Falsche seiten werden geöffnet

Kulzhar · 03.11.2012, 16:28

Hallo
Mein Problem ist, dass bei mir teilweise falsche Websites geöffnet werden.
Vor allem bei Google werde ich oft auf andere Seiten verlinkt.
Ein weiteres Problem ist das mein Browser (Chrome) momentan sehr langsam ist.
(ich habs auch schon mit anderen Browsern versucht (firefox und IE) diese laufen ebenfalls sehr langsam).
Momentan lasse ich einen Malewarebytes Scan durchlaufen.
Ich hoffe ihr könnte mir helfen.

MfG
Kulzhar

markusg · 03.11.2012, 17:05

hi, brich den scan erst mal ab, bzw wenn fertig, nichts löschen und log posten.
will mir erst mal nen überblick verschaffen
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

Kulzhar · 03.11.2012, 20:52

-.- der scan wurde abgebrochen
aber hier ist der OTL scan

Code:

ATTFilter

OTL logfile created on: 03.11.2012 20:36:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alex\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,19 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 57,06% Memory free
6,37 Gb Paging File | 4,52 Gb Available in Paging File | 70,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,40 Gb Total Space | 693,81 Gb Free Space | 74,49% Space Free | Partition Type: NTFS
Drive E: | 7,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.03 18:31:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Alex\Downloads\OTL.exe
PRC - [2012.11.01 16:35:46 | 001,909,760 | ---- | M] (Curse) -- C:\Users\Alex\AppData\Local\Apps\2.0\T6Q6LYGW.0W2\QEB3KXNV.79G\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\CurseClient.exe
PRC - [2012.10.26 13:31:22 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.09.28 02:38:42 | 000,473,088 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012.09.28 02:38:02 | 000,217,600 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012.08.29 11:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe
PRC - [2012.08.29 11:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
PRC - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.13 10:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 10:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.02 11:33:28 | 002,673,064 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.06.20 17:13:12 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Winamp\winampa.exe
PRC - [2012.06.20 12:18:08 | 001,568,976 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
PRC - [2012.05.11 08:45:48 | 003,920,496 | R--- | M] (VIA) -- C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
PRC - [2012.05.04 12:32:44 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) -- C:\Windows\System32\ViakaraokeSrv.exe
PRC - [2012.03.15 06:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
PRC - [2012.03.02 13:41:20 | 000,025,464 | ---- | M] (Uniblue Systems Limited) -- C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
PRC - [2012.01.27 10:40:44 | 000,291,608 | R--- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012.01.13 13:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\GUI.exe
PRC - [2011.12.16 11:30:40 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2011.12.16 11:30:38 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
PRC - [2011.12.08 15:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) -- C:\Program Files\Intel\iCLS Client\HeciServer.exe
PRC - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011.11.29 19:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2011.08.30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
PRC - [2011.07.12 09:14:26 | 000,331,776 | R--- | M] (VIA Technologies, Inc.) -- C:\VIA_XHCI\usb3Monitor.exe
PRC - [2010.11.15 12:21:56 | 000,841,544 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe
PRC - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
PRC - [2010.10.22 02:00:00 | 002,105,344 | R--- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WLanGUI.exe
PRC - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) -- C:\Program Files\avmwlanstick\WlanNetService.exe
PRC - [2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009.07.14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.02 11:59:16 | 000,253,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsFormsIntegra#\a64f6c2fbfed13a2bff7a4d5d00f700b\WindowsFormsIntegration.ni.dll
MOD - [2012.11.02 11:58:00 | 000,096,768 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\4add87007e0864467659e6a248a7fe06\UIAutomationProvider.ni.dll
MOD - [2012.11.02 11:57:59 | 000,762,368 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbb4966fd679de3336ad5a15e44e1cb2\System.Runtime.Remoting.ni.dll
MOD - [2012.11.02 11:57:53 | 001,781,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\adf79290d55b53d72aaedf49dc0ab05c\System.Xaml.ni.dll
MOD - [2012.11.02 07:54:00 | 013,197,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\31649acbb300c306f8359f26e94572a9\System.Windows.Forms.ni.dll
MOD - [2012.11.02 07:51:16 | 017,998,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\2be5c267837bce48c2588db1cb45a218\PresentationFramework.ni.dll
MOD - [2012.11.02 07:51:07 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\2dc4170e59c6defec194ce1d3b7e9b6e\PresentationCore.ni.dll
MOD - [2012.11.02 07:51:00 | 003,856,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\874de73de0aefaefe4d1226396d1b0c3\WindowsBase.ni.dll
MOD - [2012.11.02 07:50:59 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\124775115f8585454f2f7470b74a7d8d\PresentationFramework.Aero.ni.dll
MOD - [2012.11.02 07:48:06 | 001,666,048 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\3d0c73f63305fa092666e6488634d025\System.Drawing.ni.dll
MOD - [2012.11.02 07:46:44 | 005,618,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\6e70ff4b74bed30aa8751253ed8aee56\System.Xml.ni.dll
MOD - [2012.11.02 07:46:43 | 007,052,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\0ad566912479454ed9ce37fb09de2715\System.Core.ni.dll
MOD - [2012.11.02 07:46:42 | 000,980,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\4b1f1878bf47391d09f9e256fde70e4b\System.Configuration.ni.dll
MOD - [2012.11.02 07:46:38 | 009,090,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\5339ecdda252537e37def11dc77c77aa\System.ni.dll
MOD - [2012.11.02 07:46:32 | 014,413,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\1bdf7de454340e0ea9fc455aeaec49d9\mscorlib.ni.dll
MOD - [2012.11.01 16:35:51 | 000,009,728 | ---- | M] () -- C:\Users\Alex\AppData\Local\Apps\2.0\T6Q6LYGW.0W2\QEB3KXNV.79G\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\Curse.CurseClient.WowDb.dll
MOD - [2012.11.01 16:35:50 | 000,099,840 | ---- | M] () -- C:\Users\Alex\AppData\Local\Apps\2.0\T6Q6LYGW.0W2\QEB3KXNV.79G\curs..tion_9e9e83ddf3ed3ead_0005.0001_161f1f0e4761792c\Curse.CurseClient.CMOD2.dll
MOD - [2012.08.10 15:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.04 20:59:45 | 000,401,408 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\496033ebd93c3381e4ba09486bf23cc3\System.Xml.Linq.ni.dll
MOD - [2012.07.04 20:59:19 | 001,670,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\3eaec5bc57c67c3b24ca2bb281ca249d\Microsoft.VisualBasic.ni.dll
MOD - [2012.07.04 20:59:11 | 002,295,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\c366ebd7f33816762268154efc68176d\System.Core.ni.dll
MOD - [2012.07.04 20:58:48 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\3848d7865bda88a9e94e03480b5ada2f\System.Runtime.Serialization.ni.dll
MOD - [2012.07.04 20:58:47 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\26a852935ab27c328a148effb43a76bf\SMDiagnostics.ni.dll
MOD - [2012.07.04 20:58:46 | 017,400,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7900b4e8c860d8b4a3c1f98047c3c1a3\System.ServiceModel.ni.dll
MOD - [2012.07.04 20:58:30 | 000,487,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7860b1d24dacfa449916baa2907cbf57\IAStorUtil.ni.dll
MOD - [2012.07.04 20:58:30 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\4046e3a2980b327d350b253f727d9a55\IAStorCommon.ni.dll
MOD - [2012.07.04 20:07:20 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\fc626095c194be137bceb219934b06a7\PresentationFramework.Aero.ni.dll
MOD - [2012.07.04 20:07:18 | 014,325,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\517358eb2fd962a942dd1ea6afc5b93e\PresentationFramework.ni.dll
MOD - [2012.07.04 20:07:11 | 012,218,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\e9d0ba41128f363f2390c7e630129c2b\PresentationCore.ni.dll
MOD - [2012.07.04 20:07:05 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012.07.04 20:06:50 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\37aa8a6e1a69671c23eb916417629682\System.Deployment.ni.dll
MOD - [2012.07.04 20:06:49 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.07.04 20:06:42 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.07.04 20:06:38 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
MOD - [2012.07.04 20:06:35 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.07.04 20:06:30 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.07.04 20:06:30 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.07.04 20:06:30 | 000,680,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\61af058c2bc079f28397a29ed145fbc7\System.Security.ni.dll
MOD - [2012.07.04 20:06:28 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.07.04 20:06:25 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2012.05.11 08:45:26 | 000,080,496 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
MOD - [2012.05.11 08:45:24 | 000,113,264 | R--- | M] () -- C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
MOD - [2012.03.08 09:17:22 | 000,294,912 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\MFCCPU.DLL
MOD - [2012.03.08 08:19:40 | 000,614,467 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\work.dll
MOD - [2012.03.07 10:41:00 | 002,814,023 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\Normal.dll
MOD - [2012.03.01 08:14:46 | 001,335,362 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\HM.dll
MOD - [2012.02.02 19:47:44 | 000,192,512 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\GVTunner.dll
MOD - [2012.01.20 15:18:54 | 001,478,724 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\OCK.dll
MOD - [2012.01.13 13:04:16 | 000,219,760 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\GUI.exe
MOD - [2012.01.06 02:24:33 | 000,094,208 | ---- | M] () -- C:\Windows\System32\IccLibDll.dll
MOD - [2011.12.06 13:44:22 | 000,106,496 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\SF.dll
MOD - [2011.10.18 08:26:16 | 000,024,576 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\STT.dll
MOD - [2011.09.14 16:12:30 | 000,102,400 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\ycc.dll
MOD - [2011.03.01 18:00:58 | 000,126,976 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\StabilityLib.dll
MOD - [2010.10.19 09:59:46 | 000,065,536 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\GPTT.dll
MOD - [2010.06.24 14:50:08 | 000,094,208 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\IccLibDll.dll
MOD - [2010.06.10 14:52:24 | 000,110,592 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\AMD8.dll
MOD - [2010.03.12 04:40:58 | 004,449,632 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\Platform.dll
MOD - [2010.03.12 04:40:56 | 000,423,256 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\Device.dll
MOD - [2009.06.10 13:14:06 | 000,397,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Deployment.resources\2.0.0.0_de_b03f5f7f11d50a3a\System.Deployment.resources.dll
MOD - [2009.06.10 13:14:06 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.06.10 13:14:06 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2009.06.08 09:37:32 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2009.06.08 09:37:28 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Serialization.resources\3.0.0.0_de_b77a5c561934e089\System.Runtime.Serialization.resources.dll
MOD - [2008.05.07 14:22:58 | 000,102,400 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\CIAMIB.dll
MOD - [2003.02.14 13:11:46 | 000,102,400 | ---- | M] () -- C:\Program Files\GIGABYTE\ET6\Sound.dll
MOD - [2001.03.02 11:02:04 | 000,037,808 | ---- | M] () -- C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
 
