-D337-64397E7EA1DB}" = ccc-utility64
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416022FF}" = Java(TM) 6 Update 22 (64-bit)
"{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services
"{3549401F-C832-4B81-8780-1E055E18B8A6}" = Validity WBF DDK
"{3623E33A-6E9A-442F-9628-570C28E01EDF}" = HP 3D DriveGuard
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2
"{718D791F-F4E8-4aa7-98A6-15FDED17BDD0}" = Trend Micro Internet Security Pro
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{896DC183-4DDA-4AF5-9DFD-B68B97CB7989}" = AuthenTec TrueAPI
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9D2B0322-44AE-460E-9283-4D2D7A9205AE}" = Trend Micro Internet Security Pro
"{9EA86AD9-FB32-4B9E-BD56-3068F9B8031F}" = HP Wireless Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E18E155E-73A9-0CCA-B796-05B09A1B5D97}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FE87BA4F-9866-8332-0A4F-59864BE2196A}" = AMD Fuel
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX 64-bit
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A9A553D-A324-4C3C-B6E9-2464480BAE50}" = Catalyst Control Center - Branding
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{0F7254A8-4D75-979A-4445-EBC2EE90B6D2}" = CCC Help English
"{14D9E133-37C6-B9CB-36C5-EB76DBE80F5C}" = Catalyst Control Center Graphics Previews Common
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 33
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3877C901-7B90-4727-A639-B6ED2DD59D43}" = ESU for Microsoft Windows 7
"{3B834B54-EC4B-48E2-BFC6-03FF5DA06F62}" = Adobe Shockwave Player 11.5
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{4037A2B9-A976-4538-8B08-A0D95B637F35}" = C5100
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{431D963B-16AA-FAB8-3E72-82CDB466FDD8}" = CCC Help Swedish
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{49F633C6-1247-3052-F1F1-C3DC271A6E92}" = CCC Help Danish
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"{54C024E2-4761-EB23-88C5-77EE8977B854}" = CCC Help Polish
"{5A018BC8-CEC4-C0E2-5EB1-4DFF3CD5E052}" = CCC Help Japanese
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5FE4D5BB-0B56-DC7D-E5A4-49DB989983CC}" = CCC Help French
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{66F0F1EB-A7B1-4592-BE90-404CD9E49053}" = HP Documentation
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F388ED3-8C2B-222D-9CA6-38C44A3F4569}" = CCC Help Italian
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{705B639E-FAAF-40D7-AD58-C445321C7C3F}" = LightScribe System Software
"{70E09E33-5C83-F272-17D5-93858F2063F2}" = CCC Help Dutch
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D12AB72-6A28-A280-0637-485760AFDBDC}" = ccc-core-static
"{802C068E-0576-4F25-8137-D54B7DB0FC5E}" = HP Setup
"{81BAE41F-EF43-4902-773E-64B105245EE0}" = CCC Help Chinese Standard
"{82F6A47B-6651-0044-F871-AF99C15E4871}" = CCC Help German
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{98218567-28F7-0D1F-BD48-3041677E5CD4}" = CCC Help Hungarian
"{994406A3-EA5C-B7C9-B0C0-E9019ADD3521}" = CCC Help Korean
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A5436728-2DFD-4221-B4D7-F49F740134C9}" = c5100_Help
"{A671E7CA-23EA-A86E-A61F-E518143670C0}" = CCC Help Thai
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9AED85D-2194-F13C-EE99-F013DB2BD44F}" = CCC Help Russian
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AB32E35A-3CBE-6747-06A9-453469EF9CD2}" = CCC Help Chinese Traditional
"{ABAF4569-6EDD-EA43-1574-EBA8911859BE}" = CCC Help Greek
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.1 MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager
"{AF306BD8-F9D1-4627-89B9-246E59074A05}" = HP Power Manager
"{AF6EB833-D48A-49AC-9394-4C57489FDFF2}" = HP Software Framework
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B949352B-D05B-5670-836E-430CCAAE28FA}" = CCC Help Spanish
"{BC08BEE3-1503-0173-B7A5-8765AA20C08A}" = CCC Help Portuguese
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BCB2219D-A452-80E9-5C27-F497128DE10A}" = CCC Help Norwegian
"{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}" = Energy Star Digital Logo
"{BD302920-E48F-EE44-4DBF-F58994C8BDF3}" = CCC Help Finnish
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C7231F7C-6530-4E65-ADA6-5B392CF5BEB1}" = Recovery Manager
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2AC41BC-CA8B-846C-A711-42A2C8BC05BB}" = Catalyst Control Center InstallProxy
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{D902BADB-499C-EF9E-B5D3-48B36566C3A6}" = Catalyst Control Center Localization All
"{DA7B4F2B-0099-EEB6-6FB8-8F794248E982}" = CCC Help Czech
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EB58480C-0721-483C-B354-9D35A147999F}" = HP Quick Launch
"{ED1BD69A-07E3-418C-91F1-D856582581BF}" = HP On Screen Display
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1DD6CD2-6734-4089-9EF5-441F51E083B6}" = HP SimplePass 2011
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"ALDI Bestellsoftware" = ALDI Bestellsoftware 4.11.0
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"EasyBits Magic Desktop" = Magic Desktop
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"Google Chrome" = Google Chrome
"HP DVB-T TV Tuner" = HP DVB-T TV Tuner 8.0.64.43
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PokerStars.net" = PokerStars.net
"WinLiveSuite" = Windows Live Essentials
"Yahoo! Companion" = Yahoo! Toolbar
"ZumoDrive" = HP CloudDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.05.2012 19:25:20 | Computer Name = ...-LAP1 | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
 Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

 
Error - 31.05.2012 19:25:22 | Computer Name = ...-LAP1 | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: sftlist.exe, Version: 4.6.1.10263,
 Zeitstempel: 0x4c8e7cc8  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0x00000000  Fehleroffset: 0x00000000  ID des fehlerhaften
 Prozesses: 0xf54  Startzeit der fehlerhaften Anwendung: 0x01cd3bd910226729  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Microsoft Application Virtualization
 Client\sftlist.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung: e3a1ef7a-ab77-11e1-9ae6-68b599df7d36
 
Error - 31.05.2012 19:25:24 | Computer Name = ...-LAP1 | Source = Application Virtualization | ID = 257
Description = Application Virtualization hat einen unerwarteten Fehler erkannt und
 es wurde ein Fehlerbericht generiert.
 
Error - 03.06.2012 11:48:17 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 04.06.2012 03:21:06 | Computer Name = ...-LAP1 | Source = System Restore | ID = 8193
Description = 
 
Error - 04.06.2012 03:21:06 | Computer Name = ...-LAP1 | Source = System Restore | ID = 8211
Description = 
 
Error - 05.06.2012 01:55:06 | Computer Name = ...-LAP1 | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: Zurzeit sind keine aktiven Netzwerkverbindungen verfügbar.
 Der Vorgang wird von BITS wiederholt, sobald der Adapter über eine Verbindung verfügt.

 
Error - 05.06.2012 02:42:30 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 06.06.2012 14:36:54 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 07.06.2012 10:00:10 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
Error - 08.06.2012 05:41:39 | Computer Name = ...-LAP1 | Source = Customer Experience Improvement Program | ID = 1008
Description = 
 
[ Hewlett-Packard Events ]
Error - 23.02.2012 14:47:21 | Computer Name = ...-LAP1 | Source = hpsa_service.exe | ID = 2000
Description = HP Error ID: -2146233088   bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
 category)     bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

   bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Message: Failed to perform update.  StackTrace:   bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateDetail(String
 category)     bei HP.ActiveCheckLocalMode.SessionManager.ActiveCheckManager.UpdateAndDetectCore()

   bei HP.SupportAssistant.Service.ACLM.ActiveCheck.LaunchActiveCheck(Boolean singleScan,
 Boolean localScan)  Source: HP.ActiveCheckLocalMode.SessionManager  InnerException.Message:
 Das Objekt "/3828e79e_096d_4843_b163_a03d5a059798/+abmtey_p+p7+v33ojhjqtdr_5.rem"
 wurde getrennt oder ist nicht auf dem Server vorhanden.    Name: hpsa_service.exe  Version:
 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
Format:
 de-DE  RAM: 3834  Ram Utilization: 40  TargetSite: Void UpdateDetail(System.String)  
 
[ HP Software Framework Events ]
Error - 24.05.2012 17:21:44 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.05.24 23:21:44.737|00001A50|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 24.05.2012 17:21:47 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.05.24 23:21:47.821|00000364|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 07.06.2012 13:59:27 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 19:59:27.907|00000FA4|Error      |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
 occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
 
Error - 07.06.2012 13:59:28 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 19:59:28.307|00000FA4|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 07.06.2012 14:01:14 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:14.691|000017B8|Error      |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
 occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
 
Error - 07.06.2012 14:01:15 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:15.150|000017B8|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 07.06.2012 14:01:16 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:16.666|00001AC8|Error      |[CaslWmi]CommandPanelBrightness::GetCurrentPanelBrightnessFromOS{hpCasl.enReturnCode(CaslWmi.enPanelBrightnessDataType,ushort&)}|Exception
 occurred in querying WMI for WmiMonitorBrightness: 'Nicht unterstützt '
 
Error - 07.06.2012 14:01:17 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.07 20:01:17.114|00001AC8|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 14.06.2012 14:00:21 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.14 20:00:21.918|00003444|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
Error - 14.06.2012 14:00:24 | Computer Name = ...-LAP1 | Source = CaslWmi | ID = 5
Description = 2012.06.14 20:00:24.004|00003A7C|Error      |[CaslWmi]CommandFolio::A{hpCasl.enReturnCode(int&)}|Error
 0xe_BIOS_INVALID_COMMAND_TYPE from BIOS WMI call Read/2Eh while getting Folio state
 
[ HP Wireless Assistant Events ]
Error - 27.12.2011 11:42:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:43:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:44:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:45:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:46:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:47:30 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:48:38 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:49:46 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 27.12.2011 11:50:53 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Der RPC-Server ist nicht
 verfügbar. (Ausnahme von HRESULT: 0x800706BA)    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObject.Initialize(Boolean
 getObject)     bei System.Management.ManagementBaseObject.get_Properties()     bei 
System.Management.ManagementBaseObject.GetPropertyValue(String propertyName)     bei
 HPPA_Service.CurrentConfiguration.<ReloadRadioList>b__c()
 
Error - 07.05.2012 11:32:08 | Computer Name = ...-LAP1 | Source = HP WA Service | ID = 0
Description = System.Runtime.InteropServices.COMException Aufruf wurde durch Messagefilter
 abgebrochen. (Ausnahme von HRESULT: 0x80010002 (RPC_E_CALL_CANCELED))    bei System.Runtime.InteropServices.Marshal.ThrowExceptionForHRInternal(Int32
 errorCode, IntPtr errorInfo)     bei System.Management.ManagementScope.InitializeGuts(Object
 o)     bei System.Management.ManagementScope.Initialize()     bei System.Management.ManagementObjectSearcher.Initialize()

   bei System.Management.ManagementObjectSearcher.Get()     bei HPPA_Service.CurrentConfiguration.FindDevice(String
 hostPath, String portName)     bei HPPA_Service.CurrentConfiguration.<ApplyFriendlyNames>b__23(RadioHardware
 radio)     bei System.Linq.Enumerable.WhereSelectListIterator`2.MoveNext()     bei 
System.Linq.Enumerable.WhereSelectEnumerableIterator`2.MoveNext()     bei HPPA_Service.CurrentConfiguration.ApplyFriendlyNames()

   bei HPPA_Service.CurrentConfiguration.ReloadRadioList()
 
[ Media Center Events ]
Error - 05.06.2012 01:51:51 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 07:51:51 - Fehler beim Herstellen der Internetverbindung.  07:51:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2012 01:52:03 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 07:51:56 - Fehler beim Herstellen der Internetverbindung.  07:51:56 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2012 04:05:51 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 10:05:51 - Fehler beim Herstellen der Internetverbindung.  10:05:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 05.06.2012 04:06:01 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 10:05:56 - Fehler beim Herstellen der Internetverbindung.  10:05:56 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 08:48:34 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 14:48:34 - Fehler beim Herstellen der Internetverbindung.  14:48:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 08:48:44 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 14:48:39 - Fehler beim Herstellen der Internetverbindung.  14:48:39 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 11:00:26 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 17:00:26 - Fehler beim Herstellen der Internetverbindung.  17:00:26 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 11:01:01 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 17:00:38 - Fehler beim Herstellen der Internetverbindung.  17:00:38 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 12:01:28 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 18:01:28 - Fehler beim Herstellen der Internetverbindung.  18:01:28 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.06.2012 12:02:08 | Computer Name = ...-LAP1 | Source = MCUpdate | ID = 0
Description = 18:01:34 - Fehler beim Herstellen der Internetverbindung.  18:01:34 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 20.06.2012 15:44:14 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10010
Description = 
 
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
 3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2656410)
 
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
 3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2656372)
 
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
 3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2604114)
 
Error - 20.06.2012 16:12:11 | Computer Name = ...-LAP1 | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
 Fehler 0x80242016 fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework
 3.5.1 unter Windows 7 und Windows Server 2008 R2 für x64-basierte Systeme (KB2686830)
 
Error - 20.06.2012 19:37:56 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description = 
 
Error - 21.06.2012 00:33:29 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description = 
 
Error - 21.06.2012 00:34:51 | Computer Name = ...-LAP1 | Source = Service Control Manager | ID = 7034
Description = Dienst "Windows-Bilderfassung (WIA)" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 21.06.2012 03:57:26 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description = 
 
Error - 21.06.2012 04:51:16 | Computer Name = ...-LAP1 | Source = DCOM | ID = 10016
Description = 
 
 
< End of report >
         
--- --- ---
__________________

Alt 21.06.2012, 13:02   #4
Chris4You
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi,

okay....
Läuft der Rechner normal?

chris
__________________
Don't bring me down
Vor dem posten beachten!
Spenden
(Wer spenden will, kann sich gerne melden )

Alt 21.06.2012, 14:11   #5
Ceyx74
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi Chris,

soweit läuft der Rechner schon, ab und zu hab ich noch Verbindungsprobleme mit dem Internet z.B. Heute Morgen ob das mit dem Tojaner zusammenhängt, kann ich leider nicht beurteilen (hat man glaube ich auch in den Extende OTL Report gesehen)

Was mich interessieren würde ist, ob das Teil passiv verankert bleibt und etwaige Kommunikation / Daten liest und weiterverwendet?