 
========== Services (SafeList) ==========
 
SRV - [2012.11.01 18:13:25 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.01 16:35:56 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.24 18:49:17 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.02 20:19:04 | 000,743,320 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.09.28 02:38:02 | 000,217,600 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.08.29 11:03:36 | 001,385,896 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.08.13 12:33:30 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.07.02 11:33:28 | 002,673,064 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.06.16 03:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe -- (N360)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.04 12:32:44 | 000,027,760 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\System32\ViakaraokeSrv.exe -- (VIAKaraokeService)
SRV - [2012.03.22 12:29:58 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.03.15 06:20:30 | 000,370,504 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe -- (SSUService)
SRV - [2011.12.16 11:30:40 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011.12.16 11:30:38 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011.12.16 10:02:56 | 000,161,560 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
SRV - [2011.12.08 15:32:50 | 000,423,136 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2011.11.29 19:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011.08.30 14:55:54 | 000,160,256 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)
SRV - [2010.11.15 12:21:54 | 000,477,000 | ---- | M] (Splashtop Inc.) [Auto | Running] -- C:\Program Files\Splashtop\Splashtop Connect\BackService.exe -- (SCBackService)
SRV - [2010.10.22 02:00:00 | 000,376,832 | ---- | M] (AVM Berlin) [Auto | Running] -- C:\Program Files\avmwlanstick\WlanNetService.exe -- (AVM WLAN Connection Service)
SRV - [2010.04.06 15:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\System32\AppleChargerSrv.exe -- (AppleChargerSrv)
SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
 
 
========== Driver Services (SafeList) ==========
 
DRV - [2012.11.03 18:52:40 | 000,024,944 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\GVTDrv.sys -- (GVTDrv)
DRV - [2012.11.03 18:52:29 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)
DRV - [2012.11.02 20:27:48 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV - [2012.11.01 22:45:04 | 000,141,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SYMEVENT.SYS -- (SymEvent)
DRV - [2012.11.01 16:05:14 | 000,386,720 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121102.001\IDSvix86.sys -- (IDSVix86)
DRV - [2012.11.01 01:00:00 | 001,601,184 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121102.021\NAVEX15.SYS -- (NAVEX15)
DRV - [2012.11.01 01:00:00 | 000,376,480 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys -- (eeCtrl)
DRV - [2012.11.01 01:00:00 | 000,106,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2012.11.01 01:00:00 | 000,092,704 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121102.021\NAVENG.SYS -- (NAVENG)
DRV - [2012.10.05 18:25:38 | 000,995,488 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121005.002\BHDrvx86.sys -- (BHDrvx86)
DRV - [2012.10.05 13:22:36 | 000,017,488 | ---- | M] (Windows (R) 2000 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)
DRV - [2012.09.28 03:20:20 | 009,107,968 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012.09.28 02:12:10 | 000,370,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2012.07.06 03:17:57 | 000,574,112 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\N360\0604000.009\srtsp.sys -- (SRTSP)
DRV - [2012.07.06 03:17:57 | 000,032,928 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604000.009\srtspx.sys -- (SRTSPX)
DRV - [2012.06.07 05:43:43 | 000,132,768 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604000.009\ccsetx86.sys -- (ccSet_N360)
DRV - [2012.05.22 02:37:12 | 000,924,320 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\System32\drivers\N360\0604000.009\symefa.sys -- (SymEFA)
DRV - [2012.05.14 07:12:28 | 000,086,656 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdW73.sys -- (AtiHDAudioService)
DRV - [2012.05.04 12:32:34 | 001,832,560 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2012.03.27 15:13:20 | 000,792,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV - [2012.03.27 15:13:20 | 000,349,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\iusb3hub.sys -- (iusb3hub)
DRV - [2012.01.27 10:39:34 | 000,013,592 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV - [2012.01.20 05:38:14 | 000,174,592 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ViaHub3.sys -- (VUSB3HUB)
DRV - [2012.01.20 05:38:06 | 000,210,432 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\xhcdrv.sys -- (xhcdrv)
DRV - [2011.12.06 12:22:01 | 000,280,576 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcDAud.sys -- (IntcDAud)
DRV - [2011.11.16 20:38:00 | 000,318,584 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604000.009\symnets.sys -- (SymNetS)
DRV - [2011.11.16 20:17:48 | 000,149,624 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\N360\0604000.009\ironx86.sys -- (SymIRON)
DRV - [2011.11.09 23:52:02 | 000,046,080 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\HECI.sys -- (MEI)
DRV - [2011.11.02 09:48:36 | 000,019,056 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\AppleCharger.sys -- (AppleCharger)
DRV - [2011.08.15 23:51:40 | 000,340,088 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\N360\0604000.009\symds.sys -- (SymDS)
DRV - [2011.08.11 23:54:02 | 000,088,176 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\L1C62x86.sys -- (L1C)
DRV - [2011.08.09 06:42:48 | 000,277,808 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\mvs91xx.sys -- (mvs91xx)
DRV - [2010.10.22 02:00:00 | 000,586,752 | ---- | M] (AVM GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\fwlanusbn.sys -- (fwlanusbn)
DRV - [2010.10.22 02:00:00 | 000,004,352 | R--- | M] (AVM Berlin) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\avmeject.sys -- (avmeject)
DRV - [2009.09.16 07:02:40 | 000,027,136 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\tap0901t.sys -- (tap0901t)
DRV - [2009.07.14 02:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2009.07.14 02:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2009.07.14 02:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2009.07.14 00:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009.07.14 00:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2009.07.14 00:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2009.03.18 15:35:40 | 000,026,176 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\hamachi.sys -- (hamachi)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.searchgateway.net/search/
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.searchgateway.net/search/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.searchgateway.net/search/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 C4 06 12 D5 B9 CD 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {0F3DC9E0-C459-4a40-BCF8-747BD9322E10} - C:\Program Files\Splashtop\Splashtop Connect IE\AddressBarSearch.dll (Splashtop Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {D320EEDA-BCAA-4029-B697-0CEFB900B0FB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{9F9518B8-8CA4-46EC-9806-02EDAA096D41}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=aba7d435-b559-42d3-9b75-dd745adef5ba&apn_sauid=91A2CCA2-F037-40D6-A749-56A2FFECB1EB
IE - HKCU\..\SearchScopes\{D320EEDA-BCAA-4029-B697-0CEFB900B0FB}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
IE - HKCU\..\SearchScopes\{D4F10B10-2138-41df-AAE6-D2593A9E1C6B}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
IE - HKCU\..\SearchScopes\{ECAD6F29-8A40-4013-96A3-D5F0274EAB0A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 2
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-3&o=APN10395&locale=de_DE&apn_uid=aba7d435-b559-42d3-9b75-dd745adef5ba&apn_ptnrs=%5EABT&apn_sauid=91A2CCA2-F037-40D6-A749-56A2FFECB1EB&apn_dtid=%5EYYYYYY%5EYY%5EDE&&q="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.52: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Alex\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Alex\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\ [2012.11.01 22:45:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\ [2012.11.03 18:54:19 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.01 17:30:46 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
 
[2012.11.01 17:33:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Alex\AppData\Roaming\mozilla\Extensions
[2012.11.01 17:30:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2012.11.01 22:45:32 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPLGN
[2012.10.24 18:50:04 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.10.24 23:03:12 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.24 23:03:11 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.10.24 23:03:12 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.24 23:03:12 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.24 23:03:12 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.24 23:03:11 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
CHR - plugin: registryAccess (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj\7.15.4.0_0\background/registryAccess.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U5 (Enabled) = C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Alex\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Skype Click to Call = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\6.2.0.10687_0\
CHR - Extension: Norton Identity Protection = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.6.10_0\
CHR - Extension: Google Mail = C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx ()
O2 - BHO: (Splashtop Connect VisualBookmark) - {0E5680D1-BF44-4929-94AF-FD30D784AD1D} - C:\Program Files\Splashtop\Splashtop Connect IE\STC.dll (Splashtop Inc.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [AVMWlanClient] C:\Program Files\avmwlanstick\wlangui.exe (AVM Berlin)
O4 - HKLM..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [STCAgent] C:\Program Files\Splashtop\Splashtop Connect IE\STCAgent.exe (Splashtop Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [VIAxHCUtl] C:\VIA_XHCI\usb3Monitor.exe (VIA Technologies, Inc.)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKLM..\Run: [ZyngaGamesAgent] C:\Program Files\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe (Splashtop Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [DriverScanner] C:\Program Files\Uniblue\DriverScanner\launcher.exe (Uniblue Systems Limited)
O4 - HKCU..\Run: [Spotify] C:\Users\Alex\AppData\Roaming\Spotify\Spotify.exe (Spotify Ltd)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Alex\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files\Steam\Steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [EasyTuneVI] C:\Program Files\GIGABYTE\ET6\ETCall.exe ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Recovery present
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CCE3711A-C5BF-47DC-A0B3-F898AB770666}: DhcpNameServer = 7.254.254.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E915F753-3DE1-4C25-AD32-5AF2B9A0DD8B}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F322511A-DF4A-4967-B0CD-9C99D615A819}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2005.12.15 02:25:08 | 000,778,240 | R--- | M] (Electronic Arts) - E:\Autorun.exe -- [ CDFS ]
O32 - AutoRun File - [2005.12.17 23:43:04 | 000,000,000 | ---D | M] - E:\autorun -- [ CDFS ]
O32 - AutoRun File - [2005.11.18 22:44:26 | 000,000,049 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{7cda4885-24ef-11e2-8380-902b34327482}\Shell - "" = AutoRun
O33 - MountPoints2\{7cda4885-24ef-11e2-8380-902b34327482}\Shell\AutoRun\command - "" = E:\Autorun.exe -- [2005.12.15 02:25:08 | 000,778,240 | R--- | M] (Electronic Arts)
O33 - MountPoints2\{d337e738-c602-11e1-b720-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{d337e738-c602-11e1-b720-806e6f6e6963}\Shell\AutoRun\command - "" = D:\atisetup.exe
O33 - MountPoints2\{ee80ebd1-c605-11e1-b422-902b34327482}\Shell - "" = AutoRun
O33 - MountPoints2\{ee80ebd1-c605-11e1-b422-902b34327482}\Shell\AutoRun\command - "" = E:\pushinst.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.11.03 16:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2012.11.03 15:24:31 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Malwarebytes
[2012.11.03 15:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.11.03 15:24:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.11.03 15:24:06 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2012.11.03 11:16:14 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Die ersten 10 Jahre
[2012.11.02 20:27:48 | 000,242,240 | ---- | C] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012.11.02 10:50:21 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.11.02 09:49:02 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\vlc
[2012.11.02 09:48:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.11.02 09:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\VideoLAN
[2012.11.02 08:43:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\CrashDumps
[2012.11.02 08:26:49 | 000,000,000 | ---D | C] -- C:\neu
[2012.11.02 08:26:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\.swt
[2012.11.02 08:14:09 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
[2012.11.02 07:45:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.11.01 23:41:54 | 000,000,000 | ---D | C] -- C:\N360_BACKUP
[2012.11.01 22:49:42 | 000,318,584 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\symnets.sys
[2012.11.01 22:49:41 | 000,924,320 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\symefa.sys
[2012.11.01 22:49:41 | 000,574,112 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\srtsp.sys
[2012.11.01 22:49:41 | 000,340,088 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\symds.sys
[2012.11.01 22:49:41 | 000,149,624 | R--- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\ironx86.sys
[2012.11.01 22:49:41 | 000,032,928 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\srtspx.sys
[2012.11.01 22:49:40 | 000,132,768 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\N360\0604000.009\ccsetx86.sys
[2012.11.01 22:49:25 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360\0604000.009
[2012.11.01 22:45:04 | 000,141,944 | ---- | C] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012.11.01 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2012.11.01 22:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2012.11.01 22:44:42 | 000,000,000 | ---D | C] -- C:\Windows\System32\drivers\N360
[2012.11.01 22:44:41 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2012.11.01 22:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\Norton 360
[2012.11.01 22:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\NortonInstaller
[2012.11.01 22:39:10 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (10)
[2012.11.01 19:06:45 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Macromedia
[2012.11.01 19:06:44 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (9)
[2012.11.01 18:37:04 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
[2012.11.01 18:26:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Norton
[2012.11.01 18:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\NortonInstaller
[2012.11.01 18:13:24 | 000,000,000 | ---D | C] -- C:\Windows\System32\Macromed
[2012.11.01 17:31:49 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Mozilla
[2012.11.01 17:31:49 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Mozilla
[2012.11.01 17:30:47 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Maintenance Service
[2012.11.01 17:30:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2012.11.01 17:30:46 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.10.31 13:08:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood
[2012.10.31 13:07:15 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westwood
[2012.10.31 13:07:10 | 000,000,000 | ---D | C] -- C:\WESTWOOD
[2012.10.31 10:50:41 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (8)
[2012.10.31 09:29:28 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Logitech
[2012.10.31 09:29:22 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012.10.31 09:28:01 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2012.10.31 09:28:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012.10.31 09:27:59 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2012.10.31 09:27:39 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Logitech
[2012.10.31 09:27:39 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\Logishrd
[2012.10.30 09:29:47 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\Smartbar
[2012.10.29 20:07:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2012.10.29 20:06:58 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2012.10.29 20:06:58 | 000,000,000 | ---D | C] -- C:\Program Files\DAEMON Tools Lite
[2012.10.29 20:05:13 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.10.29 19:54:37 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Neuer Ordner (7)
[2012.10.26 13:43:03 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2012.10.26 13:43:02 | 000,000,000 | ---D | C] -- C:\Program Files\AMD AVT
[2012.10.26 13:42:59 | 000,000,000 | ---D | C] -- C:\Program Files\AMD APP
[2012.10.26 13:42:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2012.10.26 13:40:01 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2012.10.20 14:28:33 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.10.20 10:45:44 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Tunngle
[2012.10.20 10:45:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
[2012.10.20 10:45:44 | 000,000,000 | ---D | C] -- C:\Program Files\Tunngle
[2012.10.11 16:44:35 | 000,000,000 | ---D | C] -- C:\Users\Alex\Desktop\Excell
[2012.10.06 11:33:31 | 000,000,000 | ---D | C] -- C:\Users\Alex\AppData\Local\ElevatedDiagnostics
[2012.10.05 15:22:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
[2012.10.05 15:22:56 | 000,000,000 | ---D | C] -- C:\Program Files\Defraggler
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.03 19:52:01 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1652894691-1327253341-3987697501-1000UA.job
[2012.11.03 19:41:02 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.03 18:59:38 | 000,018,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.03 18:59:38 | 000,018,192 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.03 18:58:13 | 000,651,768 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.11.03 18:58:13 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.11.03 18:58:13 | 000,129,468 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.11.03 18:58:13 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.11.03 18:52:40 | 000,024,944 | ---- | M] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2012.11.03 18:52:40 | 000,000,004 | ---- | M] () -- C:\Windows\System32\GVTunner.ref
[2012.11.03 18:52:25 | 000,000,326 | ---- | M] () -- C:\Windows\tasks\DriverScanner.job
[2012.11.03 18:52:17 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2012.11.03 18:52:11 | 000,295,320 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.11.03 18:52:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.03 18:52:02 | 1188,030,576 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.11.03 18:52:01 | 2566,832,128 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.03 17:40:37 | 000,023,206 | ---- | M] () -- C:\Users\Alex\Desktop\cnc95_ra1_lanpatch_1_01.zip
[2012.11.03 16:52:24 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1652894691-1327253341-3987697501-1000Core.job
[2012.11.03 15:24:11 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.03 13:51:20 | 000,001,214 | ---- | M] () -- C:\Users\Public\Desktop\Command & Conquer Die ersten 10 Jahre.lnk
[2012.11.02 20:40:02 | 000,001,900 | ---- | M] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.02 20:28:18 | 001,503,819 | ---- | M] () -- C:\Windows\System32\drivers\N360\0604000.009\Cat.DB
[2012.11.02 20:27:48 | 000,242,240 | ---- | M] (DT Soft Ltd) -- C:\Windows\System32\drivers\dtsoftbus01.sys
[2012.11.02 10:59:42 | 000,001,722 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.11.02 09:48:57 | 000,001,028 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.02 07:40:31 | 000,002,221 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012.11.01 22:49:43 | 000,010,074 | ---- | M] () -- C:\Windows\System32\drivers\N360\0604000.009\VT20121008.022
[2012.11.01 22:45:04 | 000,141,944 | ---- | M] (Symantec Corporation) -- C:\Windows\System32\drivers\SYMEVENT.SYS
[2012.11.01 22:45:04 | 000,007,468 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012.11.01 22:45:04 | 000,000,806 | ---- | M] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012.11.01 22:43:43 | 000,001,320 | ---- | M] () -- C:\Users\Alex\Desktop\Norton Installation Files.lnk
[2012.11.01 17:30:52 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.01 17:20:39 | 000,000,368 | ---- | M] () -- C:\ProgramData\oUUvGmFetjZG7j
[2012.11.01 17:19:45 | 000,000,176 | ---- | M] () -- C:\ProgramData\-oUUvGmFetjZG7jr
[2012.11.01 17:19:45 | 000,000,160 | ---- | M] () -- C:\ProgramData\-oUUvGmFetjZG7j
[2012.10.30 00:33:00 | 000,000,000 | ---- | M] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2012.10.28 12:16:38 | 000,516,850 | ---- | M] () -- C:\Users\Alex\Desktop\nottetris.png
[2012.10.28 12:14:58 | 000,519,591 | ---- | M] () -- C:\Users\Alex\Desktop\Tetris.png
[2012.10.26 13:34:22 | 000,017,118 | ---- | M] () -- C:\Users\Alex\Desktop\nicht fertig.odt
[2012.10.20 10:45:44 | 000,000,977 | ---- | M] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012.10.20 10:45:44 | 000,000,953 | ---- | M] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.10.16 21:19:01 | 000,014,103 | ---- | M] () -- C:\Users\Alex\Desktop\BlockBericht12345.odt
[2012.10.10 18:07:40 | 003,236,047 | ---- | M] () -- C:\Users\Alex\Desktop\The 69 Eyes - Devils (Import) - 05 - The Lost Boys.m4a
[2012.10.05 15:22:57 | 000,001,867 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
 