Da ich Leihe bin, habe ich da natürlich etwas Sorge.

Gruß und Danke nochmals für die schnelle Reaktion und Antwort

VG Sascha


Alt 21.06.2012, 14:21   #6
Chris4You
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi,

wir prüfen noch auf Rootkit...
Nein, das Teil erpresst den Nutzer indem es die Daten verschlüsselt. Gegen bares gibt es dann (vielleicht) ein Entschlüsselungsprogramm...

TDSS-Killer
Download und Anweisung unter: Wie werden Schadprogramme der Familie Rootkit.Win32.TDSS bekämpft?
Entpacke alle Dateien in einem eigenen Verzeichnis (z. B: C:\TDSS)!
Aufruf über den Explorer duch Doppelklick auf die TDSSKiller.exe.
Stelle den Killer wir folgt ein:

Dann den Scan starten durch (Start Scan).
Wenn der Scan fertig ist bitte "Report" anwählen (eventuelle Funde erstmal mit Skip übergehen). Es öffnet sich ein Fenster, den Text abkopieren und hier posten...

chris
__________________
--> GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!

Alt 21.06.2012, 15:42   #7
Ceyx74
 
GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Standard

GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!



Hi Chris,

meinst du den Log anbei?

Code:
ATTFilter
 16:16:24.0161 7256	TDSS rootkit removing tool 2.7.41.0 Jun 20 2012 20:53:32
16:16:26.0174 7256	============================================================
16:16:26.0174 7256	Current date / time: 2012/06/21 16:16:26.0174
16:16:26.0174 7256	SystemInfo:
16:16:26.0174 7256	
16:16:26.0174 7256	OS Version: 6.1.7601 ServicePack: 1.0
16:16:26.0174 7256	Product type: Workstation
16:16:26.0174 7256	ComputerName: ...-LAP1
16:16:26.0174 7256	UserName: ...
16:16:26.0174 7256	Windows directory: C:\Windows
16:16:26.0174 7256	System windows directory: C:\Windows
16:16:26.0174 7256	Running under WOW64
16:16:26.0174 7256	Processor architecture: Intel x64
16:16:26.0174 7256	Number of processors: 4
16:16:26.0174 7256	Page size: 0x1000
16:16:26.0174 7256	Boot type: Normal boot
16:16:26.0174 7256	============================================================
16:16:44.0691 7256	Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:16:44.0707 7256	============================================================
16:16:44.0707 7256	\Device\Harddisk0\DR0:
16:16:44.0707 7256	MBR partitions:
16:16:44.0707 7256	\Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x63800
16:16:44.0707 7256	\Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x64000, BlocksNum 0x48A8E000
16:16:44.0707 7256	\Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x48AF2000, BlocksNum 0x1D32000
16:16:44.0707 7256	\Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x4A824000, BlocksNum 0x33AB0
16:16:44.0707 7256	============================================================
16:16:44.0722 7256	C: <-> \Device\Harddisk0\DR0\Partition1
16:16:44.0769 7256	D: <-> \Device\Harddisk0\DR0\Partition2
16:16:44.0785 7256	============================================================
16:16:44.0785 7256	Initialize success
16:16:44.0785 7256	============================================================
16:17:35.0313 6576	============================================================
16:17:35.0313 6576	Scan started
16:17:35.0313 6576	Mode: Manual; SigCheck; TDLFS; 
16:17:35.0313 6576	============================================================
16:17:37.0263 6576	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:17:37.0404 6576	1394ohci - ok
16:17:37.0513 6576	a2acc           (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:17:37.0575 6576	a2acc - ok
16:17:38.0043 6576	a2AntiMalware   (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:17:38.0168 6576	a2AntiMalware - ok
16:17:38.0262 6576	A2DDA           (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:17:38.0308 6576	A2DDA - ok
16:17:38.0340 6576	a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:17:38.0371 6576	a2injectiondriver - ok
16:17:38.0386 6576	a2util          (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:17:38.0402 6576	a2util - ok
16:17:38.0652 6576	Accelerometer   (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:17:38.0683 6576	Accelerometer - ok
16:17:38.0776 6576	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:17:38.0808 6576	ACPI - ok
16:17:38.0839 6576	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:17:38.0932 6576	AcpiPmi - ok
16:17:38.0995 6576	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:17:39.0042 6576	adp94xx - ok
16:17:39.0088 6576	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:17:39.0135 6576	adpahci - ok
16:17:39.0198 6576	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:17:39.0260 6576	adpu320 - ok
16:17:39.0307 6576	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:17:39.0447 6576	AeLookupSvc - ok
16:17:39.0556 6576	AESTFilters     (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
16:17:39.0650 6576	AESTFilters - ok
16:17:39.0759 6576	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:17:39.0822 6576	AFD - ok
16:17:39.0868 6576	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:17:39.0900 6576	agp440 - ok
16:17:39.0915 6576	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:17:40.0009 6576	ALG - ok
16:17:40.0040 6576	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:17:40.0056 6576	aliide - ok
16:17:40.0102 6576	AMD External Events Utility (c6eea8769226dacb1585fe23beb4af23) C:\Windows\system32\atiesrxx.exe
16:17:40.0180 6576	AMD External Events Utility - ok
16:17:40.0196 6576	AMD FUEL Service - ok
16:17:40.0227 6576	AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
16:17:40.0258 6576	AMD Reservation Manager - ok
16:17:40.0274 6576	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:17:40.0305 6576	amdide - ok
16:17:40.0336 6576	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:17:40.0368 6576	amdiox64 - ok
16:17:40.0383 6576	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:17:40.0461 6576	AmdK8 - ok
16:17:41.0226 6576	amdkmdag        (98e20c5a39fea1920031d3850004b334) C:\Windows\system32\DRIVERS\atikmdag.sys
16:17:41.0662 6576	amdkmdag - ok
16:17:41.0881 6576	amdkmdap        (8624dc7b8d22daf28f5438735095f6c4) C:\Windows\system32\DRIVERS\atikmpag.sys
16:17:41.0959 6576	amdkmdap - ok
16:17:41.0990 6576	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:17:42.0068 6576	AmdPPM - ok
16:17:42.0162 6576	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:17:42.0177 6576	amdsata - ok
16:17:42.0224 6576	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:17:42.0255 6576	amdsbs - ok
16:17:42.0286 6576	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:17:42.0302 6576	amdxata - ok
16:17:42.0318 6576	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:17:42.0474 6576	AppID - ok
16:17:42.0536 6576	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:17:42.0598 6576	AppIDSvc - ok
16:17:42.0645 6576	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:17:42.0739 6576	Appinfo - ok
16:17:43.0082 6576	AR5416          (3ab3dac7d89283c1aaaabe75380a35ec) C:\Windows\system32\DRIVERS\athwx.sys
16:17:43.0191 6576	AR5416 - ok
16:17:43.0332 6576	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:17:43.0394 6576	arc - ok
16:17:43.0394 6576	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:17:43.0425 6576	arcsas - ok
16:17:43.0441 6576	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:17:43.0534 6576	AsyncMac - ok
16:17:43.0566 6576	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:17:43.0581 6576	atapi - ok
16:17:43.0784 6576	athr            (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
16:17:43.0893 6576	athr - ok
16:17:44.0080 6576	AtiHdmiService  (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
16:17:44.0112 6576	AtiHdmiService - ok
16:17:44.0158 6576	AtiPcie         (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
16:17:44.0174 6576	AtiPcie - ok
16:17:44.0252 6576	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:17:44.0330 6576	AudioEndpointBuilder - ok
16:17:44.0330 6576	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:17:44.0392 6576	AudioSrv - ok
16:17:44.0424 6576	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:17:44.0642 6576	AxInstSV - ok
16:17:44.0704 6576	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:17:44.0767 6576	b06bdrv - ok
16:17:44.0814 6576	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:17:44.0860 6576	b57nd60a - ok
16:17:45.0063 6576	BBSvc           (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:17:45.0141 6576	BBSvc - ok
16:17:45.0250 6576	BBUpdate        (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:17:45.0360 6576	BBUpdate - ok
16:17:45.0391 6576	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:17:45.0438 6576	BDESVC - ok
16:17:45.0484 6576	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:17:45.0594 6576	Beep - ok
16:17:45.0687 6576	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:17:45.0781 6576	BFE - ok
16:17:45.0874 6576	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:17:45.0984 6576	BITS - ok
16:17:46.0046 6576	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:17:46.0108 6576	blbdrive - ok
16:17:46.0171 6576	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:17:46.0218 6576	bowser - ok
16:17:46.0249 6576	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:17:46.0327 6576	BrFiltLo - ok
16:17:46.0342 6576	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:17:46.0374 6576	BrFiltUp - ok
16:17:46.0405 6576	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:17:46.0467 6576	Browser - ok
16:17:46.0514 6576	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:17:46.0576 6576	Brserid - ok
16:17:46.0608 6576	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:17:46.0654 6576	BrSerWdm - ok
16:17:46.0670 6576	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:17:46.0717 6576	BrUsbMdm - ok
16:17:46.0732 6576	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:17:46.0764 6576	BrUsbSer - ok
16:17:46.0779 6576	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:17:46.0826 6576	BTHMODEM - ok
16:17:46.0857 6576	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:17:46.0935 6576	bthserv - ok
16:17:46.0966 6576	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:17:47.0029 6576	cdfs - ok
16:17:47.0076 6576	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:17:47.0138 6576	cdrom - ok
16:17:47.0169 6576	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:17:47.0278 6576	CertPropSvc - ok
16:17:47.0310 6576	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:17:47.0356 6576	circlass - ok
16:17:47.0434 6576	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:17:47.0481 6576	CLFS - ok
16:17:47.0528 6576	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:17:47.0559 6576	clr_optimization_v2.0.50727_32 - ok
16:17:47.0606 6576	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:17:47.0637 6576	clr_optimization_v2.0.50727_64 - ok
16:17:47.0700 6576	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:17:47.0731 6576	clr_optimization_v4.0.30319_32 - ok
16:17:47.0778 6576	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:17:47.0809 6576	clr_optimization_v4.0.30319_64 - ok
16:17:47.0856 6576	clwvd           (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:17:47.0887 6576	clwvd - ok
16:17:47.0918 6576	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:17:47.0965 6576	CmBatt - ok
16:17:47.0980 6576	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:17:48.0090 6576	cmdide - ok
16:17:48.0230 6576	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:17:48.0292 6576	CNG - ok
16:17:48.0324 6576	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:17:48.0339 6576	Compbatt - ok
16:17:48.0370 6576	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:17:48.0417 6576	CompositeBus - ok
16:17:48.0417 6576	COMSysApp - ok
16:17:48.0448 6576	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:17:48.0464 6576	crcdisk - ok
16:17:48.0511 6576	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:17:48.0589 6576	CryptSvc - ok
16:17:48.0760 6576	cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:17:48.0854 6576	cvhsvc - ok
16:17:48.0885 6576	dc3d            (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
16:17:48.0948 6576	dc3d - ok
16:17:49.0010 6576	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:17:49.0088 6576	DcomLaunch - ok
16:17:49.0119 6576	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:17:49.0182 6576	defragsvc - ok
16:17:49.0228 6576	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:17:49.0291 6576	DfsC - ok
16:17:49.0338 6576	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:17:49.0416 6576	Dhcp - ok
16:17:49.0447 6576	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:17:49.0509 6576	discache - ok
16:17:49.0540 6576	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:17:49.0556 6576	Disk - ok
16:17:49.0587 6576	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:17:49.0681 6576	Dnscache - ok
16:17:49.0728 6576	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:17:49.0806 6576	dot3svc - ok
16:17:49.0868 6576	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:17:49.0930 6576	Dot4 - ok
16:17:49.0977 6576	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:17:50.0024 6576	Dot4Print - ok
16:17:50.0040 6576	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:17:50.0071 6576	dot4usb - ok
16:17:50.0118 6576	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:17:50.0180 6576	DPS - ok
16:17:50.0196 6576	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:17:50.0242 6576	drmkaud - ok
16:17:50.0336 6576	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:17:50.0398 6576	DXGKrnl - ok
16:17:50.0430 6576	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:17:50.0508 6576	EapHost - ok
16:17:50.0773 6576	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:17:51.0054 6576	ebdrv - ok
16:17:51.0194 6576	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:17:51.0288 6576	EFS - ok
16:17:51.0412 6576	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:17:51.0490 6576	ehRecvr - ok
16:17:51.0537 6576	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:17:51.0600 6576	ehSched - ok
16:17:51.0678 6576	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:17:51.0724 6576	elxstor - ok
16:17:51.0740 6576	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:17:51.0787 6576	ErrDev - ok
16:17:51.0880 6576	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:17:51.0943 6576	EventSystem - ok
16:17:51.0990 6576	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:17:52.0068 6576	exfat - ok
16:17:52.0114 6576	ezSharedSvc - ok
16:17:52.0146 6576	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:17:52.0224 6576	fastfat - ok
16:17:52.0317 6576	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:17:52.0411 6576	Fax - ok
16:17:52.0458 6576	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:17:52.0504 6576	fdc - ok
16:17:52.0520 6576	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:17:52.0598 6576	fdPHost - ok
16:17:52.0629 6576	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:17:52.0707 6576	FDResPub - ok
16:17:52.0754 6576	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:17:52.0770 6576	FileInfo - ok
16:17:52.0785 6576	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:17:52.0848 6576	Filetrace - ok
16:17:52.0910 6576	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:17:52.0941 6576	flpydisk - ok
16:17:52.0972 6576	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:17:53.0004 6576	FltMgr - ok
16:17:53.0113 6576	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:17:53.0175 6576	FontCache - ok
16:17:53.0253 6576	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:17:53.0316 6576	FontCache3.0.0.0 - ok
16:17:53.0425 6576	FPLService      (0dcef328bccd4e1622ea613f84bd3e54) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:17:53.0503 6576	FPLService - ok
16:17:53.0628 6576	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:17:53.0643 6576	FsDepends - ok
16:17:53.0674 6576	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:17:53.0690 6576	Fs_Rec - ok
16:17:53.0737 6576	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:17:53.0768 6576	fvevol - ok
16:17:53.0799 6576	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:17:53.0830 6576	gagp30kx - ok
16:17:53.0924 6576	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:17:54.0018 6576	gpsvc - ok
16:17:54.0127 6576	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:17:54.0174 6576	gupdate - ok
16:17:54.0205 6576	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:17:54.0220 6576	gupdatem - ok
16:17:54.0252 6576	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:17:54.0330 6576	hcw85cir - ok
16:17:54.0376 6576	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:17:54.0423 6576	HdAudAddService - ok
16:17:54.0454 6576	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:17:54.0517 6576	HDAudBus - ok
16:17:54.0548 6576	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:17:54.0579 6576	HidBatt - ok
16:17:54.0626 6576	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:17:54.0673 6576	HidBth - ok
16:17:54.0704 6576	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:17:54.0751 6576	HidIr - ok
16:17:54.0782 6576	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:17:54.0844 6576	hidserv - ok
16:17:54.0860 6576	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:17:54.0891 6576	HidUsb - ok
16:17:54.0922 6576	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:17:54.0985 6576	hkmsvc - ok
16:17:55.0032 6576	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:17:55.0094 6576	HomeGroupListener - ok
16:17:55.0125 6576	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:17:55.0172 6576	HomeGroupProvider - ok
16:17:55.0281 6576	HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:17:55.0312 6576	HP Support Assistant Service - ok
16:17:55.0390 6576	HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:17:55.0422 6576	HP Wireless Assistant Service - ok
16:17:55.0484 6576	HPClientSvc     (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:17:55.0515 6576	HPClientSvc - ok
16:17:55.0562 6576	HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:17:55.0609 6576	HPDrvMntSvc.exe - ok
16:17:55.0671 6576	hpdskflt        (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:17:55.0702 6576	hpdskflt - ok
16:17:55.0812 6576	hpqcxs08        (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:17:55.0858 6576	hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:17:55.0858 6576	hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:17:55.0890 6576	hpqddsvc        (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:17:55.0921 6576	hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:17:55.0921 6576	hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:17:56.0046 6576	hpqwmiex        (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:17:56.0139 6576	hpqwmiex - ok
16:17:56.0295 6576	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:17:56.0358 6576	HpSAMD - ok
16:17:56.0545 6576	HPSLPSVC        (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:17:56.0576 6576	HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:17:56.0576 6576	HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:17:56.0607 6576	hpsrv           (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
16:17:56.0654 6576	hpsrv - ok
16:17:56.0716 6576	HPWMISVC        (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:17:56.0748 6576	HPWMISVC - ok
16:17:56.0826 6576	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:17:56.0904 6576	HTTP - ok
16:17:56.0935 6576	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:17:56.0950 6576	hwpolicy - ok
16:17:56.0966 6576	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:17:57.0013 6576	i8042prt - ok
16:17:57.0060 6576	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:17:57.0106 6576	iaStorV - ok
16:17:57.0325 6576	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:17:57.0387 6576	idsvc - ok
16:17:57.0886 6576	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:17:58.0183 6576	igfx - ok
16:17:58.0339 6576	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:17:58.0386 6576	iirsp - ok
16:17:58.0479 6576	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:17:58.0557 6576	IKEEXT - ok
16:17:58.0588 6576	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:17:58.0620 6576	intelide - ok
16:17:58.0635 6576	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:17:58.0682 6576	intelppm - ok
16:17:58.0698 6576	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:17:58.0776 6576	IPBusEnum - ok
16:17:58.0807 6576	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:17:58.0869 6576	IpFilterDriver - ok
16:17:58.0947 6576	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:17:59.0025 6576	iphlpsvc - ok
16:17:59.0041 6576	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:17:59.0088 6576	IPMIDRV - ok
16:17:59.0119 6576	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:17:59.0197 6576	IPNAT - ok
16:17:59.0228 6576	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:17:59.0259 6576	IRENUM - ok
16:17:59.0290 6576	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:17:59.0322 6576	isapnp - ok
16:17:59.0353 6576	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:17:59.0400 6576	iScsiPrt - ok
16:17:59.0446 6576	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:17:59.0478 6576	kbdclass - ok
16:17:59.0524 6576	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:17:59.0571 6576	kbdhid - ok
16:17:59.0587 6576	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:17:59.0618 6576	KeyIso - ok
16:17:59.0665 6576	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:17:59.0680 6576	KSecDD - ok
16:17:59.0696 6576	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:17:59.0727 6576	KSecPkg - ok
16:17:59.0758 6576	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:17:59.0852 6576	ksthunk - ok
16:17:59.0899 6576	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:17:59.0977 6576	KtmRm - ok
16:18:00.0055 6576	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:18:00.0148 6576	LanmanServer - ok
16:18:00.0180 6576	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:18:00.0242 6576	LanmanWorkstation - ok
16:18:00.0336 6576	LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:18:00.0414 6576	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:18:00.0414 6576	LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:18:00.0445 6576	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:18:00.0538 6576	lltdio - ok
16:18:00.0601 6576	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:18:00.0694 6576	lltdsvc - ok
16:18:00.0710 6576	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:18:00.0772 6576	lmhosts - ok
16:18:00.0804 6576	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:18:00.0835 6576	LSI_FC - ok
16:18:00.0866 6576	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:18:00.0897 6576	LSI_SAS - ok
16:18:00.0913 6576	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:18:00.0944 6576	LSI_SAS2 - ok
16:18:00.0975 6576	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:18:01.0006 6576	LSI_SCSI - ok
16:18:01.0022 6576	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:18:01.0100 6576	luafv - ok
16:18:01.0178 6576	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:18:01.0209 6576	MBAMProtector - ok
16:18:01.0303 6576	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:18:01.0334 6576	MBAMService - ok
16:18:01.0381 6576	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:18:01.0443 6576	Mcx2Svc - ok
16:18:01.0459 6576	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:18:01.0490 6576	megasas - ok
16:18:01.0537 6576	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:18:01.0568 6576	MegaSR - ok
16:18:01.0599 6576	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:18:01.0662 6576	MMCSS - ok
16:18:01.0677 6576	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:18:01.0755 6576	Modem - ok
16:18:01.0786 6576	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:18:01.0833 6576	monitor - ok
16:18:01.0864 6576	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:18:01.0896 6576	mouclass - ok
16:18:01.0927 6576	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:18:01.0974 6576	mouhid - ok
16:18:02.0005 6576	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:18:02.0020 6576	mountmgr - ok
16:18:02.0067 6576	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:18:02.0098 6576	mpio - ok
16:18:02.0130 6576	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:18:02.0208 6576	mpsdrv - ok
16:18:02.0301 6576	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:18:02.0364 6576	MpsSvc - ok
16:18:02.0410 6576	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:18:02.0457 6576	MRxDAV - ok
16:18:02.0520 6576	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:02.0566 6576	mrxsmb - ok
16:18:02.0629 6576	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:02.0691 6576	mrxsmb10 - ok
16:18:02.0738 6576	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:02.0769 6576	mrxsmb20 - ok
16:18:02.0785 6576	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:18:02.0800 6576	msahci - ok
16:18:02.0847 6576	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:18:02.0878 6576	msdsm - ok
16:18:02.0925 6576	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:18:02.0988 6576	MSDTC - ok
16:18:03.0081 6576	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:18:03.0128 6576	Msfs - ok
16:18:03.0144 6576	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:18:03.0190 6576	mshidkmdf - ok
16:18:03.0222 6576	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:18:03.0237 6576	msisadrv - ok
16:18:03.0284 6576	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:18:03.0346 6576	MSiSCSI - ok
16:18:03.0362 6576	msiserver - ok
16:18:03.0393 6576	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:18:03.0456 6576	MSKSSRV - ok
16:18:03.0456 6576	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:03.0534 6576	MSPCLOCK - ok
16:18:03.0549 6576	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:18:03.0612 6576	MSPQM - ok
16:18:03.0658 6576	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:18:03.0690 6576	MsRPC - ok
16:18:03.0721 6576	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:18:03.0752 6576	mssmbios - ok
16:18:03.0768 6576	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:18:03.0830 6576	MSTEE - ok
16:18:03.0846 6576	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:18:03.0877 6576	MTConfig - ok
16:18:03.0908 6576	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:18:03.0924 6576	Mup - ok
16:18:03.0986 6576	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:18:04.0064 6576	napagent - ok
16:18:04.0111 6576	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:18:04.0173 6576	NativeWifiP - ok
16:18:04.0251 6576	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:18:04.0298 6576	NDIS - ok
16:18:04.0314 6576	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:18:04.0392 6576	NdisCap - ok
16:18:04.0407 6576	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:04.0470 6576	NdisTapi - ok
16:18:04.0548 6576	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:04.0626 6576	Ndisuio - ok
16:18:04.0657 6576	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:04.0735 6576	NdisWan - ok
16:18:04.0782 6576	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:18:04.0860 6576	NDProxy - ok
16:18:04.0891 6576	Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
16:18:04.0922 6576	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:04.0922 6576	Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:04.0969 6576	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:18:05.0062 6576	NetBIOS - ok
16:18:05.0109 6576	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:18:05.0156 6576	NetBT - ok
16:18:05.0187 6576	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:05.0203 6576	Netlogon - ok
16:18:05.0250 6576	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:18:05.0328 6576	Netman - ok
16:18:05.0374 6576	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:18:05.0437 6576	netprofm - ok
16:18:05.0499 6576	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:18:05.0546 6576	NetTcpPortSharing - ok
16:18:05.0967 6576	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
16:18:06.0264 6576	netw5v64 - ok
16:18:06.0420 6576	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:18:06.0466 6576	nfrd960 - ok
16:18:06.0529 6576	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:18:06.0607 6576	NlaSvc - ok
16:18:06.0638 6576	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:18:06.0685 6576	Npfs - ok
16:18:06.0700 6576	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:18:06.0778 6576	nsi - ok
16:18:06.0794 6576	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:18:06.0856 6576	nsiproxy - ok
16:18:07.0012 6576	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:18:07.0059 6576	Ntfs - ok
16:18:07.0200 6576	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:18:07.0293 6576	Null - ok
16:18:07.0324 6576	nusb3hub        (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:18:07.0387 6576	nusb3hub - ok
16:18:07.0418 6576	nusb3xhc        (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:18:07.0465 6576	nusb3xhc - ok
16:18:07.0496 6576	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:18:07.0558 6576	nvraid - ok
16:18:07.0590 6576	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:18:07.0621 6576	nvstor - ok
16:18:07.0636 6576	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:18:07.0668 6576	nv_agp - ok
16:18:07.0714 6576	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:18:07.0761 6576	ohci1394 - ok
16:18:08.0042 6576	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:18:08.0089 6576	ose - ok
16:18:08.0588 6576	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:18:08.0869 6576	osppsvc - ok
16:18:09.0040 6576	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:18:09.0118 6576	p2pimsvc - ok
16:18:09.0181 6576	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:18:09.0212 6576	p2psvc - ok
16:18:09.0290 6576	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:18:09.0337 6576	Parport - ok
16:18:09.0368 6576	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:18:09.0399 6576	partmgr - ok
16:18:09.0446 6576	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:18:09.0493 6576	PcaSvc - ok
16:18:09.0524 6576	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:18:09.0555 6576	pci - ok
16:18:09.0571 6576	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:18:09.0586 6576	pciide - ok
16:18:09.0633 6576	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:18:09.0664 6576	pcmcia - ok
16:18:09.0696 6576	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:18:09.0711 6576	pcw - ok
16:18:09.0805 6576	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:18:09.0914 6576	PEAUTH - ok
16:18:10.0008 6576	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:18:10.0086 6576	PerfHost - ok
16:18:10.0226 6576	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:18:10.0304 6576	pla - ok
16:18:10.0366 6576	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:18:10.0413 6576	PlugPlay - ok
16:18:10.0444 6576	Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
16:18:10.0491 6576	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:10.0491 6576	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:10.0507 6576	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:18:10.0538 6576	PNRPAutoReg - ok
16:18:10.0585 6576	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:18:10.0616 6576	PNRPsvc - ok
16:18:10.0663 6576	Point64         (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
16:18:10.0694 6576	Point64 - ok
16:18:10.0756 6576	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:18:10.0850 6576	PolicyAgent - ok
16:18:10.0881 6576	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:18:10.0959 6576	Power - ok
16:18:10.0990 6576	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:18:11.0068 6576	PptpMiniport - ok
16:18:11.0100 6576	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:18:11.0131 6576	Processor - ok
16:18:11.0178 6576	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:18:11.0256 6576	ProfSvc - ok
16:18:11.0287 6576	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:11.0318 6576	ProtectedStorage - ok
16:18:11.0365 6576	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:18:11.0427 6576	Psched - ok
16:18:11.0568 6576	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:18:11.0646 6576	ql2300 - ok
16:18:11.0802 6576	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:18:11.0864 6576	ql40xx - ok
16:18:11.0895 6576	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:18:11.0942 6576	QWAVE - ok
16:18:11.0958 6576	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:18:12.0020 6576	QWAVEdrv - ok
16:18:12.0036 6576	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:18:12.0098 6576	RasAcd - ok
16:18:12.0238 6576	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:18:12.0332 6576	RasAgileVpn - ok
16:18:12.0348 6576	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:18:12.0426 6576	RasAuto - ok
16:18:12.0457 6576	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:18:12.0535 6576	Rasl2tp - ok
16:18:12.0582 6576	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:18:12.0691 6576	RasMan - ok
16:18:12.0722 6576	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:18:12.0816 6576	RasPppoe - ok
16:18:12.0816 6576	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:18:12.0894 6576	RasSstp - ok
16:18:12.0925 6576	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:18:12.0987 6576	rdbss - ok
16:18:13.0018 6576	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:18:13.0065 6576	rdpbus - ok
16:18:13.0081 6576	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:18:13.0143 6576	RDPCDD - ok
16:18:13.0159 6576	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:18:13.0221 6576	RDPENCDD - ok
16:18:13.0252 6576	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:18:13.0315 6576	RDPREFMP - ok
16:18:13.0346 6576	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:18:13.0424 6576	RDPWD - ok
16:18:13.0471 6576	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:18:13.0486 6576	rdyboost - ok
16:18:13.0533 6576	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:18:13.0611 6576	RemoteAccess - ok
16:18:13.0658 6576	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:18:13.0720 6576	RemoteRegistry - ok
16:18:13.0736 6576	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:18:13.0798 6576	RpcEptMapper - ok
16:18:13.0814 6576	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:18:13.0861 6576	RpcLocator - ok
16:18:13.0923 6576	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:18:13.0986 6576	RpcSs - ok
16:18:14.0032 6576	RSPCIESTOR      (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:18:14.0064 6576	RSPCIESTOR - ok
16:18:14.0095 6576	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:18:14.0157 6576	rspndr - ok
16:18:14.0235 6576	RTL8167         (5d6a444bd37b52ff846387c87dcdf98a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:18:14.0266 6576	RTL8167 - ok
16:18:14.0298 6576	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:14.0313 6576	SamSs - ok
16:18:14.0360 6576	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:18:14.0391 6576	sbp2port - ok
16:18:14.0422 6576	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:18:14.0485 6576	SCardSvr - ok
16:18:14.0516 6576	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:18:14.0578 6576	scfilter - ok
16:18:14.0688 6576	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:18:14.0766 6576	Schedule - ok
16:18:14.0812 6576	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:18:14.0859 6576	SCPolicySvc - ok
16:18:14.0890 6576	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:18:14.0953 6576	sdbus - ok
16:18:14.0984 6576	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:18:15.0062 6576	SDRSVC - ok
16:18:15.0093 6576	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:18:15.0156 6576	secdrv - ok
16:18:15.0187 6576	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:18:15.0249 6576	seclogon - ok