========== Files Created - No Company Name ==========
 
[2012.11.03 18:52:02 | 1188,030,576 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.11.03 17:40:35 | 000,023,206 | ---- | C] () -- C:\Users\Alex\Desktop\cnc95_ra1_lanpatch_1_01.zip
[2012.11.03 15:24:11 | 000,001,071 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.11.03 13:51:20 | 000,001,214 | ---- | C] () -- C:\Users\Public\Desktop\Command & Conquer Die ersten 10 Jahre.lnk
[2012.11.02 20:40:02 | 000,001,900 | ---- | C] () -- C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
[2012.11.02 10:59:42 | 000,001,722 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.11.02 09:48:57 | 000,001,028 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2012.11.02 07:39:54 | 001,503,819 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\Cat.DB
[2012.11.01 22:49:55 | 000,010,074 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\VT20121008.022
[2012.11.01 22:49:41 | 000,007,492 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symds.cat
[2012.11.01 22:49:41 | 000,007,458 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symnet.cat
[2012.11.01 22:49:41 | 000,007,434 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symefa.cat
[2012.11.01 22:49:41 | 000,007,398 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\srtspx.cat
[2012.11.01 22:49:41 | 000,007,380 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\srtsp.cat
[2012.11.01 22:49:41 | 000,003,435 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symefa.inf
[2012.11.01 22:49:41 | 000,002,852 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symds.inf
[2012.11.01 22:49:41 | 000,001,441 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\symnet.inf
[2012.11.01 22:49:41 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\srtspx.inf
[2012.11.01 22:49:41 | 000,001,388 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\srtsp.inf
[2012.11.01 22:49:40 | 000,007,450 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\iron.cat
[2012.11.01 22:49:40 | 000,007,446 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\ccsetx86.cat
[2012.11.01 22:49:40 | 000,000,827 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\ccsetx86.inf
[2012.11.01 22:49:40 | 000,000,742 | R--- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\iron.inf
[2012.11.01 22:49:25 | 000,000,172 | ---- | C] () -- C:\Windows\System32\drivers\N360\0604000.009\isolate.ini
[2012.11.01 22:45:04 | 000,007,468 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.CAT
[2012.11.01 22:45:04 | 000,000,806 | ---- | C] () -- C:\Windows\System32\drivers\SYMEVENT.INF
[2012.11.01 22:44:54 | 000,002,221 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2012.11.01 18:37:04 | 000,001,320 | ---- | C] () -- C:\Users\Alex\Desktop\Norton Installation Files.lnk
[2012.11.01 18:13:25 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.01 17:30:52 | 000,001,121 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.11.01 17:30:52 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.11.01 17:19:45 | 000,000,176 | ---- | C] () -- C:\ProgramData\-oUUvGmFetjZG7jr
[2012.11.01 17:19:45 | 000,000,160 | ---- | C] () -- C:\ProgramData\-oUUvGmFetjZG7j
[2012.11.01 17:19:42 | 000,000,368 | ---- | C] () -- C:\ProgramData\oUUvGmFetjZG7j
[2012.10.30 00:33:00 | 000,000,000 | ---- | C] () -- C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
[2012.10.28 12:16:38 | 000,516,850 | ---- | C] () -- C:\Users\Alex\Desktop\nottetris.png
[2012.10.28 12:14:57 | 000,519,591 | ---- | C] () -- C:\Users\Alex\Desktop\Tetris.png
[2012.10.26 13:34:21 | 000,017,118 | ---- | C] () -- C:\Users\Alex\Desktop\nicht fertig.odt
[2012.10.20 10:45:44 | 000,000,977 | ---- | C] () -- C:\Users\Alex\Application Data\Microsoft\Internet Explorer\Quick Launch\Tunngle beta.lnk
[2012.10.20 10:45:44 | 000,000,953 | ---- | C] () -- C:\Users\Public\Desktop\Tunngle beta.lnk
[2012.10.16 21:18:59 | 000,014,103 | ---- | C] () -- C:\Users\Alex\Desktop\BlockBericht12345.odt
[2012.10.10 18:07:31 | 003,236,047 | ---- | C] () -- C:\Users\Alex\Desktop\The 69 Eyes - Devils (Import) - 05 - The Lost Boys.m4a
[2012.10.06 11:25:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\Ikeext.etl
[2012.10.05 15:22:57 | 000,001,867 | ---- | C] () -- C:\Users\Public\Desktop\Defraggler.lnk
[2012.10.05 15:10:21 | 000,000,004 | ---- | C] () -- C:\Windows\System32\GVTunner.ref
[2012.09.28 14:36:56 | 000,180,224 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012.07.08 12:22:46 | 000,000,174 | ---- | C] () -- C:\Windows\DieVölker.ini
[2012.07.05 11:37:55 | 000,015,565 | ---- | C] () -- C:\Windows\System32\drivers\fwlanusbn.bin
[2012.07.04 19:52:34 | 000,651,768 | ---- | C] () -- C:\Windows\System32\perfh007.dat
[2012.07.04 19:52:34 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat
[2012.07.04 19:52:34 | 000,129,468 | ---- | C] () -- C:\Windows\System32\perfc007.dat
[2012.07.04 19:52:34 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat
[2012.07.04 19:26:54 | 000,024,944 | ---- | C] () -- C:\Windows\System32\drivers\GVTDrv.sys
[2012.07.04 19:26:23 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.07.04 19:24:22 | 000,204,952 | ---- | C] () -- C:\Windows\System32\ativvsvl.dat
[2012.07.04 19:24:22 | 000,157,144 | ---- | C] () -- C:\Windows\System32\ativvsva.dat
[2012.07.04 19:24:21 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2012.07.04 19:19:41 | 000,031,272 | ---- | C] () -- C:\Windows\System32\AppleChargerSrv.exe
[2012.07.04 19:19:41 | 000,019,056 | ---- | C] () -- C:\Windows\System32\drivers\AppleCharger.sys
[2012.07.04 19:16:51 | 000,094,208 | ---- | C] () -- C:\Windows\System32\IccLibDll.dll
[2012.07.04 19:16:50 | 000,000,264 | ---- | C] () -- C:\Windows\System32\GfxUI.exe.config
[2012.07.04 19:16:35 | 000,015,128 | ---- | C] () -- C:\Windows\System32\drivers\IntelMEFWVer.dll
[2012.07.04 19:15:02 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini
[2012.05.23 16:31:02 | 000,632,252 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012.05.02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\System32\kdbsdk32.dll
[2012.03.19 15:37:10 | 000,755,188 | ---- | C] () -- C:\Windows\System32\igkrng700.bin
[2012.03.19 15:37:10 | 000,561,508 | ---- | C] () -- C:\Windows\System32\igfcg700m.bin
[2012.03.19 15:25:56 | 000,058,880 | ---- | C] () -- C:\Windows\System32\igdde32.dll
[2012.03.19 14:23:36 | 013,024,256 | ---- | C] () -- C:\Windows\System32\ig7icd32.dll
[2012.03.19 14:11:20 | 000,009,216 | ---- | C] ( ) -- C:\Windows\System32\IGFXDEVLib.dll
[2011.12.08 15:14:58 | 000,001,536 | ---- | C] () -- C:\Windows\System32\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.11.01 17:30:16 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\.minecraft
[2012.11.03 13:35:03 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\DAEMON Tools Lite
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Downloaded Installations
[2012.07.05 12:35:38 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\InterTrust
[2012.10.31 09:29:22 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Leadertech
[2012.07.05 11:40:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LolClient
[2012.08.20 14:12:29 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\LOVE
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Meine Die Schlacht um Mittelerde-Dateien
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\OpenCandy
[2012.11.01 17:30:20 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\OpenOffice.org
[2012.09.08 10:37:56 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\PC Suite
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Reviversoft
[2012.09.08 10:34:01 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Samsung
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Splashtop
[2012.11.03 19:27:37 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Spotify
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\SystemRequirementsLab
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TS3Client
[2012.09.20 15:40:05 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\TuneUp Software
[2012.11.01 17:32:47 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Tunngle
[2012.07.11 11:32:13 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\Uniblue
[2012.07.11 12:22:57 | 000,000,000 | ---D | M] -- C:\Users\Alex\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.09.20 15:39:11 | 000,000,000 | -H-D | M] -- C:\$AVG
[2012.09.27 06:03:33 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.11.01 17:28:52 | 000,000,000 | ---D | M] -- C:\AMD
[2012.11.02 13:11:59 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012.07.04 19:16:38 | 000,000,000 | -H-D | M] -- C:\Intel
[2012.11.01 23:41:54 | 000,000,000 | ---D | M] -- C:\N360_BACKUP
[2012.11.02 08:27:10 | 000,000,000 | ---D | M] -- C:\neu
[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.11.03 16:10:19 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.03 15:24:10 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2012.07.04 19:13:21 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.11.02 10:50:24 | 000,000,000 | ---D | M] -- C:\Riot Games
[2012.11.01 17:29:44 | 000,000,000 | ---D | M] -- C:\Spiele
[2012.11.03 20:37:57 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.09.27 06:04:08 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.01 17:32:54 | 000,000,000 | ---D | M] -- C:\VIA_XHCI
[2012.10.31 13:08:27 | 000,000,000 | ---D | M] -- C:\WESTWOOD
[2012.11.03 18:52:02 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2009.07.14 02:14:11 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009.07.14 05:53:46 | 000,032,610 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2012.07.04 19:37:34 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1652894691-1327253341-3987697501-1000Core.job
[2012.07.04 19:37:35 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1652894691-1327253341-3987697501-1000UA.job
[2012.07.11 11:32:14 | 000,000,326 | ---- | C] () -- C:\Windows\Tasks\DriverScanner.job
[2012.11.01 18:13:25 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
 