16:18:15.0280 6576	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:18:15.0343 6576	SENS - ok
16:18:15.0390 6576	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:18:15.0436 6576	SensrSvc - ok
16:18:15.0468 6576	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:18:15.0530 6576	Serenum - ok
16:18:15.0561 6576	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:18:15.0608 6576	Serial - ok
16:18:15.0639 6576	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:18:15.0686 6576	sermouse - ok
16:18:15.0733 6576	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:18:15.0842 6576	SessionEnv - ok
16:18:15.0967 6576	SfCtlCom        (52c525bf4d78125a5064d0d1705f04b6) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
16:18:16.0014 6576	SfCtlCom - ok
16:18:16.0045 6576	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:18:16.0092 6576	sffdisk - ok
16:18:16.0107 6576	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:18:16.0154 6576	sffp_mmc - ok
16:18:16.0170 6576	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:18:16.0216 6576	sffp_sd - ok
16:18:16.0232 6576	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:18:16.0263 6576	sfloppy - ok
16:18:16.0372 6576	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:18:16.0435 6576	Sftfs - ok
16:18:16.0560 6576	sftlist         (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:18:16.0669 6576	sftlist - ok
16:18:16.0716 6576	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:18:16.0747 6576	Sftplay - ok
16:18:16.0778 6576	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:18:16.0794 6576	Sftredir - ok
16:18:16.0825 6576	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:18:16.0840 6576	Sftvol - ok
16:18:16.0887 6576	sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:18:16.0950 6576	sftvsa - ok
16:18:17.0028 6576	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:18:17.0106 6576	SharedAccess - ok
16:18:17.0199 6576	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:18:17.0293 6576	ShellHWDetection - ok
16:18:17.0308 6576	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:18:17.0340 6576	SiSRaid2 - ok
16:18:17.0355 6576	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:18:17.0386 6576	SiSRaid4 - ok
16:18:17.0418 6576	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:18:17.0480 6576	Smb - ok
16:18:17.0496 6576	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:18:17.0542 6576	SNMPTRAP - ok
16:18:17.0574 6576	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:18:17.0589 6576	spldr - ok
16:18:17.0652 6576	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:18:17.0730 6576	Spooler - ok
16:18:18.0026 6576	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:18:18.0135 6576	sppsvc - ok
16:18:18.0260 6576	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:18:18.0354 6576	sppuinotify - ok
16:18:18.0447 6576	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:18:18.0525 6576	srv - ok
16:18:18.0603 6576	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:18:18.0650 6576	srv2 - ok
16:18:18.0697 6576	SrvHsfHDA       (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:18:18.0744 6576	SrvHsfHDA - ok
16:18:18.0868 6576	SrvHsfV92       (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:18:18.0946 6576	SrvHsfV92 - ok
16:18:19.0149 6576	SrvHsfWinac     (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:18:19.0227 6576	SrvHsfWinac - ok
16:18:19.0274 6576	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:18:19.0305 6576	srvnet - ok
16:18:19.0336 6576	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:18:19.0446 6576	SSDPSRV - ok
16:18:19.0477 6576	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:18:19.0524 6576	SstpSvc - ok
16:18:19.0648 6576	STacSV          (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe
16:18:19.0726 6576	STacSV - ok
16:18:19.0758 6576	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:18:19.0773 6576	stexstor - ok
16:18:19.0836 6576	STHDA           (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
16:18:19.0898 6576	STHDA - ok
16:18:19.0945 6576	StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
16:18:19.0992 6576	StillCam - ok
16:18:20.0070 6576	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:18:20.0132 6576	stisvc - ok
16:18:20.0148 6576	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:18:20.0179 6576	swenum - ok
16:18:20.0257 6576	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:18:20.0350 6576	swprv - ok
16:18:20.0475 6576	SynTP           (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
16:18:20.0538 6576	SynTP - ok
16:18:20.0834 6576	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:18:20.0896 6576	SysMain - ok
16:18:21.0037 6576	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:18:21.0130 6576	TabletInputService - ok
16:18:21.0162 6576	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:18:21.0271 6576	TapiSrv - ok
16:18:21.0302 6576	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:18:21.0380 6576	TBS - ok
16:18:21.0598 6576	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:18:21.0661 6576	Tcpip - ok
16:18:21.0988 6576	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:18:22.0051 6576	TCPIP6 - ok
16:18:22.0222 6576	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:18:22.0316 6576	tcpipreg - ok
16:18:22.0332 6576	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:18:22.0394 6576	TDPIPE - ok
16:18:22.0425 6576	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:18:22.0472 6576	TDTCP - ok
16:18:22.0519 6576	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:18:22.0581 6576	tdx - ok
16:18:22.0612 6576	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:18:22.0644 6576	TermDD - ok
16:18:22.0706 6576	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:18:22.0784 6576	TermService - ok
16:18:22.0800 6576	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:18:22.0846 6576	Themes - ok
16:18:22.0878 6576	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:18:22.0924 6576	THREADORDER - ok
16:18:23.0034 6576	TMBMServer      (963c903e5176c5cdcae321d48635b21f) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
16:18:23.0096 6576	TMBMServer - ok
16:18:23.0174 6576	tmlwf           (35a6aeb61c7cf21b10cc05bda47339b5) C:\Windows\system32\DRIVERS\tmlwf.sys
16:18:23.0236 6576	tmlwf - ok
16:18:23.0346 6576	TmPfw           (c52867f238ef1aafcd35f8d134b8ab10) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
16:18:23.0408 6576	TmPfw - ok
16:18:23.0455 6576	tmpreflt        (1889f49a828b1cf0e2866cdd325875b0) C:\Windows\system32\DRIVERS\tmpreflt.sys
16:18:23.0470 6576	tmpreflt - ok
16:18:23.0595 6576	TmProxy         (3ae913b4fbf06ee49831ff9db2330830) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
16:18:23.0642 6576	TmProxy - ok
16:18:23.0673 6576	tmtdi           (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
16:18:23.0704 6576	tmtdi - ok
16:18:23.0767 6576	tmwfp           (a4670e50c15d7bce7226e4b62700df09) C:\Windows\system32\DRIVERS\tmwfp.sys
16:18:23.0798 6576	tmwfp - ok
16:18:23.0860 6576	tmxpflt         (8b97ba7e28bd39a2bc4a2bb66a83fec0) C:\Windows\system32\DRIVERS\tmxpflt.sys
16:18:23.0907 6576	tmxpflt - ok
16:18:23.0923 6576	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:18:24.0001 6576	TrkWks - ok
16:18:24.0063 6576	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:18:24.0172 6576	TrustedInstaller - ok
16:18:24.0204 6576	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:18:24.0266 6576	tssecsrv - ok
16:18:24.0313 6576	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:18:24.0375 6576	TsUsbFlt - ok
16:18:24.0406 6576	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:18:24.0469 6576	tunnel - ok
16:18:24.0516 6576	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:18:24.0547 6576	uagp35 - ok
16:18:24.0594 6576	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:18:24.0656 6576	udfs - ok
16:18:24.0703 6576	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:18:24.0750 6576	UI0Detect - ok
16:18:24.0781 6576	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:18:24.0812 6576	uliagpkx - ok
16:18:24.0828 6576	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:18:24.0859 6576	umbus - ok
16:18:24.0890 6576	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:18:24.0921 6576	UmPass - ok
16:18:24.0984 6576	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:18:25.0077 6576	upnphost - ok
16:18:25.0108 6576	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:18:25.0171 6576	usbccgp - ok
16:18:25.0202 6576	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:18:25.0233 6576	usbcir - ok
16:18:25.0264 6576	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:18:25.0296 6576	usbehci - ok
16:18:25.0342 6576	usbfilter       (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
16:18:25.0389 6576	usbfilter - ok
16:18:25.0467 6576	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:18:25.0545 6576	usbhub - ok
16:18:25.0576 6576	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:18:25.0608 6576	usbohci - ok
16:18:25.0639 6576	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:18:25.0686 6576	usbprint - ok
16:18:25.0748 6576	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:18:25.0795 6576	usbscan - ok
16:18:25.0826 6576	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:18:25.0888 6576	USBSTOR - ok
16:18:25.0920 6576	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:18:25.0951 6576	usbuhci - ok
16:18:25.0998 6576	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:18:26.0060 6576	usbvideo - ok
16:18:26.0091 6576	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:18:26.0154 6576	UxSms - ok
16:18:26.0169 6576	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:18:26.0200 6576	VaultSvc - ok
16:18:26.0216 6576	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:18:26.0232 6576	vdrvroot - ok
16:18:26.0294 6576	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:18:26.0388 6576	vds - ok
16:18:26.0403 6576	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:18:26.0434 6576	vga - ok
16:18:26.0466 6576	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:18:26.0528 6576	VgaSave - ok
16:18:26.0575 6576	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:18:26.0622 6576	vhdmp - ok
16:18:26.0637 6576	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:18:26.0668 6576	viaide - ok
16:18:26.0684 6576	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:18:26.0700 6576	volmgr - ok
16:18:26.0778 6576	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:18:26.0793 6576	volmgrx - ok
16:18:26.0840 6576	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:18:26.0871 6576	volsnap - ok
16:18:27.0043 6576	vsapint         (3a5862d9a4fe4bbb2ffa1700e2b21b9b) C:\Windows\system32\DRIVERS\vsapint.sys
16:18:27.0136 6576	vsapint - ok
16:18:27.0464 6576	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:18:27.0526 6576	vsmraid - ok
16:18:27.0667 6576	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:18:27.0760 6576	VSS - ok
16:18:27.0901 6576	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:18:27.0979 6576	vwifibus - ok
16:18:28.0026 6576	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:18:28.0119 6576	vwififlt - ok
16:18:28.0150 6576	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:18:28.0197 6576	vwifimp - ok
16:18:28.0244 6576	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:18:28.0322 6576	W32Time - ok
16:18:28.0338 6576	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:18:28.0384 6576	WacomPen - ok
16:18:28.0416 6576	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:28.0494 6576	WANARP - ok
16:18:28.0509 6576	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:18:28.0556 6576	Wanarpv6 - ok
16:18:28.0712 6576	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:18:28.0774 6576	wbengine - ok
16:18:28.0946 6576	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:18:29.0008 6576	WbioSrvc - ok
16:18:29.0071 6576	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:18:29.0102 6576	wcncsvc - ok
16:18:29.0133 6576	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:18:29.0180 6576	WcsPlugInService - ok
16:18:29.0227 6576	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:18:29.0274 6576	Wd - ok
16:18:29.0352 6576	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:18:29.0383 6576	Wdf01000 - ok
16:18:29.0414 6576	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:18:29.0523 6576	WdiServiceHost - ok
16:18:29.0523 6576	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:18:29.0554 6576	WdiSystemHost - ok
16:18:29.0601 6576	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:18:29.0648 6576	WebClient - ok
16:18:29.0679 6576	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:18:29.0742 6576	Wecsvc - ok
16:18:29.0773 6576	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:18:29.0851 6576	wercplsupport - ok
16:18:29.0866 6576	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:18:29.0944 6576	WerSvc - ok
16:18:29.0976 6576	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:18:30.0038 6576	WfpLwf - ok
16:18:30.0038 6576	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:18:30.0069 6576	WIMMount - ok
16:18:30.0116 6576	WinDefend - ok
16:18:30.0116 6576	WinHttpAutoProxySvc - ok
16:18:30.0178 6576	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:18:30.0272 6576	Winmgmt - ok
16:18:30.0459 6576	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:18:30.0553 6576	WinRM - ok
16:18:30.0771 6576	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:18:30.0818 6576	WinUsb - ok
16:18:30.0927 6576	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:18:30.0958 6576	Wlansvc - ok
16:18:31.0068 6576	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:18:31.0099 6576	wlcrasvc - ok
16:18:31.0333 6576	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:18:31.0426 6576	wlidsvc - ok
16:18:31.0582 6576	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:18:31.0645 6576	WmiAcpi - ok
16:18:31.0707 6576	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:18:31.0785 6576	wmiApSrv - ok
16:18:31.0832 6576	WMPNetworkSvc - ok
16:18:31.0879 6576	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:18:31.0941 6576	WPCSvc - ok
16:18:31.0988 6576	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:18:32.0066 6576	WPDBusEnum - ok
16:18:32.0097 6576	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:18:32.0160 6576	ws2ifsl - ok
16:18:32.0191 6576	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:18:32.0253 6576	wscsvc - ok
16:18:32.0253 6576	WSearch - ok
16:18:32.0456 6576	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:18:32.0534 6576	wuauserv - ok
16:18:32.0690 6576	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:18:32.0784 6576	WudfPf - ok
16:18:32.0815 6576	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:18:32.0877 6576	WUDFRd - ok
16:18:32.0908 6576	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:18:32.0971 6576	wudfsvc - ok
16:18:33.0033 6576	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:18:33.0096 6576	WwanSvc - ok
16:18:33.0158 6576	yukonw7         (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
16:18:33.0220 6576	yukonw7 - ok
16:18:33.0252 6576	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:18:33.0688 6576	\Device\Harddisk0\DR0 - ok
16:18:33.0704 6576	Boot (0x1200)   (6c4ac01224932aa3e7b28942214e7aa3) \Device\Harddisk0\DR0\Partition0
16:18:33.0704 6576	\Device\Harddisk0\DR0\Partition0 - ok
16:18:33.0720 6576	Boot (0x1200)   (a658c0bbed514bdc8e7a9203f55f0706) \Device\Harddisk0\DR0\Partition1
16:18:33.0720 6576	\Device\Harddisk0\DR0\Partition1 - ok
16:18:33.0751 6576	Boot (0x1200)   (d46a3289f794abb084f50b752566b7a3) \Device\Harddisk0\DR0\Partition2
16:18:33.0751 6576	\Device\Harddisk0\DR0\Partition2 - ok
16:18:33.0813 6576	Boot (0x1200)   (5007b345a485cc457e429edf1bd7d4b1) \Device\Harddisk0\DR0\Partition3
16:18:33.0813 6576	\Device\Harddisk0\DR0\Partition3 - ok
16:18:33.0813 6576	============================================================
16:18:33.0813 6576	Scan finished
16:18:33.0813 6576	============================================================
16:18:33.0829 7412	Detected object count: 6
16:18:33.0829 7412	Actual detected object count: 6
16:19:36.0494 7412	hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412	hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:36.0494 7412	hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412	hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:36.0494 7412	HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0494 7412	HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:36.0510 7412	LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412	LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:36.0510 7412	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:19:36.0510 7412	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:19:36.0510 7412	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:28.0111 8176	============================================================
16:20:28.0111 8176	Scan started
16:20:28.0111 8176	Mode: Manual; SigCheck; TDLFS; 
16:20:28.0111 8176	============================================================
16:20:28.0547 8176	1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
16:20:28.0579 8176	1394ohci - ok
16:20:28.0672 8176	a2acc           (2d6434e957f7cfa0035c20890f77bbc6) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:20:28.0719 8176	a2acc - ok
16:20:28.0953 8176	a2AntiMalware   (8b75ba256bcada2b73ffa5bd77aa9e6c) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:20:29.0031 8176	a2AntiMalware - ok
16:20:29.0109 8176	A2DDA           (3044d0f3feb9ffe8bc953d8f34b5b504) C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:20:29.0140 8176	A2DDA - ok
16:20:29.0156 8176	a2injectiondriver (3d55ce53128c81e06cd6b024c3b9fac3) C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys
16:20:29.0171 8176	a2injectiondriver - ok
16:20:29.0203 8176	a2util          (e41d79682a209f72f4f578cfd4a53952) C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys
16:20:29.0218 8176	a2util - ok
16:20:29.0374 8176	Accelerometer   (5c368f4b04ed2a923e6afca2d37baff5) C:\Windows\system32\DRIVERS\Accelerometer.sys
16:20:29.0405 8176	Accelerometer - ok
16:20:29.0452 8176	ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
16:20:29.0468 8176	ACPI - ok
16:20:29.0483 8176	AcpiPmi         (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
16:20:29.0515 8176	AcpiPmi - ok
16:20:29.0577 8176	adp94xx         (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
16:20:29.0624 8176	adp94xx - ok
16:20:29.0671 8176	adpahci         (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
16:20:29.0702 8176	adpahci - ok
16:20:29.0733 8176	adpu320         (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
16:20:29.0749 8176	adpu320 - ok
16:20:29.0780 8176	AeLookupSvc     (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
16:20:29.0827 8176	AeLookupSvc - ok
16:20:29.0920 8176	AESTFilters     (a6fb9db8f1a86861d955fd6975977ae0) C:\Program Files\IDT\WDM\AESTSr64.exe
16:20:29.0951 8176	AESTFilters - ok
16:20:30.0029 8176	AFD             (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
16:20:30.0061 8176	AFD - ok
16:20:30.0092 8176	agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
16:20:30.0107 8176	agp440 - ok
16:20:30.0139 8176	ALG             (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
16:20:30.0170 8176	ALG - ok
16:20:30.0185 8176	aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
16:20:30.0201 8176	aliide - ok
16:20:30.0248 8176	AMD External Events Utility (c6eea8769226dacb1585fe23beb4af23) C:\Windows\system32\atiesrxx.exe
16:20:30.0263 8176	AMD External Events Utility - ok
16:20:30.0279 8176	AMD FUEL Service - ok
16:20:30.0310 8176	AMD Reservation Manager (dd27f6c3de9bfe50635c721e09edc5dd) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
16:20:30.0326 8176	AMD Reservation Manager - ok
16:20:30.0357 8176	amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
16:20:30.0373 8176	amdide - ok
16:20:30.0388 8176	amdiox64        (6a2eeb0c4133b20773bb3dd0b7b377b4) C:\Windows\system32\DRIVERS\amdiox64.sys
16:20:30.0388 8176	amdiox64 - ok
16:20:30.0419 8176	AmdK8           (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
16:20:30.0435 8176	AmdK8 - ok
16:20:31.0075 8176	amdkmdag        (98e20c5a39fea1920031d3850004b334) C:\Windows\system32\DRIVERS\atikmdag.sys
16:20:31.0215 8176	amdkmdag - ok
16:20:31.0387 8176	amdkmdap        (8624dc7b8d22daf28f5438735095f6c4) C:\Windows\system32\DRIVERS\atikmpag.sys
16:20:31.0402 8176	amdkmdap - ok
16:20:31.0433 8176	AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
16:20:31.0465 8176	AmdPPM - ok
16:20:31.0496 8176	amdsata         (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
16:20:31.0511 8176	amdsata - ok
16:20:31.0543 8176	amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
16:20:31.0558 8176	amdsbs - ok
16:20:31.0605 8176	amdxata         (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
16:20:31.0621 8176	amdxata - ok
16:20:31.0636 8176	AppID           (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
16:20:31.0683 8176	AppID - ok
16:20:31.0714 8176	AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
16:20:31.0761 8176	AppIDSvc - ok
16:20:31.0792 8176	Appinfo         (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
16:20:31.0839 8176	Appinfo - ok
16:20:32.0057 8176	AR5416          (3ab3dac7d89283c1aaaabe75380a35ec) C:\Windows\system32\DRIVERS\athwx.sys
16:20:32.0135 8176	AR5416 - ok
16:20:32.0291 8176	arc             (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
16:20:32.0323 8176	arc - ok
16:20:32.0338 8176	arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
16:20:32.0369 8176	arcsas - ok
16:20:32.0369 8176	AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
16:20:32.0416 8176	AsyncMac - ok
16:20:32.0447 8176	atapi           (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
16:20:32.0463 8176	atapi - ok
16:20:32.0666 8176	athr            (96abf88241f90ff647e55c934c55c2f1) C:\Windows\system32\DRIVERS\athrx.sys
16:20:32.0744 8176	athr - ok
16:20:32.0900 8176	AtiHdmiService  (2d648572ba9a610952fcafba1e119c2d) C:\Windows\system32\drivers\AtiHdmi.sys
16:20:32.0915 8176	AtiHdmiService - ok
16:20:32.0931 8176	AtiPcie         (e82e61f46d1336447f4deff8c074f13e) C:\Windows\system32\DRIVERS\AtiPcie64.sys
16:20:32.0947 8176	AtiPcie - ok
16:20:33.0025 8176	AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:20:33.0071 8176	AudioEndpointBuilder - ok
16:20:33.0087 8176	AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
16:20:33.0149 8176	AudioSrv - ok
16:20:33.0181 8176	AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
16:20:33.0227 8176	AxInstSV - ok
16:20:33.0290 8176	b06bdrv         (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
16:20:33.0337 8176	b06bdrv - ok
16:20:33.0383 8176	b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
16:20:33.0399 8176	b57nd60a - ok
16:20:33.0539 8176	BBSvc           (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
16:20:33.0571 8176	BBSvc - ok
16:20:33.0664 8176	BBUpdate        (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
16:20:33.0742 8176	BBUpdate - ok
16:20:33.0789 8176	BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
16:20:33.0805 8176	BDESVC - ok
16:20:33.0836 8176	Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
16:20:33.0883 8176	Beep - ok
16:20:33.0961 8176	BFE             (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
16:20:34.0023 8176	BFE - ok
16:20:34.0132 8176	BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\System32\qmgr.dll
16:20:34.0195 8176	BITS - ok
16:20:34.0226 8176	blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
16:20:34.0241 8176	blbdrive - ok
16:20:34.0273 8176	bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
16:20:34.0304 8176	bowser - ok
16:20:34.0319 8176	BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:20:34.0351 8176	BrFiltLo - ok
16:20:34.0351 8176	BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:20:34.0366 8176	BrFiltUp - ok
16:20:34.0397 8176	Browser         (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
16:20:34.0444 8176	Browser - ok
16:20:34.0491 8176	Brserid         (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
16:20:34.0522 8176	Brserid - ok
16:20:34.0538 8176	BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
16:20:34.0553 8176	BrSerWdm - ok
16:20:34.0569 8176	BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
16:20:34.0600 8176	BrUsbMdm - ok
16:20:34.0616 8176	BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
16:20:34.0631 8176	BrUsbSer - ok
16:20:34.0647 8176	BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
16:20:34.0678 8176	BTHMODEM - ok
16:20:34.0709 8176	bthserv         (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
16:20:34.0756 8176	bthserv - ok
16:20:34.0787 8176	cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
16:20:34.0834 8176	cdfs - ok
16:20:34.0881 8176	cdrom           (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
16:20:34.0897 8176	cdrom - ok
16:20:34.0928 8176	CertPropSvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:20:34.0975 8176	CertPropSvc - ok
16:20:34.0990 8176	circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
16:20:35.0021 8176	circlass - ok
16:20:35.0068 8176	CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
16:20:35.0084 8176	CLFS - ok
16:20:35.0131 8176	clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:20:35.0146 8176	clr_optimization_v2.0.50727_32 - ok
16:20:35.0193 8176	clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:20:35.0209 8176	clr_optimization_v2.0.50727_64 - ok
16:20:35.0271 8176	clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:20:35.0302 8176	clr_optimization_v4.0.30319_32 - ok
16:20:35.0349 8176	clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:20:35.0365 8176	clr_optimization_v4.0.30319_64 - ok
16:20:35.0396 8176	clwvd           (50f92c943f18b070f166d019dfab3d9a) C:\Windows\system32\DRIVERS\clwvd.sys
16:20:35.0396 8176	clwvd - ok
16:20:35.0427 8176	CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
16:20:35.0443 8176	CmBatt - ok
16:20:35.0458 8176	cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
16:20:35.0474 8176	cmdide - ok
16:20:35.0536 8176	CNG             (c4943b6c962e4b82197542447ad599f4) C:\Windows\system32\Drivers\cng.sys
16:20:35.0567 8176	CNG - ok
16:20:35.0614 8176	Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
16:20:35.0630 8176	Compbatt - ok
16:20:35.0645 8176	CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
16:20:35.0677 8176	CompositeBus - ok
16:20:35.0677 8176	COMSysApp - ok
16:20:35.0708 8176	crcdisk         (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
16:20:35.0723 8176	crcdisk - ok
16:20:35.0770 8176	CryptSvc        (15597883fbe9b056f276ada3ad87d9af) C:\Windows\system32\cryptsvc.dll
16:20:35.0833 8176	CryptSvc - ok
16:20:36.0004 8176	cvhsvc          (72794d112cbaff3bc0c29bf7350d4741) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:20:36.0035 8176	cvhsvc - ok
16:20:36.0051 8176	dc3d            (7af9dac504fbd047cbc3e64ae52c92bf) C:\Windows\system32\DRIVERS\dc3d.sys
16:20:36.0082 8176	dc3d - ok
16:20:36.0145 8176	DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:20:36.0191 8176	DcomLaunch - ok
16:20:36.0238 8176	defragsvc       (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
16:20:36.0285 8176	defragsvc - ok
16:20:36.0316 8176	DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
16:20:36.0363 8176	DfsC - ok
16:20:36.0441 8176	Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
16:20:36.0503 8176	Dhcp - ok
16:20:36.0535 8176	discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
16:20:36.0581 8176	discache - ok
16:20:36.0613 8176	Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
16:20:36.0628 8176	Disk - ok
16:20:36.0659 8176	Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
16:20:36.0691 8176	Dnscache - ok
16:20:36.0737 8176	dot3svc         (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
16:20:36.0784 8176	dot3svc - ok
16:20:36.0815 8176	Dot4            (b42ed0320c6e41102fde0005154849bb) C:\Windows\system32\DRIVERS\Dot4.sys
16:20:36.0831 8176	Dot4 - ok
16:20:36.0862 8176	Dot4Print       (e9f5969233c5d89f3c35e3a66a52a361) C:\Windows\system32\drivers\Dot4Prt.sys
16:20:36.0878 8176	Dot4Print - ok
16:20:36.0909 8176	dot4usb         (fd05a02b0370bc3000f402e543ca5814) C:\Windows\system32\DRIVERS\dot4usb.sys
16:20:36.0925 8176	dot4usb - ok
16:20:36.0956 8176	DPS             (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
16:20:37.0003 8176	DPS - ok
16:20:37.0034 8176	drmkaud         (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
16:20:37.0049 8176	drmkaud - ok
16:20:37.0159 8176	DXGKrnl         (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
16:20:37.0190 8176	DXGKrnl - ok
16:20:37.0221 8176	EapHost         (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
16:20:37.0268 8176	EapHost - ok
16:20:37.0533 8176	ebdrv           (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
16:20:37.0611 8176	ebdrv - ok
16:20:37.0736 8176	EFS             (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
16:20:37.0783 8176	EFS - ok
16:20:37.0892 8176	ehRecvr         (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
16:20:37.0954 8176	ehRecvr - ok
16:20:38.0095 8176	ehSched         (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
16:20:38.0141 8176	ehSched - ok
16:20:38.0219 8176	elxstor         (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
16:20:38.0251 8176	elxstor - ok
16:20:38.0266 8176	ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
16:20:38.0282 8176	ErrDev - ok
16:20:38.0344 8176	EventSystem     (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
16:20:38.0407 8176	EventSystem - ok
16:20:38.0438 8176	exfat           (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
16:20:38.0500 8176	exfat - ok
16:20:38.0500 8176	ezSharedSvc - ok
16:20:38.0547 8176	fastfat         (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
16:20:38.0594 8176	fastfat - ok
16:20:38.0672 8176	Fax             (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
16:20:38.0719 8176	Fax - ok
16:20:38.0750 8176	fdc             (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
16:20:38.0765 8176	fdc - ok
16:20:38.0797 8176	fdPHost         (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
16:20:38.0843 8176	fdPHost - ok
16:20:38.0859 8176	FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
16:20:38.0906 8176	FDResPub - ok
16:20:38.0937 8176	FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
16:20:38.0953 8176	FileInfo - ok
16:20:38.0968 8176	Filetrace       (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
16:20:39.0015 8176	Filetrace - ok
16:20:39.0031 8176	flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
16:20:39.0062 8176	flpydisk - ok
16:20:39.0093 8176	FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
16:20:39.0109 8176	FltMgr - ok
16:20:39.0218 8176	FontCache       (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
16:20:39.0265 8176	FontCache - ok
16:20:39.0311 8176	FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:39.0343 8176	FontCache3.0.0.0 - ok
16:20:39.0436 8176	FPLService      (0dcef328bccd4e1622ea613f84bd3e54) C:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe
16:20:39.0467 8176	FPLService - ok
16:20:39.0577 8176	FsDepends       (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
16:20:39.0608 8176	FsDepends - ok
16:20:39.0623 8176	Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
16:20:39.0639 8176	Fs_Rec - ok
16:20:39.0686 8176	fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
16:20:39.0717 8176	fvevol - ok
16:20:39.0748 8176	gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
16:20:39.0764 8176	gagp30kx - ok
16:20:39.0842 8176	gpsvc           (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
16:20:39.0904 8176	gpsvc - ok
16:20:39.0982 8176	gupdate         (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:20:40.0013 8176	gupdate - ok
16:20:40.0029 8176	gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:20:40.0045 8176	gupdatem - ok
16:20:40.0076 8176	hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
16:20:40.0091 8176	hcw85cir - ok
16:20:40.0138 8176	HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
16:20:40.0169 8176	HdAudAddService - ok
16:20:40.0216 8176	HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
16:20:40.0232 8176	HDAudBus - ok
16:20:40.0263 8176	HidBatt         (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
16:20:40.0279 8176	HidBatt - ok
16:20:40.0310 8176	HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
16:20:40.0341 8176	HidBth - ok
16:20:40.0372 8176	HidIr           (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
16:20:40.0388 8176	HidIr - ok
16:20:40.0403 8176	hidserv         (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
16:20:40.0466 8176	hidserv - ok
16:20:40.0481 8176	HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
16:20:40.0497 8176	HidUsb - ok
16:20:40.0528 8176	hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
16:20:40.0575 8176	hkmsvc - ok
16:20:40.0637 8176	HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
16:20:40.0684 8176	HomeGroupListener - ok
16:20:40.0715 8176	HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
16:20:40.0747 8176	HomeGroupProvider - ok
16:20:40.0856 8176	HP Support Assistant Service (13bb1114451c63bfb41ba7daa4d70a29) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
16:20:40.0871 8176	HP Support Assistant Service - ok
16:20:40.0949 8176	HP Wireless Assistant Service (c930128c8f8ff03d8f8c42b570920d56) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
16:20:40.0965 8176	HP Wireless Assistant Service - ok
16:20:41.0012 8176	HPClientSvc     (3dc11a802353401332d49c3cbfbbe5fc) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
16:20:41.0027 8176	HPClientSvc - ok
16:20:41.0074 8176	HPDrvMntSvc.exe (b19ff523b533a3f198b9239e1749c940) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
16:20:41.0105 8176	HPDrvMntSvc.exe - ok
16:20:41.0168 8176	hpdskflt        (4e0bec0f78096ffd6d3314b497fc49d3) C:\Windows\system32\DRIVERS\hpdskflt.sys
16:20:41.0199 8176	hpdskflt - ok
16:20:41.0293 8176	hpqcxs08        (1dae5c46d42b02a6d5862e1482efb390) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:20:41.0324 8176	hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0324 8176	hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
16:20:41.0339 8176	hpqddsvc        (99e8eef42fe2f4af29b08c3355dd7685) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:20:41.0355 8176	hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0355 8176	hpqddsvc - detected UnsignedFile.Multi.Generic (1)
16:20:41.0464 8176	hpqwmiex        (01091b900e15878b4434f9c726c4541d) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
16:20:41.0495 8176	hpqwmiex - ok
16:20:41.0651 8176	HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
16:20:41.0698 8176	HpSAMD - ok
16:20:41.0854 8176	HPSLPSVC        (7f57926169c1b8aba9274ea7d4b70f18) C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:20:41.0885 8176	HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:20:41.0885 8176	HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:20:41.0917 8176	hpsrv           (fc7c13b5a9e9be23b7ae72bbc7fdb278) C:\Windows\system32\Hpservice.exe
16:20:41.0932 8176	hpsrv - ok
16:20:41.0979 8176	HPWMISVC        (f630dd7564ebb7248a13b1cc774d9ea6) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
16:20:41.0995 8176	HPWMISVC - ok
16:20:42.0073 8176	HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
16:20:42.0119 8176	HTTP - ok
16:20:42.0151 8176	hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
16:20:42.0166 8176	hwpolicy - ok
16:20:42.0197 8176	i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
16:20:42.0213 8176	i8042prt - ok
16:20:42.0275 8176	iaStorV         (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
16:20:42.0307 8176	iaStorV - ok
16:20:42.0525 8176	idsvc           (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:20:42.0572 8176	idsvc - ok