< MD5 for: AGP440.SYS  >
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EXPLORER.EXE  >
[2009.07.14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\explorer.exe
[2009.10.31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2010.11.20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2009.08.03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009.08.03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009.10.31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2012.02.01 15:06:58 | 000,470,808 | ---- | M] (Intel Corporation) MD5=76C3966183BD5382E14CEB6DF97D9709 -- C:\Windows\System32\drivers\iaStor.sys
[2012.02.01 15:06:58 | 000,470,808 | ---- | M] (Intel Corporation) MD5=76C3966183BD5382E14CEB6DF97D9709 -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_9bbe5929a2376486\iaStor.sys
[2011.11.29 18:30:40 | 000,470,808 | ---- | M] (Intel Corporation) MD5=E64665E2A6CAEB52C8AE6E5EB6F3FD7C -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_0c41f6a44903289c\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010.11.20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010.11.20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009.07.14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2010.11.20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
[2009.07.14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010.11.20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\System32\user32.dll
[2009.07.14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010.11.20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009.07.14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009.10.28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009.10.28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010.11.20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\4a7f49b3f65af6828820068e5dd598c8\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012.09.29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.09.28 02:39:14 | 000,442,368 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\Windows\system32\atidemgy.dll
 
< %USERPROFILE%\*.* >
[2012.10.16 20:42:46 | 000,029,696 | ---- | M] () -- C:\Users\Alex\BlockBericht.doc
[2012.11.03 20:45:45 | 001,572,864 | -HS- | M] () -- C:\Users\Alex\ntuser.dat
[2012.11.03 20:45:45 | 000,262,144 | -HS- | M] () -- C:\Users\Alex\ntuser.dat.LOG1
[2012.07.04 19:13:29 | 000,000,000 | -HS- | M] () -- C:\Users\Alex\ntuser.dat.LOG2
[2012.09.27 06:18:47 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{43168202-085f-11e2-bea7-902b34327482}.TM.blf
[2012.09.27 06:18:47 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{43168202-085f-11e2-bea7-902b34327482}.TMContainer00000000000000000001.regtrans-ms
[2012.09.27 06:18:47 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{43168202-085f-11e2-bea7-902b34327482}.TMContainer00000000000000000002.regtrans-ms
[2012.09.09 01:11:08 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{6205bede-f9eb-11e1-8592-902b34327482}.TM.blf
[2012.09.09 01:11:08 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{6205bede-f9eb-11e1-8592-902b34327482}.TMContainer00000000000000000001.regtrans-ms
[2012.09.09 01:11:08 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\ntuser.dat{6205bede-f9eb-11e1-8592-902b34327482}.TMContainer00000000000000000002.regtrans-ms
[2012.07.04 19:25:48 | 000,065,536 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2012.07.04 19:25:48 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2012.07.04 19:25:48 | 000,524,288 | -HS- | M] () -- C:\Users\Alex\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2012.07.04 19:13:29 | 000,000,020 | -HS- | M] () -- C:\Users\Alex\ntuser.ini
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
[2012.11.02 07:57:54 | 000,139,672 | ---- | M] (Eclipse Foundation) -- C:\Users\Alex\Local Settings\Temp\swt-win32-3349.dll
[2012.11.02 08:26:14 | 000,430,080 | ---- | M] (Eclipse Foundation) -- C:\Users\Alex\Local Settings\Temp\swt-win32-3740.dll
[27 C:\Users\Alex\Local Settings\Temp\*.tmp files -> C:\Users\Alex\Local Settings\Temp\*.tmp -> ]
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 03.11.2012 20:36:18 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Alex\Downloads
 Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,19 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 57,06% Memory free
6,37 Gb Paging File | 4,52 Gb Available in Paging File | 70,90% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 931,40 Gb Total Space | 693,81 Gb Free Space | 74,49% Space Free | Partition Type: NTFS
Drive E: | 7,01 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: ALEX-PC | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0B0AC24C-CC91-4D38-9C7A-FD3BD11CEC3E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{23C72A89-9C1E-4320-A94A-5B32F85D2D0A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{3EDF4997-9F5C-4161-A574-91CDAB79C568}" = lport=138 | protocol=17 | dir=in | app=system | 
"{4264315F-9CD5-49AC-96C5-2701347A71F8}" = rport=138 | protocol=17 | dir=out | app=system | 
"{5C1E3147-751A-423E-931F-E37A07EA8A73}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6330C704-95AF-4218-9698-F64C3AE1808F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{72374A10-7E19-4D35-9BF5-E9C6FEC80728}" = rport=445 | protocol=6 | dir=out | app=system | 
"{8DD73866-A70C-4127-8987-A1C39F4986F8}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A0B531A3-DCD4-40E7-B009-A605BEF02079}" = lport=137 | protocol=17 | dir=in | app=system | 
"{A22AE847-0B34-42A2-AD47-7C6F05B6FD9B}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E1AF2D0D-586B-4547-935A-79AB8788DDD6}" = rport=139 | protocol=6 | dir=out | app=system | 
"{F6109D60-0BB8-4C2B-AA2C-A93EC0D272F7}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07299CE1-25DE-4FC5-8F98-12C3DB51DE46}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe | 
"{08BC5816-FA91-4F97-AFE9-D42EFD3FF716}" = protocol=17 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe | 
"{13F5D2D2-B6AA-496E-A746-1E1EE81F779E}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | 
"{1786FA73-FC4F-4692-AB8C-76F6B8BE3EC6}" = protocol=6 | dir=in | app=c:\program files\steam\steam.exe | 
"{227A5FAA-F891-4186-B6F5-C3DF11EBBABC}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{28B624EA-352B-455F-A242-2FF27B33FEFF}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{28D10AAB-388F-43ED-A93E-029B9769E1D4}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{2C0BCAC8-A29E-4B2D-9F02-65E97FE0151D}" = protocol=6 | dir=in | app=c:\program files\project64 1.7\project64.exe | 
"{2D77DD8F-6937-4CB2-9599-2A37AFCA0AEE}" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"{3C0B9928-0430-4B39-915F-3DFCC479DF75}" = protocol=6 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{3C929C60-ABE8-4579-9C6B-6F6B8E24D65A}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{3E76ABAC-0CC0-48CC-982C-49DCC19F7129}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\bootstrapper.exe | 
"{41F65A19-D9C7-40C4-B3A9-B54D12863B40}" = protocol=6 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{4298C642-FA60-43C2-ABA7-EBD65AB828D9}" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"{448CF080-3F49-422C-9010-86B719E1D883}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{4FAB4911-4CDC-4396-8B88-CD7B9CCAF919}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{51222704-423D-4068-940B-31E9169ED402}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | 
"{52A655F3-A301-4135-8577-9003707A828B}" = protocol=17 | dir=in | app=c:\program files\project64 1.7\project64.exe | 
"{5E1C568C-4CB8-4272-9353-C3C3AF17A699}" = protocol=17 | dir=in | app=c:\program files\tunngle\tunngle.exe | 
"{6464FBE7-258A-468C-BE2B-D31219480600}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{7860CE8E-DB22-449C-B957-4123215678FA}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{85DA80CB-FE62-49E8-9DB4-F13DB53B1ED7}" = protocol=17 | dir=in | app=c:\program files\tunngle\tnglctrl.exe | 
"{8CAE38A8-F4A8-4D07-850B-3249A097F152}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8E816E83-6B58-44E3-B296-61324194D8DA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{97300FDA-E8DF-4AC5-B726-C4437902E0AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{A2D384CD-E3AC-4BBD-BBDB-ABCD334F79E6}" = protocol=17 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | 
"{B2CB0619-9DD6-49EE-B657-5819D7BDC083}" = protocol=6 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{B71DE712-D0CA-4A51-977E-4AD928BCA958}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B85CE80E-6C01-4657-B30B-D2D1A395B192}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BE2BB211-9538-4453-9A04-774F0D246331}" = protocol=6 | dir=in | app=c:\program files\diablo iii\diablo iii.exe | 
"{C087B842-5EDC-4789-8CC3-9B50286BECA9}" = protocol=58 | dir=in | app=system | 
"{C5E13139-AFA8-4691-8567-7C8C58AB1EFC}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer_service.exe | 
"{CE0A8956-A4E4-4D59-9C57-80C257164879}" = protocol=6 | dir=in | app=c:\program files\electronic arts\battleforge\battleforge.exe | 
"{D426947B-43D6-4874-B75F-B272EBF67C9A}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{D55B4E60-C542-4004-98D1-04978475AD47}" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"{D5FD5CA7-A66B-4D65-9CEE-8BF5A7B7C234}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{D982648F-F3F5-48A3-8CFD-B080273534A7}" = protocol=17 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{DA17B0FB-DFFC-4229-8FCB-58E3E4D5821A}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version7\teamviewer.exe | 
"{DA86A1E2-4CF6-4CE5-AC99-F06F14E4D287}" = protocol=17 | dir=in | app=c:\program files\ea games\die schlacht um mittelerde(tm)\game.dat | 
"{DEA95F08-AE73-4DBE-A63C-C5484A3362F4}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{DED40EED-A2AC-4564-A820-58F8296DF882}" = protocol=6 | dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{E22D916D-0EA2-40D0-8A73-02E8235F1CB5}" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"{E5F3E72C-989D-4D41-8926-30A9D77E8B4D}" = protocol=17 | dir=in | app=c:\program files\steam\steam.exe | 
"{E8C29154-7667-4F5D-9494-FF5676A95963}" = dir=in | app=c:\program files\pando networks\media booster\pmb.exe | 
"{ED8AA317-7FF8-42C7-8A93-6C8265EEC144}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"TCP Query User{0161407B-4E5B-4479-BEE9-62CCA1EC2A76}C:\program files\project64 1.7\project64.exe" = protocol=6 | dir=in | app=c:\program files\project64 1.7\project64.exe | 
"TCP Query User{0320758D-D127-4D72-9E7E-31E8115944EF}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"TCP Query User{075283CA-003D-4E5E-943B-D8FC92625441}C:\program files\warcraft iii\war3.exe" = protocol=6 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
"TCP Query User{0A077B4A-9113-432B-9346-05A124DA9656}C:\users\alex\downloads\downloader_warcraft3_reign_of_chaos_engb.exe" = protocol=6 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_reign_of_chaos_engb.exe | 
"TCP Query User{0C2E2CCC-21E8-4C27-9003-0D8EBB90FFE7}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{1043AEB9-1FB4-4874-9644-D4E04C3A1CA4}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb (1).exe" = protocol=6 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb (1).exe | 
"TCP Query User{47EF3FB4-FC3E-46D5-9124-DE56A58A8FA9}C:\users\alex\desktop\neuer ordner (2)\snes9x.exe" = protocol=6 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\snes9x.exe | 
"TCP Query User{5D7CA965-2198-4BB9-A516-5CD2CC7D5147}C:\windows\system32\java.exe" = protocol=6 | dir=in | app=c:\windows\system32\java.exe | 
"TCP Query User{75778026-C1EC-4114-B610-4B0BFC737621}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb.exe" = protocol=6 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb.exe | 
"TCP Query User{AF1C3035-2BFD-4E40-B643-835F77FF2A3A}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_dede.exe" = protocol=6 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_dede.exe | 
"TCP Query User{C4E0B913-65BB-4904-864A-4ADF534DB0DA}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{D0AEE7D1-49A6-4D64-AF14-137655A0A4AF}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"TCP Query User{E1F7C8A1-9829-4C2B-BFA1-514FDED527AF}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{09ED0B3D-5CED-4CFA-8DE0-CC4E33860AE6}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{15CE0C82-B848-4D7F-A236-1813AE7792FB}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
"UDP Query User{2845010A-2B73-42AE-9D6B-661BFEA95DA8}C:\windows\system32\java.exe" = protocol=17 | dir=in | app=c:\windows\system32\java.exe | 
"UDP Query User{37230450-B957-41E1-820A-5AEAD25173B3}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_dede.exe" = protocol=17 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_dede.exe | 
"UDP Query User{404F6BA9-5FCD-4ACB-B460-8210E7141F99}C:\program files\project64 1.7\project64.exe" = protocol=17 | dir=in | app=c:\program files\project64 1.7\project64.exe | 
"UDP Query User{71C3406E-4F37-47EA-A93C-6570188BE1FB}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{812AC0F2-0DE5-4C52-8FF7-251A9AA2F23D}C:\users\alex\downloads\downloader_warcraft3_reign_of_chaos_engb.exe" = protocol=17 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_reign_of_chaos_engb.exe | 
"UDP Query User{C88D3592-3D53-435A-A71D-0BE69A7DC353}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb (1).exe" = protocol=17 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb (1).exe | 
"UDP Query User{CD89E060-9C27-41B6-B5EB-B7E0DB60333C}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 
"UDP Query User{D04E5ED6-6426-4275-AE32-74ABDEE76206}C:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb.exe" = protocol=17 | dir=in | app=c:\users\alex\downloads\downloader_warcraft3_the_frozen_throne_engb.exe | 
"UDP Query User{F0029CC3-C851-4D3E-9857-A74504359782}C:\users\alex\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\alex\appdata\roaming\spotify\spotify.exe | 
"UDP Query User{F2849DC2-32F7-4E35-BEC6-14E6B6D75993}C:\users\alex\desktop\neuer ordner (2)\snes9x.exe" = protocol=17 | dir=in | app=c:\users\alex\desktop\neuer ordner (2)\snes9x.exe | 
"UDP Query User{F8C4313F-FCF1-4A58-BE35-51615CFC251A}C:\program files\warcraft iii\war3.exe" = protocol=17 | dir=in | app=c:\program files\warcraft iii\war3.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{03AEAB60-A7B3-A8DB-468B-EB30FB4B40B0}" = CCC Help German
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{077A7810-A937-4465-AD08-ACED9807995F}" = ANNO 1602 Königs-Edition
"{07DFFE8F-2E2C-91D2-C075-06768ECB87ED}" = AMD Drag and Drop Transcoding
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{162ABED6-E60C-6CFF-100E-43C16ABBC5BE}" = CCC Help Chinese Standard
"{1CB724FF-D18C-8FFB-E7C9-0A09CF8EC066}" = CCC Help Japanese
"{20C14CC3-5E3B-D39A-5B37-B15E59785063}" = CCC Help Chinese Traditional
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{23697393-E392-4FFA-B8EF-193B5569C0B2}" = AVG 2013
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2632A2C0-ECF4-7F79-7136-9FEA4C253A4C}" = CCC Help Turkish
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{30F712DA-64FE-5DBE-AE76-3F8EA3F8223C}" = CCC Help French
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C39B3CC-4EC8-C756-AF4B-72366504FCA5}" = CCC Help Hungarian
"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.1102.1
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3E7D839E-A6E7-B6F8-F855-CF69756E6331}" = AMD Media Foundation Decoders
"{3F290582-3F4E-4B96-009C-E0BABAA40C42}" = Die Schlacht um Mittelerde(tm)
"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0309.1
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CC9D761-A9B6-D8EA-D2A9-B74B5A90B108}" = CCC Help Norwegian
"{4F198874-3C7D-5983-02EB-9E234C43F174}" = AMD Steady Video Plug-In 
"{5180FB30-2AC7-1627-9856-AA0AE6ACB7E7}" = ccc-utility
"{54B227A6-BDBE-69FA-D450-B99609063044}" = CCC Help Greek
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66D6F3BD-CA23-41A4-9FA3-96B26B32528D}" = Command & Conquer Die ersten 10 Jahre
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7C587778-C433-980E-F3C1-203890DC4FBE}" = CCC Help Polish
"{7DC3EABF-66A2-6D79-B485-6328525CA387}" = CCC Help Swedish
"{843603C6-75B7-BAB5-80DE-E76FB28DEEF2}" = CCC Help Finnish
"{852F940A-BE93-4DF9-98E5-6F5FA7AFF3EE}" = Intel® Trusted Connect Service Client
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{876B50AF-D46A-ED35-C625-20F326FE0C49}" = AMD Accelerated Video Transcoding
"{8BBC66FD-0195-29B4-5A58-E0B0554E8F42}" = Catalyst Control Center
"{8D9EEAC7-42D5-3951-612A-EAA7B684C592}" = CCC Help Italian
"{9170B2A2-FC44-4ec2-AEB6-9052626B2A2E}_is1" = Driver Reviver
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{943A8D28-80D6-41DC-AE94-81FEB42041BF}" = System Requirements Lab CYRI
"{9791DAED-B734-2835-988B-157BDA087496}" = CCC Help Dutch
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{98B740C3-FAA4-C523-7478-4DBCAB7B27D1}" = Catalyst Control Center Graphics Previews Common
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F0CAC6D-9B0D-A95F-CF61-6E88952D6181}" = CCC Help Thai
"{A25FF1C0-80B6-4B8B-A551-DC525697A408}" = AMD APP SDK Runtime
"{A625DB70-98D5-16FD-C49D-4B8B1B2304A4}" = CCC Help Spanish
"{A90214C3-3A0C-2F05-6083-E1A4BAD9E30D}" = CCC Help Danish
"{AA123216-6DE0-E57C-DC57-4FECEACB482F}" = CCC Help Russian
"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi
"{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1" = Uniblue DriverScanner
"{C3592426-531E-4110-911D-BFECE2CE284C}" = osu!
"{C580908C-B3BA-4C19-BD60-16F02F272201}" = BattleForge™
"{D0837A59-83E6-3392-1BD9-86D3445676DB}" = CCC Help Korean
"{D5068813-9F8D-9F7A-92C0-A3EECBA2D82B}" = AMD Catalyst Install Manager
"{D70AB273-113B-D7DE-5C8D-82CABA7CB0AF}" = Catalyst Control Center Localization All
"{DC8772D4-C75F-5235-63E2-BBC73F909B7A}" = CCC Help Czech
"{DED7FD3C-DDD2-43BB-B0F5-B07F9D0430D3}" = CCC Help Portuguese
"{E157F2EB-E06F-B57F-9105-68F348DB2EAD}" = CCC Help English
"{E2B086BD-75A9-45D1-A675-151624B259A1}" = Splashtop Connect for IE
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EF036F44-A287-BC23-3F6E-AAE6FDEF47EF}" = Catalyst Control Center InstallProxy
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"7-Zip" = 7-Zip 9.20
"Adobe Acrobat 5.0" = Adobe Acrobat 5.0
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AVMWLANCLI" = AVM FRITZ!WLAN
"CCleaner" = CCleaner
"DAEMON Tools Lite" = DAEMON Tools Lite
"Defraggler" = Defraggler
"Diablo III" = Diablo III
"Die Völker" = Die Völker
"Dove Pre-Setup" = Dove Pre-Setup
"ESET Online Scanner" = ESET Online Scanner v3
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B12.0309.1
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"N360" = Norton 360
"Project64 1.7" = Project64 1.7
"Steam App 440" = Team Fortress 2
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"VLC media player" = VLC media player 2.0.4
"Warcraft III" = Warcraft III
"Winamp" = Winamp
"WinRAR archiver" = WinRAR 4.20 (32-Bit)
"World of Warcraft" = World of Warcraft
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"101a9f93b8f0bb6f" = Curse Client
"Google Chrome" = Google Chrome
"Spotify" = Spotify
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 03.11.2012 11:19:26 | Computer Name = Alex-PC | Source = Application Hang | ID = 1002
Description = Programm Wow.exe, Version 5.0.5.16135 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1bc8    Startzeit:
 01cdb9c502118c04    Endzeit: 14005    Anwendungspfad: C:\Program Files\World of Warcraft\Wow.exe

Berichts-ID:
   
 
Error - 03.11.2012 13:43:10 | Computer Name = Alex-PC | Source = Application Hang | ID = 1002
Description = Programm Gamemd.exe, Version 1.0.1.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1c2c    Startzeit:
 01cdb9ea8b3941b7    Endzeit: 6    Anwendungspfad: C:\Program Files\EA GAMES\Command & Conquer
 Die ersten 10 Jahre\Command & Conquer Red Alert(tm) II\AR2\Gamemd.exe    Berichts-ID:
   
 
Error - 03.11.2012 13:44:46 | Computer Name = Alex-PC | Source = Application Hang | ID = 1002
Description = Programm Gamemd.exe, Version 1.0.1.1 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 19ec    Startzeit:
 01cdb9eab9cefcd6    Endzeit: 23    Anwendungspfad: C:\Program Files\EA GAMES\Command & 
Conquer Die ersten 10 Jahre\Command & Conquer Red Alert(tm) II\AR2\Gamemd.exe    Berichts-ID:
   
 
Error - 03.11.2012 13:46:03 | Computer Name = Alex-PC | Source = ESENT | ID = 482
Description = Windows (4312) Windows: Versuch, in Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb"
 bei Offset 0 (0x0000000000000000) für 32768 (0x00008000) Bytes zu schreiben, ist
 nach 0 Sekunden mit Systemfehler 8 (0x00000008): "Not enough storage is available
 to process this command. " fehlgeschlagen. Fehler -1011 (0xfffffc0d) bei Schreiboperation.
 Wenn dieser Zustand andauert, ist die Datei möglicherweise beschädigt und muss 
aus einer vorherigen Sicherung wiederhergestellt werden.
 