16:20:43.0055 8176	igfx            (a87261ef1546325b559374f5689cf5bc) C:\Windows\system32\DRIVERS\igdkmd64.sys
16:20:43.0258 8176	igfx - ok
16:20:43.0414 8176	iirsp           (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
16:20:43.0430 8176	iirsp - ok
16:20:43.0523 8176	IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
16:20:43.0586 8176	IKEEXT - ok
16:20:43.0617 8176	intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
16:20:43.0633 8176	intelide - ok
16:20:43.0648 8176	intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
16:20:43.0664 8176	intelppm - ok
16:20:43.0711 8176	IPBusEnum       (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
16:20:43.0757 8176	IPBusEnum - ok
16:20:43.0773 8176	IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:43.0820 8176	IpFilterDriver - ok
16:20:43.0898 8176	iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
16:20:43.0960 8176	iphlpsvc - ok
16:20:43.0976 8176	IPMIDRV         (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
16:20:44.0007 8176	IPMIDRV - ok
16:20:44.0038 8176	IPNAT           (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
16:20:44.0085 8176	IPNAT - ok
16:20:44.0101 8176	IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
16:20:44.0132 8176	IRENUM - ok
16:20:44.0163 8176	isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
16:20:44.0179 8176	isapnp - ok
16:20:44.0225 8176	iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
16:20:44.0241 8176	iScsiPrt - ok
16:20:44.0272 8176	kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
16:20:44.0288 8176	kbdclass - ok
16:20:44.0319 8176	kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
16:20:44.0397 8176	kbdhid - ok
16:20:44.0413 8176	KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:44.0444 8176	KeyIso - ok
16:20:44.0459 8176	KSecDD          (da1e991a61cfdd755a589e206b97644b) C:\Windows\system32\Drivers\ksecdd.sys
16:20:44.0475 8176	KSecDD - ok
16:20:44.0506 8176	KSecPkg         (7e33198d956943a4f11a5474c1e9106f) C:\Windows\system32\Drivers\ksecpkg.sys
16:20:44.0537 8176	KSecPkg - ok
16:20:44.0569 8176	ksthunk         (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
16:20:44.0615 8176	ksthunk - ok
16:20:44.0662 8176	KtmRm           (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
16:20:44.0725 8176	KtmRm - ok
16:20:44.0771 8176	LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\system32\srvsvc.dll
16:20:44.0834 8176	LanmanServer - ok
16:20:44.0881 8176	LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
16:20:44.0927 8176	LanmanWorkstation - ok
16:20:45.0005 8176	LightScribeService (fcbdcc6f1801e32244235608e1277752) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
16:20:45.0021 8176	LightScribeService ( UnsignedFile.Multi.Generic ) - warning
16:20:45.0021 8176	LightScribeService - detected UnsignedFile.Multi.Generic (1)
16:20:45.0052 8176	lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
16:20:45.0115 8176	lltdio - ok
16:20:45.0162 8176	lltdsvc         (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
16:20:45.0224 8176	lltdsvc - ok
16:20:45.0240 8176	lmhosts         (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
16:20:45.0286 8176	lmhosts - ok
16:20:45.0318 8176	LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
16:20:45.0349 8176	LSI_FC - ok
16:20:45.0380 8176	LSI_SAS         (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
16:20:45.0396 8176	LSI_SAS - ok
16:20:45.0411 8176	LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:20:45.0427 8176	LSI_SAS2 - ok
16:20:45.0474 8176	LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:20:45.0489 8176	LSI_SCSI - ok
16:20:45.0505 8176	luafv           (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
16:20:45.0567 8176	luafv - ok
16:20:45.0598 8176	MBAMProtector   (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
16:20:45.0614 8176	MBAMProtector - ok
16:20:45.0723 8176	MBAMService     (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:20:45.0754 8176	MBAMService - ok
16:20:45.0786 8176	Mcx2Svc         (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
16:20:45.0817 8176	Mcx2Svc - ok
16:20:45.0832 8176	megasas         (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
16:20:45.0848 8176	megasas - ok
16:20:45.0910 8176	MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
16:20:45.0926 8176	MegaSR - ok
16:20:45.0957 8176	MMCSS           (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:20:46.0004 8176	MMCSS - ok
16:20:46.0020 8176	Modem           (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
16:20:46.0082 8176	Modem - ok
16:20:46.0098 8176	monitor         (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
16:20:46.0113 8176	monitor - ok
16:20:46.0144 8176	mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
16:20:46.0160 8176	mouclass - ok
16:20:46.0191 8176	mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
16:20:46.0207 8176	mouhid - ok
16:20:46.0238 8176	mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
16:20:46.0254 8176	mountmgr - ok
16:20:46.0300 8176	mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
16:20:46.0332 8176	mpio - ok
16:20:46.0363 8176	mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
16:20:46.0425 8176	mpsdrv - ok
16:20:46.0519 8176	MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
16:20:46.0581 8176	MpsSvc - ok
16:20:46.0612 8176	MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
16:20:46.0644 8176	MRxDAV - ok
16:20:46.0690 8176	mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:46.0722 8176	mrxsmb - ok
16:20:46.0753 8176	mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:46.0784 8176	mrxsmb10 - ok
16:20:46.0815 8176	mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:46.0831 8176	mrxsmb20 - ok
16:20:46.0862 8176	msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
16:20:46.0878 8176	msahci - ok
16:20:46.0909 8176	msdsm           (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
16:20:46.0924 8176	msdsm - ok
16:20:46.0971 8176	MSDTC           (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
16:20:46.0987 8176	MSDTC - ok
16:20:47.0018 8176	Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
16:20:47.0065 8176	Msfs - ok
16:20:47.0080 8176	mshidkmdf       (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
16:20:47.0127 8176	mshidkmdf - ok
16:20:47.0143 8176	msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
16:20:47.0158 8176	msisadrv - ok
16:20:47.0205 8176	MSiSCSI         (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
16:20:47.0252 8176	MSiSCSI - ok
16:20:47.0252 8176	msiserver - ok
16:20:47.0283 8176	MSKSSRV         (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
16:20:47.0330 8176	MSKSSRV - ok
16:20:47.0346 8176	MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:47.0392 8176	MSPCLOCK - ok
16:20:47.0408 8176	MSPQM           (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
16:20:47.0455 8176	MSPQM - ok
16:20:47.0502 8176	MsRPC           (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
16:20:47.0533 8176	MsRPC - ok
16:20:47.0548 8176	mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
16:20:47.0564 8176	mssmbios - ok
16:20:47.0595 8176	MSTEE           (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
16:20:47.0642 8176	MSTEE - ok
16:20:47.0658 8176	MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
16:20:47.0673 8176	MTConfig - ok
16:20:47.0689 8176	Mup             (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
16:20:47.0704 8176	Mup - ok
16:20:47.0751 8176	napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
16:20:47.0814 8176	napagent - ok
16:20:47.0860 8176	NativeWifiP     (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
16:20:47.0892 8176	NativeWifiP - ok
16:20:47.0985 8176	NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
16:20:48.0032 8176	NDIS - ok
16:20:48.0048 8176	NdisCap         (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
16:20:48.0110 8176	NdisCap - ok
16:20:48.0126 8176	NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:48.0172 8176	NdisTapi - ok
16:20:48.0188 8176	Ndisuio         (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:48.0235 8176	Ndisuio - ok
16:20:48.0282 8176	NdisWan         (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:48.0328 8176	NdisWan - ok
16:20:48.0360 8176	NDProxy         (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
16:20:48.0406 8176	NDProxy - ok
16:20:48.0438 8176	Net Driver HPZ12 (d5ac41ae382738483faffbd7e373d49a) C:\Windows\system32\HPZinw12.dll
16:20:48.0453 8176	Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:20:48.0453 8176	Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:20:48.0484 8176	NetBIOS         (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
16:20:48.0531 8176	NetBIOS - ok
16:20:48.0578 8176	NetBT           (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
16:20:48.0656 8176	NetBT - ok
16:20:48.0672 8176	Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:48.0687 8176	Netlogon - ok
16:20:48.0750 8176	Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
16:20:48.0828 8176	Netman - ok
16:20:48.0859 8176	netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
16:20:48.0921 8176	netprofm - ok
16:20:48.0968 8176	NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:20:48.0999 8176	NetTcpPortSharing - ok
16:20:49.0498 8176	netw5v64        (64428dfdaf6e88366cb51f45a79c5f69) C:\Windows\system32\DRIVERS\netw5v64.sys
16:20:49.0670 8176	netw5v64 - ok
16:20:49.0842 8176	nfrd960         (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
16:20:49.0873 8176	nfrd960 - ok
16:20:49.0920 8176	NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
16:20:49.0966 8176	NlaSvc - ok
16:20:49.0998 8176	Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
16:20:50.0060 8176	Npfs - ok
16:20:50.0076 8176	nsi             (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
16:20:50.0122 8176	nsi - ok
16:20:50.0138 8176	nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
16:20:50.0185 8176	nsiproxy - ok
16:20:50.0341 8176	Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
16:20:50.0403 8176	Ntfs - ok
16:20:50.0544 8176	Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
16:20:50.0606 8176	Null - ok
16:20:50.0637 8176	nusb3hub        (a7127e86f9ffe2a53e271b56b2c4cedf) C:\Windows\system32\DRIVERS\nusb3hub.sys
16:20:50.0653 8176	nusb3hub - ok
16:20:50.0700 8176	nusb3xhc        (49bbec6f48d5f9284b03abf3a959b19b) C:\Windows\system32\DRIVERS\nusb3xhc.sys
16:20:50.0731 8176	nusb3xhc - ok
16:20:50.0778 8176	nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
16:20:50.0809 8176	nvraid - ok
16:20:50.0824 8176	nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
16:20:50.0840 8176	nvstor - ok
16:20:50.0871 8176	nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
16:20:50.0887 8176	nv_agp - ok
16:20:50.0918 8176	ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
16:20:50.0949 8176	ohci1394 - ok
16:20:51.0043 8176	ose             (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:51.0058 8176	ose - ok
16:20:51.0558 8176	osppsvc         (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:51.0745 8176	osppsvc - ok
16:20:51.0916 8176	p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:20:51.0963 8176	p2pimsvc - ok
16:20:52.0026 8176	p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
16:20:52.0041 8176	p2psvc - ok
16:20:52.0135 8176	Parport         (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
16:20:52.0166 8176	Parport - ok
16:20:52.0197 8176	partmgr         (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
16:20:52.0213 8176	partmgr - ok
16:20:52.0260 8176	PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
16:20:52.0291 8176	PcaSvc - ok
16:20:52.0338 8176	pci             (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
16:20:52.0353 8176	pci - ok
16:20:52.0369 8176	pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
16:20:52.0384 8176	pciide - ok
16:20:52.0431 8176	pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
16:20:52.0447 8176	pcmcia - ok
16:20:52.0478 8176	pcw             (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
16:20:52.0494 8176	pcw - ok
16:20:52.0540 8176	PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
16:20:52.0603 8176	PEAUTH - ok
16:20:52.0696 8176	PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
16:20:52.0712 8176	PerfHost - ok
16:20:52.0852 8176	pla             (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
16:20:52.0915 8176	pla - ok
16:20:52.0993 8176	PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
16:20:53.0040 8176	PlugPlay - ok
16:20:53.0071 8176	Pml Driver HPZ12 (37f6046cdc630442d7dc087501ff6fc6) C:\Windows\system32\HPZipm12.dll
16:20:53.0086 8176	Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:20:53.0086 8176	Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:20:53.0102 8176	PNRPAutoReg     (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
16:20:53.0133 8176	PNRPAutoReg - ok
16:20:53.0164 8176	PNRPsvc         (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
16:20:53.0196 8176	PNRPsvc - ok
16:20:53.0258 8176	Point64         (4f0878fd62d5f7444c5f1c4c66d9d293) C:\Windows\system32\DRIVERS\point64.sys
16:20:53.0274 8176	Point64 - ok
16:20:53.0352 8176	PolicyAgent     (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
16:20:53.0414 8176	PolicyAgent - ok
16:20:53.0445 8176	Power           (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
16:20:53.0508 8176	Power - ok
16:20:53.0539 8176	PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
16:20:53.0586 8176	PptpMiniport - ok
16:20:53.0601 8176	Processor       (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
16:20:53.0632 8176	Processor - ok
16:20:53.0664 8176	ProfSvc         (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
16:20:53.0695 8176	ProfSvc - ok
16:20:53.0710 8176	ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:53.0726 8176	ProtectedStorage - ok
16:20:53.0757 8176	Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
16:20:53.0804 8176	Psched - ok
16:20:53.0944 8176	ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
16:20:53.0991 8176	ql2300 - ok
16:20:54.0147 8176	ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
16:20:54.0178 8176	ql40xx - ok
16:20:54.0225 8176	QWAVE           (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
16:20:54.0256 8176	QWAVE - ok
16:20:54.0272 8176	QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
16:20:54.0303 8176	QWAVEdrv - ok
16:20:54.0319 8176	RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
16:20:54.0412 8176	RasAcd - ok
16:20:54.0444 8176	RasAgileVpn     (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
16:20:54.0490 8176	RasAgileVpn - ok
16:20:54.0537 8176	RasAuto         (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
16:20:54.0584 8176	RasAuto - ok
16:20:54.0615 8176	Rasl2tp         (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:54.0662 8176	Rasl2tp - ok
16:20:54.0709 8176	RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
16:20:54.0756 8176	RasMan - ok
16:20:54.0802 8176	RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:54.0849 8176	RasPppoe - ok
16:20:54.0849 8176	RasSstp         (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
16:20:54.0912 8176	RasSstp - ok
16:20:54.0958 8176	rdbss           (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
16:20:55.0005 8176	rdbss - ok
16:20:55.0036 8176	rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
16:20:55.0052 8176	rdpbus - ok
16:20:55.0068 8176	RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:55.0114 8176	RDPCDD - ok
16:20:55.0130 8176	RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
16:20:55.0177 8176	RDPENCDD - ok
16:20:55.0208 8176	RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
16:20:55.0255 8176	RDPREFMP - ok
16:20:55.0302 8176	RDPWD           (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
16:20:55.0348 8176	RDPWD - ok
16:20:55.0395 8176	rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
16:20:55.0442 8176	rdyboost - ok
16:20:55.0473 8176	RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
16:20:55.0551 8176	RemoteAccess - ok
16:20:55.0582 8176	RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
16:20:55.0645 8176	RemoteRegistry - ok
16:20:55.0660 8176	RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
16:20:55.0707 8176	RpcEptMapper - ok
16:20:55.0738 8176	RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
16:20:55.0754 8176	RpcLocator - ok
16:20:55.0816 8176	RpcSs           (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
16:20:55.0879 8176	RpcSs - ok
16:20:55.0926 8176	RSPCIESTOR      (ca327a84085f68200452e6761f943298) C:\Windows\system32\DRIVERS\RtsPStor.sys
16:20:55.0941 8176	RSPCIESTOR - ok
16:20:55.0972 8176	rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
16:20:56.0035 8176	rspndr - ok
16:20:56.0113 8176	RTL8167         (5d6a444bd37b52ff846387c87dcdf98a) C:\Windows\system32\DRIVERS\Rt64win7.sys
16:20:56.0128 8176	RTL8167 - ok
16:20:56.0144 8176	SamSs           (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:20:56.0175 8176	SamSs - ok
16:20:56.0206 8176	sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
16:20:56.0222 8176	sbp2port - ok
16:20:56.0269 8176	SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
16:20:56.0316 8176	SCardSvr - ok
16:20:56.0347 8176	scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
16:20:56.0394 8176	scfilter - ok
16:20:56.0487 8176	Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
16:20:56.0565 8176	Schedule - ok
16:20:56.0596 8176	SCPolicySvc     (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
16:20:56.0643 8176	SCPolicySvc - ok
16:20:56.0674 8176	sdbus           (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
16:20:56.0706 8176	sdbus - ok
16:20:56.0737 8176	SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
16:20:56.0784 8176	SDRSVC - ok
16:20:56.0815 8176	secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
16:20:56.0862 8176	secdrv - ok
16:20:56.0893 8176	seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
16:20:56.0940 8176	seclogon - ok
16:20:56.0955 8176	SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
16:20:57.0002 8176	SENS - ok
16:20:57.0033 8176	SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
16:20:57.0049 8176	SensrSvc - ok
16:20:57.0080 8176	Serenum         (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
16:20:57.0111 8176	Serenum - ok
16:20:57.0127 8176	Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
16:20:57.0142 8176	Serial - ok
16:20:57.0174 8176	sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
16:20:57.0189 8176	sermouse - ok
16:20:57.0236 8176	SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
16:20:57.0283 8176	SessionEnv - ok
16:20:57.0423 8176	SfCtlCom        (52c525bf4d78125a5064d0d1705f04b6) C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
16:20:57.0454 8176	SfCtlCom - ok
16:20:57.0517 8176	sffdisk         (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
16:20:57.0564 8176	sffdisk - ok
16:20:57.0595 8176	sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
16:20:57.0610 8176	sffp_mmc - ok
16:20:57.0610 8176	sffp_sd         (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
16:20:57.0642 8176	sffp_sd - ok
16:20:57.0657 8176	sfloppy         (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
16:20:57.0673 8176	sfloppy - ok
16:20:57.0751 8176	Sftfs           (c6cc9297bd53e5229653303e556aa539) C:\Windows\system32\DRIVERS\Sftfslh.sys
16:20:57.0782 8176	Sftfs - ok
16:20:57.0907 8176	sftlist         (13693b6354dd6e72dc5131da7d764b90) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:20:57.0938 8176	sftlist - ok
16:20:57.0985 8176	Sftplay         (390aa7bc52cee43f6790cdea1e776703) C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:20:58.0016 8176	Sftplay - ok
16:20:58.0032 8176	Sftredir        (617e29a0b0a2807466560d4c4e338d3e) C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:20:58.0047 8176	Sftredir - ok
16:20:58.0063 8176	Sftvol          (8f571f016fa1976f445147e9e6c8ae9b) C:\Windows\system32\DRIVERS\Sftvollh.sys
16:20:58.0078 8176	Sftvol - ok
16:20:58.0125 8176	sftvsa          (c3cddd18f43d44ab713cf8c4916f7696) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:20:58.0141 8176	sftvsa - ok
16:20:58.0188 8176	SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
16:20:58.0234 8176	SharedAccess - ok
16:20:58.0297 8176	ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
16:20:58.0359 8176	ShellHWDetection - ok
16:20:58.0375 8176	SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:20:58.0390 8176	SiSRaid2 - ok
16:20:58.0422 8176	SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
16:20:58.0437 8176	SiSRaid4 - ok
16:20:58.0468 8176	Smb             (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
16:20:58.0515 8176	Smb - ok
16:20:58.0531 8176	SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
16:20:58.0562 8176	SNMPTRAP - ok
16:20:58.0578 8176	spldr           (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
16:20:58.0593 8176	spldr - ok
16:20:58.0671 8176	Spooler         (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
16:20:58.0718 8176	Spooler - ok
16:20:59.0264 8176	sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
16:20:59.0436 8176	sppsvc - ok
16:20:59.0545 8176	sppuinotify     (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
16:20:59.0623 8176	sppuinotify - ok
16:20:59.0716 8176	srv             (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
16:20:59.0763 8176	srv - ok
16:20:59.0810 8176	srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
16:20:59.0841 8176	srv2 - ok
16:20:59.0888 8176	SrvHsfHDA       (0c4540311e11664b245a263e1154cef8) C:\Windows\system32\DRIVERS\VSTAZL6.SYS
16:20:59.0904 8176	SrvHsfHDA - ok
16:21:00.0044 8176	SrvHsfV92       (02071d207a9858fbe3a48cbfd59c4a04) C:\Windows\system32\DRIVERS\VSTDPV6.SYS
16:21:00.0091 8176	SrvHsfV92 - ok
16:21:00.0294 8176	SrvHsfWinac     (18e40c245dbfaf36fd0134a7ef2df396) C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
16:21:00.0340 8176	SrvHsfWinac - ok
16:21:00.0372 8176	srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
16:21:00.0387 8176	srvnet - ok
16:21:00.0434 8176	SSDPSRV         (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
16:21:00.0496 8176	SSDPSRV - ok
16:21:00.0512 8176	SstpSvc         (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
16:21:00.0574 8176	SstpSvc - ok
16:21:00.0684 8176	STacSV          (7c49a5e1943afda4672d80726af3bae4) C:\Program Files\IDT\WDM\STacSV64.exe
16:21:00.0730 8176	STacSV - ok
16:21:00.0746 8176	stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
16:21:00.0762 8176	stexstor - ok
16:21:00.0824 8176	STHDA           (0aad250a31a7ee96e0945ab9e1f3baa7) C:\Windows\system32\DRIVERS\stwrt64.sys
16:21:00.0855 8176	STHDA - ok
16:21:00.0886 8176	StillCam        (decacb6921ded1a38642642685d77dac) C:\Windows\system32\DRIVERS\serscan.sys
16:21:00.0902 8176	StillCam - ok
16:21:00.0996 8176	stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
16:21:01.0042 8176	stisvc - ok
16:21:01.0058 8176	swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
16:21:01.0074 8176	swenum - ok
16:21:01.0152 8176	swprv           (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
16:21:01.0198 8176	swprv - ok
16:21:01.0339 8176	SynTP           (33e6a285daa5134d8ea2247914c86c09) C:\Windows\system32\DRIVERS\SynTP.sys
16:21:01.0386 8176	SynTP - ok
16:21:01.0682 8176	SysMain         (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
16:21:01.0744 8176	SysMain - ok
16:21:01.0869 8176	TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
16:21:01.0932 8176	TabletInputService - ok
16:21:01.0978 8176	TapiSrv         (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
16:21:02.0025 8176	TapiSrv - ok
16:21:02.0072 8176	TBS             (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
16:21:02.0119 8176	TBS - ok
16:21:02.0353 8176	Tcpip           (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
16:21:02.0415 8176	Tcpip - ok
16:21:02.0727 8176	TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
16:21:02.0790 8176	TCPIP6 - ok
16:21:02.0946 8176	tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
16:21:02.0992 8176	tcpipreg - ok
16:21:03.0024 8176	TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
16:21:03.0039 8176	TDPIPE - ok
16:21:03.0070 8176	TDTCP           (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
16:21:03.0086 8176	TDTCP - ok
16:21:03.0117 8176	tdx             (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
16:21:03.0164 8176	tdx - ok
16:21:03.0195 8176	TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
16:21:03.0211 8176	TermDD - ok
16:21:03.0289 8176	TermService     (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
16:21:03.0351 8176	TermService - ok
16:21:03.0367 8176	Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
16:21:03.0398 8176	Themes - ok
16:21:03.0429 8176	THREADORDER     (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
16:21:03.0476 8176	THREADORDER - ok
16:21:03.0570 8176	TMBMServer      (963c903e5176c5cdcae321d48635b21f) C:\Program Files\Trend Micro\BM\TMBMSRV.exe
16:21:03.0601 8176	TMBMServer - ok
16:21:03.0663 8176	tmlwf           (35a6aeb61c7cf21b10cc05bda47339b5) C:\Windows\system32\DRIVERS\tmlwf.sys
16:21:03.0694 8176	tmlwf - ok
16:21:03.0772 8176	TmPfw           (c52867f238ef1aafcd35f8d134b8ab10) C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
16:21:03.0788 8176	TmPfw - ok
16:21:03.0819 8176	tmpreflt        (1889f49a828b1cf0e2866cdd325875b0) C:\Windows\system32\DRIVERS\tmpreflt.sys
16:21:03.0835 8176	tmpreflt - ok
16:21:03.0944 8176	TmProxy         (3ae913b4fbf06ee49831ff9db2330830) C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
16:21:03.0991 8176	TmProxy - ok
16:21:04.0022 8176	tmtdi           (21cc12b7f8b44e91d03ead5b17aaf0b2) C:\Windows\system32\DRIVERS\tmtdi.sys
16:21:04.0038 8176	tmtdi - ok
16:21:04.0272 8176	tmwfp           (a4670e50c15d7bce7226e4b62700df09) C:\Windows\system32\DRIVERS\tmwfp.sys
16:21:04.0318 8176	tmwfp - ok
16:21:04.0365 8176	tmxpflt         (8b97ba7e28bd39a2bc4a2bb66a83fec0) C:\Windows\system32\DRIVERS\tmxpflt.sys
16:21:04.0381 8176	tmxpflt - ok
16:21:04.0412 8176	TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
16:21:04.0474 8176	TrkWks - ok
16:21:04.0552 8176	TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
16:21:04.0630 8176	TrustedInstaller - ok
16:21:04.0662 8176	tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:04.0708 8176	tssecsrv - ok
16:21:04.0740 8176	TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
16:21:04.0771 8176	TsUsbFlt - ok
16:21:04.0802 8176	tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
16:21:04.0849 8176	tunnel - ok
16:21:04.0880 8176	uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
16:21:04.0896 8176	uagp35 - ok
16:21:04.0942 8176	udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
16:21:04.0989 8176	udfs - ok
16:21:05.0036 8176	UI0Detect       (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
16:21:05.0052 8176	UI0Detect - ok
16:21:05.0083 8176	uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
16:21:05.0098 8176	uliagpkx - ok
16:21:05.0130 8176	umbus           (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
16:21:05.0145 8176	umbus - ok
16:21:05.0176 8176	UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
16:21:05.0192 8176	UmPass - ok
16:21:05.0254 8176	upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
16:21:05.0301 8176	upnphost - ok
16:21:05.0348 8176	usbccgp         (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:05.0364 8176	usbccgp - ok
16:21:05.0395 8176	usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
16:21:05.0410 8176	usbcir - ok
16:21:05.0457 8176	usbehci         (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\DRIVERS\usbehci.sys
16:21:05.0473 8176	usbehci - ok
16:21:05.0504 8176	usbfilter       (dc2b306861f42eeeb92ef525f4119f08) C:\Windows\system32\DRIVERS\usbfilter.sys
16:21:05.0520 8176	usbfilter - ok
16:21:05.0566 8176	usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
16:21:05.0613 8176	usbhub - ok
16:21:05.0629 8176	usbohci         (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\DRIVERS\usbohci.sys
16:21:05.0644 8176	usbohci - ok
16:21:05.0676 8176	usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
16:21:05.0707 8176	usbprint - ok
16:21:05.0722 8176	usbscan         (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
16:21:05.0754 8176	usbscan - ok
16:21:05.0785 8176	USBSTOR         (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\drivers\USBSTOR.SYS
16:21:05.0816 8176	USBSTOR - ok
16:21:05.0832 8176	usbuhci         (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
16:21:05.0863 8176	usbuhci - ok
16:21:05.0894 8176	usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
16:21:05.0910 8176	usbvideo - ok
16:21:05.0941 8176	UxSms           (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
16:21:05.0988 8176	UxSms - ok
16:21:06.0003 8176	VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
16:21:06.0034 8176	VaultSvc - ok
16:21:06.0050 8176	vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
16:21:06.0066 8176	vdrvroot - ok
16:21:06.0128 8176	vds             (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
16:21:06.0190 8176	vds - ok
16:21:06.0206 8176	vga             (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:06.0237 8176	vga - ok
16:21:06.0253 8176	VgaSave         (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
16:21:06.0300 8176	VgaSave - ok
16:21:06.0346 8176	vhdmp           (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
16:21:06.0362 8176	vhdmp - ok
16:21:06.0393 8176	viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
16:21:06.0409 8176	viaide - ok
16:21:06.0440 8176	volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
16:21:06.0456 8176	volmgr - ok
16:21:06.0518 8176	volmgrx         (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
16:21:06.0534 8176	volmgrx - ok
16:21:06.0596 8176	volsnap         (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
16:21:06.0612 8176	volsnap - ok
16:21:06.0783 8176	vsapint         (3a5862d9a4fe4bbb2ffa1700e2b21b9b) C:\Windows\system32\DRIVERS\vsapint.sys
16:21:06.0846 8176	vsapint - ok
16:21:07.0017 8176	vsmraid         (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:07.0064 8176	vsmraid - ok
16:21:07.0204 8176	VSS             (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
16:21:07.0282 8176	VSS - ok
16:21:07.0423 8176	vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:07.0470 8176	vwifibus - ok
16:21:07.0485 8176	vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:07.0516 8176	vwififlt - ok
16:21:07.0516 8176	vwifimp         (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:07.0548 8176	vwifimp - ok
16:21:07.0594 8176	W32Time         (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
16:21:07.0657 8176	W32Time - ok
16:21:07.0672 8176	WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
16:21:07.0688 8176	WacomPen - ok
16:21:07.0735 8176	WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:21:07.0782 8176	WANARP - ok
16:21:07.0782 8176	Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
16:21:07.0828 8176	Wanarpv6 - ok
16:21:07.0969 8176	wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
16:21:08.0016 8176	wbengine - ok
16:21:08.0156 8176	WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
16:21:08.0218 8176	WbioSrvc - ok
16:21:08.0281 8176	wcncsvc         (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
16:21:08.0312 8176	wcncsvc - ok
16:21:08.0343 8176	WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
16:21:08.0374 8176	WcsPlugInService - ok
16:21:08.0406 8176	Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
16:21:08.0421 8176	Wd - ok
16:21:08.0499 8176	Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
16:21:08.0530 8176	Wdf01000 - ok
16:21:08.0562 8176	WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:21:08.0593 8176	WdiServiceHost - ok
16:21:08.0593 8176	WdiSystemHost   (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
16:21:08.0624 8176	WdiSystemHost - ok
16:21:08.0671 8176	WebClient       (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
16:21:08.0702 8176	WebClient - ok
16:21:08.0733 8176	Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
16:21:08.0796 8176	Wecsvc - ok
16:21:08.0811 8176	wercplsupport   (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
16:21:08.0858 8176	wercplsupport - ok
16:21:08.0889 8176	WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
16:21:08.0936 8176	WerSvc - ok
16:21:08.0983 8176	WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:09.0061 8176	WfpLwf - ok
16:21:09.0076 8176	WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
16:21:09.0092 8176	WIMMount - ok
16:21:09.0139 8176	WinDefend - ok
16:21:09.0154 8176	WinHttpAutoProxySvc - ok
16:21:09.0217 8176	Winmgmt         (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
16:21:09.0279 8176	Winmgmt - ok
16:21:09.0466 8176	WinRM           (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
16:21:09.0560 8176	WinRM - ok
16:21:09.0732 8176	WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUSB.sys
16:21:09.0778 8176	WinUsb - ok
16:21:09.0872 8176	Wlansvc         (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
16:21:09.0919 8176	Wlansvc - ok
16:21:09.0966 8176	wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:21:09.0997 8176	wlcrasvc - ok
16:21:10.0246 8176	wlidsvc         (7e47c328fc4768cb8beafbcfafa70362) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:10.0309 8176	wlidsvc - ok
16:21:10.0480 8176	WmiAcpi         (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
16:21:10.0512 8176	WmiAcpi - ok
16:21:10.0574 8176	wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
16:21:10.0590 8176	wmiApSrv - ok
16:21:10.0652 8176	WMPNetworkSvc - ok
16:21:10.0683 8176	WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
16:21:10.0730 8176	WPCSvc - ok
16:21:10.0777 8176	WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
16:21:10.0792 8176	WPDBusEnum - ok
16:21:10.0824 8176	ws2ifsl         (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
16:21:10.0870 8176	ws2ifsl - ok
16:21:10.0902 8176	wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\System32\wscsvc.dll
16:21:10.0933 8176	wscsvc - ok
16:21:10.0933 8176	WSearch - ok
16:21:11.0136 8176	wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
16:21:11.0214 8176	wuauserv - ok
16:21:11.0370 8176	WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
16:21:11.0432 8176	WudfPf - ok
16:21:11.0463 8176	WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:11.0510 8176	WUDFRd - ok
16:21:11.0541 8176	wudfsvc         (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
16:21:11.0588 8176	wudfsvc - ok
16:21:11.0635 8176	WwanSvc         (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
16:21:11.0666 8176	WwanSvc - ok
16:21:11.0713 8176	yukonw7         (b3eeacf62445e24fbb2cd4b0fb4db026) C:\Windows\system32\DRIVERS\yk62x64.sys
16:21:11.0744 8176	yukonw7 - ok
16:21:11.0775 8176	MBR (0x1B8)     (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
16:21:12.0196 8176	\Device\Harddisk0\DR0 - ok
16:21:12.0196 8176	Boot (0x1200)   (6c4ac01224932aa3e7b28942214e7aa3) \Device\Harddisk0\DR0\Partition0
16:21:12.0196 8176	\Device\Harddisk0\DR0\Partition0 - ok
16:21:12.0212 8176	Boot (0x1200)   (a658c0bbed514bdc8e7a9203f55f0706) \Device\Harddisk0\DR0\Partition1
16:21:12.0212 8176	\Device\Harddisk0\DR0\Partition1 - ok
16:21:12.0259 8176	Boot (0x1200)   (d46a3289f794abb084f50b752566b7a3) \Device\Harddisk0\DR0\Partition2
16:21:12.0259 8176	\Device\Harddisk0\DR0\Partition2 - ok
16:21:12.0274 8176	Boot (0x1200)   (5007b345a485cc457e429edf1bd7d4b1) \Device\Harddisk0\DR0\Partition3
16:21:12.0274 8176	\Device\Harddisk0\DR0\Partition3 - ok
16:21:12.0274 8176	============================================================
16:21:12.0274 8176	Scan finished
16:21:12.0274 8176	============================================================
16:21:12.0290 8760	Detected object count: 6
16:21:12.0290 8760	Actual detected object count: 6
         
Oder meinst du ein screenshot von dem Ergebnisfenster?

VG Danke Sascha

Antwort

Themen zu GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!
4d36e972-e325-11ce-bfc1-08002be10318, autorun, bho, bingbar, browser, conduit, converter, emsisoft, explorer, feedback, firefox, format, frage, google earth, helper, home, launch, logfile, mp3, netzwerk, nvstor.sys, object, plug-in, realtek, registry, rundll, searchscopes, security, services.exe, software, temp, trojaner, updates, usb, usb 3.0, version=1.0, warum, windows, wrapper




Ähnliche Themen: GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!


  1. 2x | SOS gvu trojaner hat zugeschlagen, abgesicherte modus geht auch nicht. Wie werde ich den virus los?
    Mülltonne - 02.02.2013 (14)
  2. Ukash! Der BKA-Trojaner hat auch bei mir zugeschlagen
    Plagegeister aller Art und deren Bekämpfung - 27.09.2012 (4)
  3. bei mir auch: Verschlüsselungstrojaner hat zugeschlagen
    Plagegeister aller Art und deren Bekämpfung - 26.04.2012 (1)
  4. Weißer Bildschirm, auch bei uns hat der Trojaner zugeschlagen
    Log-Analyse und Auswertung - 12.04.2012 (6)
  5. [doppelt] 50 Euro Virus hat auch bei mir zugeschlagen!
    Mülltonne - 18.01.2012 (1)
  6. Sparkassen-Trojaner hat jetzt auch bei mir zugeschlagen
    Log-Analyse und Auswertung - 29.03.2011 (2)
  7. Anti Malware Doctor auch bei mir zugeschlagen
    Plagegeister aller Art und deren Bekämpfung - 10.05.2010 (2)
  8. Jetzt hat's mich auch erwischt (Newbie)!
    Log-Analyse und Auswertung - 17.01.2008 (23)
  9. escan log (newbie)
    Mülltonne - 09.04.2007 (0)
  10. icq virus...hat er auch bei mir zugeschlagen ??
    Log-Analyse und Auswertung - 22.02.2007 (8)
  11. Newbie braucht Hilfe
    Log-Analyse und Auswertung - 03.07.2005 (4)
  12. newbie needs help
    Log-Analyse und Auswertung - 10.04.2005 (11)
  13. newbie bittet um log- auswertung
    Log-Analyse und Auswertung - 21.01.2005 (3)
  14. Fixen - aber wie? (newbie^^)
    Log-Analyse und Auswertung - 11.01.2005 (3)
  15. Newbie - Sub7 !?!?!?
    Plagegeister aller Art und deren Bekämpfung - 11.05.2003 (29)
  16. Programmliste für Newbie
    Alles rund um Windows - 24.03.2003 (20)
  17. Linux-Newbie
    Alles rund um Mac OSX & Linux - 01.11.2002 (7)

Zum Thema GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! - Hi Community, bin neu hier und habe schon diverse Berichte zu dem GVU/ BSI Trojaner gelesen, nachdem dieser den Lap meiner Mutter Gestern befallen hat. Im Gegensatz zu vielen, hatte - GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung!...
Archiv
Du betrachtest: GVU auch bei mir zugeschlagen! Newbie benötigt unterstützung! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.