Error - 03.11.2012 13:46:03 | Computer Name = Alex-PC | Source = ESENT | ID = 439
Description = Windows (4312) Windows: Die Shadowkopfzeile für Datei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
 konnte nicht geschrieben werden. Fehler -1011.
 
Error - 03.11.2012 13:46:03 | Computer Name = Alex-PC | Source = ESENT | ID = 413
Description = Windows (4312) Windows: Neue Protokolldatei konnte nicht erstellt 
werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk
 ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu
 wenig freien Speicherplatz. Fehler -1011.
 
Error - 03.11.2012 13:46:03 | Computer Name = Alex-PC | Source = ESENT | ID = 492
Description = Windows (4312) Windows: Die Protokolldatei-Reihenfolge in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\"
 wurde durch einen schwerwiegenden Fehler angehalten. Für die Datenbank, die diese
 Protokolldatei-Reihenfolge verwendet, sind keine weiteren Aktualisierungen möglich.
 Bitte korrigieren Sie das Problem, und starten Sie erneut, oder führen Sie eine
 Wiederherstellung aus einer Sicherung durch.
 
Error - 03.11.2012 13:47:06 | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Gamemd.exe, Version: 1.0.1.1, Zeitstempel:
 0x3bdf544e  Name des fehlerhaften Moduls: binkw32.dll, Version: 3.0.0.0, Zeitstempel:
 0x396b8013  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00016c8d  ID des fehlerhaften Prozesses:
 0x1994  Startzeit der fehlerhaften Anwendung: 0x01cdb9eb364e9f63  Pfad der fehlerhaften
 Anwendung: C:\Program Files\EA GAMES\Command & Conquer Die ersten 10 Jahre\Command
 & Conquer Red Alert(tm) II\AR2\Gamemd.exe  Pfad des fehlerhaften Moduls: C:\Program
 Files\EA GAMES\Command & Conquer Die ersten 10 Jahre\Command & Conquer Red Alert(tm)
 II\AR2\binkw32.dll  Berichtskennung: 7b6b058c-25de-11e2-8a66-902b34327482
 
Error - 03.11.2012 13:49:28 | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Skype.exe, Version: 5.10.0.116, Zeitstempel:
 0x50001496  Name des fehlerhaften Moduls: Skype.exe, Version: 5.10.0.116, Zeitstempel:
 0x50001496  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001d8d60  ID des fehlerhaften Prozesses:
 0x1ac8  Startzeit der fehlerhaften Anwendung: 0x01cdb9eb6d7a0cd0  Pfad der fehlerhaften
 Anwendung: C:\Program Files\Skype\Phone\Skype.exe  Pfad des fehlerhaften Moduls: 
C:\Program Files\Skype\Phone\Skype.exe  Berichtskennung: cfd1a27c-25de-11e2-8a66-902b34327482
 
Error - 03.11.2012 13:55:44 | Computer Name = Alex-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: svchost.exe_Dnscache, Version: 6.1.7600.16385,
 Zeitstempel: 0x4a5bc100  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915,
 Zeitstempel: 0x4ec49caf  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000277ab  ID des fehlerhaften
 Prozesses: 0x5ac  Startzeit der fehlerhaften Anwendung: 0x01cdb9ebf62eef0b  Pfad der
 fehlerhaften Anwendung: C:\Windows\system32\svchost.exe  Pfad des fehlerhaften Moduls:
 C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: b040bfed-25df-11e2-9811-902b34327482
 
[ System Events ]
Error - 03.11.2012 13:40:21 | Computer Name = Alex-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.11.2012 13:40:53 | Computer Name = Alex-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.11.2012 13:40:55 | Computer Name = Alex-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 03.11.2012 13:52:15 | Computer Name = Alex-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?03.?11.?2012 um 18:49:45 unerwartet heruntergefahren.
 
Error - 03.11.2012 13:52:19 | Computer Name = ALEX-PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 03.11.2012 13:55:46 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Cryptographic Services" wurde unerwartet beendet. Dies
 ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
 durchgeführt: Restart the service.
 
Error - 03.11.2012 13:55:46 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS Client" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
 Restart the service.
 
Error - 03.11.2012 13:55:46 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Workstation" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt:
 Restart the service.
 
Error - 03.11.2012 13:55:46 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Network Location Awareness" wurde unerwartet beendet. 
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
 durchgeführt: Restart the service.
 
Error - 03.11.2012 13:57:46 | Computer Name = Alex-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "DNS Client" Korrekturmaßnahmen (Restart the service) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
 
< End of report >

Kulzhar · 04.11.2012, 22:22

Meint ihr es hilft wenn ich ihn platt mache und neu aufsetze?

markusg · 05.11.2012, 15:15

hi
sorry, war wochenende.
klar, wenn du willst, machen wir ihn neu.
1. Datenrettung:

deaktiviere Autorun: http://www.trojaner-board.de/83238-a...sschalten.html
dann sichere Daten auf nen externen datenträger: http://www.trojaner-board.de/82533-d...ted-magic.html
Bilder, Dokumente, Musik Videos (persönliches) http://www.trojaner-board.de/71715-k...iendungen.html

2. Formatieren, Windows neu instalieren:

nutzt du eine Windows CD: http://www.trojaner-board.de/51262-a...sicherung.html
recovery cd oder recovery partition.
falls dies ein fertig pc ist, nenne hersteller + typ.
Keine Windows 7 DVD? http://www.trojaner-board.de/100776-...-download.html

3. PC absichern: http://www.trojaner-board.de/96344-a...-rechners.html
ich werde außerdem noch weitere punkte dazu posten.
4. alle Passwörter ändern!
5. nach PC Absicherung, die gesicherten Daten prüfen und falls sauber: zurückspielen.
6. werde ich dann noch was zum absichern von Onlinebanking mit Chip Card Reader + Star Money sagen.

Kulzhar · 05.11.2012, 15:48

hm das mit xubuntu hört sich so an als würde das ganz schön lang dauern und ich hab jetzt nicht so viele Daten die ich gern retten würde (nur ein bischen Musik und ein paar Bilder) kann ich diese nicht einfach auf eine externe sichern und den Xubuntu schritt überspringen?

ich hab jetzt den pc neu aufgesetzt jetzt bekomme ich aber von norton die Meldung, dass Boot.Tidserv auf meinem Pc ist muss ich dagegen was machen?

ich hab jetzt den pc neu aufgesetzt jetzt bekomme ich aber von norton die Meldung, dass Boot.Tidserv auf meinem Pc ist muss ich dagegen was machen?

jetzt ises irgendwie richtig merkwürdig ich hab Norton nochmal scanen lassen und
dann hat Norton anscheinend eine Lösung gefunden und gelöscht oder in Quarantäne geschoben. Jetzt hab ich meine externe (welche ich davor extra wia xubuntu überprüft hatte) angeschlossen und Norton meldet wieder den gleichen Virus behebt diesen aber wieder. Bin ich jetzt noch infiziert oder nicht?

lol warum schiebt mir das grad alles in einen post?

markusg · 07.11.2012, 17:02

hattest du daten über ubuntu gesichert oder nicht?
wo findet norton die malware?
schließ mal den externen datenträger mit an.
wir setzen noch mal neu auf, will aber mal schauen.
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Kulzhar · 07.11.2012, 17:41

hm ich hab jetzt mal nachgeschaut bei Norton und da steht
bei verdächtige Aktion
Master-Bootsetkorinfektion: Laufwerk 0x80 entfernen fehlgeschlagen
und ich hab bemerkt das ich seitdem neu aufsetzen meine externe angesteckt hatte.
Und ja ich hatte Dateien mit ubuntu auf die externe gesichert(Videos, Musik)

so hab denn scan durchlaufen lassen

Code:

ATTFilter

18:10:25.0416 6040  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
18:10:25.0537 6040  ============================================================
18:10:25.0537 6040  Current date / time: 2012/11/07 18:10:25.0537
18:10:25.0537 6040  SystemInfo:
18:10:25.0537 6040  
18:10:25.0537 6040  OS Version: 6.1.7600 ServicePack: 0.0
18:10:25.0537 6040  Product type: Workstation
18:10:25.0537 6040  ComputerName: ALEX-PC
18:10:25.0537 6040  UserName: Alex
18:10:25.0537 6040  Windows directory: C:\Windows
18:10:25.0537 6040  System windows directory: C:\Windows
18:10:25.0537 6040  Processor architecture: Intel x86
18:10:25.0537 6040  Number of processors: 4
18:10:25.0537 6040  Page size: 0x1000
18:10:25.0537 6040  Boot type: Normal boot
18:10:25.0537 6040  ============================================================
18:10:26.0323 6040  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:10:26.0333 6040  ============================================================
18:10:26.0333 6040  \Device\Harddisk0\DR0:
18:10:26.0333 6040  MBR partitions:
18:10:26.0333 6040  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:10:26.0333 6040  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746CCDB0
18:10:26.0333 6040  ============================================================
18:10:26.0361 6040  C: <-> \Device\Harddisk0\DR0\Partition2
18:10:26.0380 6040  D: <-> \Device\Harddisk0\DR0\Partition1
18:10:26.0380 6040  ============================================================
18:10:26.0380 6040  Initialize success
18:10:26.0380 6040  ============================================================
18:10:33.0383 4504  ============================================================
18:10:33.0383 4504  Scan started
18:10:33.0383 4504  Mode: Manual; SigCheck; TDLFS; 
18:10:33.0383 4504  ============================================================
18:10:33.0599 4504  ================ Scan system memory ========================
18:10:33.0600 4504  System memory - ok
18:10:33.0600 4504  ================ Scan services =============================
18:10:33.0830 4504  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
18:10:33.0871 4504  1394ohci - ok
18:10:33.0881 4504  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
18:10:33.0890 4504  ACPI - ok
18:10:33.0892 4504  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
18:10:33.0902 4504  AcpiPmi - ok
18:10:33.0937 4504  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
18:10:33.0948 4504  adp94xx - ok
18:10:33.0951 4504  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
18:10:33.0961 4504  adpahci - ok
18:10:33.0964 4504  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
18:10:33.0972 4504  adpu320 - ok
18:10:33.0984 4504  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:10:34.0006 4504  AeLookupSvc - ok
18:10:34.0066 4504  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
18:10:34.0093 4504  AFD - ok
18:10:34.0096 4504  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
18:10:34.0103 4504  agp440 - ok
18:10:34.0127 4504  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
18:10:34.0135 4504  aic78xx - ok
18:10:34.0178 4504  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
18:10:34.0194 4504  ALG - ok
18:10:34.0201 4504  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
18:10:34.0216 4504  aliide - ok
18:10:34.0266 4504  [ CDE41D99DB840FF9454FC981EBD0EC50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:10:34.0322 4504  AMD External Events Utility - ok
18:10:34.0325 4504  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
18:10:34.0332 4504  amdagp - ok
18:10:34.0343 4504  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
18:10:34.0349 4504  amdide - ok
18:10:34.0354 4504  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
18:10:34.0362 4504  AmdK8 - ok
18:10:34.0480 4504  [ FFD082F1F1D4FF5C87F66DF62486BCFA ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
18:10:34.0618 4504  amdkmdag - ok
18:10:34.0660 4504  [ C541DA5B72FA638469E8DC1E66079330 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
18:10:34.0674 4504  amdkmdap - ok
18:10:34.0679 4504  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
18:10:34.0694 4504  AmdPPM - ok
18:10:34.0714 4504  [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
18:10:34.0722 4504  amdsata - ok
18:10:34.0733 4504  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
18:10:34.0740 4504  amdsbs - ok
18:10:34.0743 4504  [ B81C2B5616F6420A9941EA093A92B150 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
18:10:34.0749 4504  amdxata - ok
18:10:34.0757 4504  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
18:10:34.0766 4504  AppID - ok
18:10:34.0787 4504  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:10:34.0802 4504  AppIDSvc - ok
18:10:34.0830 4504  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
18:10:34.0857 4504  Appinfo - ok
18:10:34.0891 4504  [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
18:10:34.0904 4504  AppleCharger - ok
18:10:34.0931 4504  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
18:10:34.0943 4504  AppleChargerSrv - ok
18:10:35.0012 4504  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:10:35.0037 4504  AppMgmt - ok
18:10:35.0041 4504  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
18:10:35.0055 4504  arc - ok
18:10:35.0057 4504  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
18:10:35.0065 4504  arcsas - ok
18:10:35.0076 4504  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:10:35.0091 4504  AsyncMac - ok
18:10:35.0103 4504  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
18:10:35.0109 4504  atapi - ok
18:10:35.0171 4504  [ 4D201D8B576BE4473405B2A86A2D28B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
18:10:35.0184 4504  AtiHDAudioService - ok
18:10:35.0208 4504  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:10:35.0238 4504  AudioEndpointBuilder - ok
18:10:35.0243 4504  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:10:35.0259 4504  Audiosrv - ok
18:10:35.0284 4504  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:10:35.0293 4504  AxInstSV - ok
18:10:35.0309 4504  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
18:10:35.0321 4504  b06bdrv - ok
18:10:35.0339 4504  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:10:35.0349 4504  b57nd60x - ok
18:10:35.0361 4504  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:10:35.0369 4504  BDESVC - ok
18:10:35.0371 4504  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:10:35.0386 4504  Beep - ok
18:10:35.0414 4504  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
18:10:35.0445 4504  BFE - ok
18:10:35.0744 4504  [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121030.002\BHDrvx86.sys
18:10:35.0770 4504  BHDrvx86 - ok
18:10:35.0801 4504  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
18:10:35.0837 4504  BITS - ok
18:10:35.0847 4504  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:10:35.0854 4504  blbdrive - ok
18:10:35.0880 4504  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:10:35.0909 4504  bowser - ok
18:10:35.0913 4504  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:10:35.0927 4504  BrFiltLo - ok
18:10:35.0929 4504  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:10:35.0937 4504  BrFiltUp - ok
18:10:35.0981 4504  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
18:10:35.0995 4504  Browser - ok
18:10:36.0002 4504  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:10:36.0018 4504  Brserid - ok
18:10:36.0036 4504  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:10:36.0045 4504  BrSerWdm - ok
18:10:36.0047 4504  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:10:36.0055 4504  BrUsbMdm - ok
18:10:36.0057 4504  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:10:36.0065 4504  BrUsbSer - ok
18:10:36.0070 4504  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
18:10:36.0079 4504  BTHMODEM - ok
18:10:36.0094 4504  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
18:10:36.0110 4504  bthserv - ok
18:10:36.0182 4504  [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360      C:\Windows\system32\drivers\N360\0604000.009\ccSetx86.sys
18:10:36.0195 4504  ccSet_N360 - ok
18:10:36.0198 4504  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:10:36.0218 4504  cdfs - ok
18:10:36.0230 4504  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:10:36.0238 4504  cdrom - ok
18:10:36.0275 4504  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:10:36.0291 4504  CertPropSvc - ok
18:10:36.0293 4504  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:10:36.0302 4504  circlass - ok
18:10:36.0343 4504  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
18:10:36.0360 4504  CLFS - ok
18:10:36.0474 4504  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:10:36.0488 4504  clr_optimization_v2.0.50727_32 - ok
18:10:36.0628 4504  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:10:36.0643 4504  clr_optimization_v4.0.30319_32 - ok
18:10:36.0646 4504  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:10:36.0658 4504  CmBatt - ok
18:10:36.0661 4504  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
18:10:36.0672 4504  cmdide - ok
18:10:36.0725 4504  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:10:36.0748 4504  CNG - ok
18:10:36.0761 4504  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:10:36.0772 4504  Compbatt - ok
18:10:36.0782 4504  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:10:36.0794 4504  CompositeBus - ok
18:10:36.0808 4504  COMSysApp - ok
18:10:36.0834 4504  [ FDAFC5748C2509F96D0F7694408D9B95 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
18:10:36.0842 4504  cphs - ok
18:10:36.0854 4504  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
18:10:36.0862 4504  crcdisk - ok
18:10:36.0891 4504  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:10:36.0904 4504  CryptSvc - ok
18:10:36.0926 4504  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
18:10:36.0946 4504  CSC - ok
18:10:36.0958 4504  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
18:10:36.0974 4504  CscService - ok
18:10:37.0003 4504  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:10:37.0036 4504  DcomLaunch - ok
18:10:37.0056 4504  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:10:37.0073 4504  defragsvc - ok
18:10:37.0093 4504  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:10:37.0105 4504  DfsC - ok
18:10:37.0159 4504  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:10:37.0179 4504  Dhcp - ok
18:10:37.0188 4504  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
18:10:37.0204 4504  discache - ok
18:10:37.0214 4504  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
18:10:37.0221 4504  Disk - ok
18:10:37.0247 4504  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:10:37.0263 4504  Dnscache - ok
18:10:37.0293 4504  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:10:37.0310 4504  dot3svc - ok
18:10:37.0317 4504  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
18:10:37.0334 4504  DPS - ok
18:10:37.0352 4504  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:10:37.0362 4504  drmkaud - ok
18:10:37.0388 4504  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:10:37.0413 4504  dtsoftbus01 - ok
18:10:37.0444 4504  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:10:37.0464 4504  DXGKrnl - ok
18:10:37.0499 4504  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
18:10:37.0519 4504  EapHost - ok
18:10:37.0562 4504  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
18:10:37.0613 4504  ebdrv - ok
18:10:37.0754 4504  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
18:10:37.0773 4504  eeCtrl - ok
18:10:37.0796 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
18:10:37.0815 4504  EFS - ok
18:10:37.0913 4504  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:10:37.0942 4504  ehRecvr - ok
18:10:37.0962 4504  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
18:10:37.0973 4504  ehSched - ok
18:10:37.0997 4504  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
18:10:38.0011 4504  elxstor - ok
18:10:38.0048 4504  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:10:38.0057 4504  EraserUtilRebootDrv - ok
18:10:38.0077 4504  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
18:10:38.0090 4504  ErrDev - ok
18:10:38.0119 4504  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
18:10:38.0143 4504  EventSystem - ok
18:10:38.0161 4504  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
18:10:38.0177 4504  exfat - ok
18:10:38.0185 4504  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:10:38.0201 4504  fastfat - ok
18:10:38.0219 4504  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
18:10:38.0239 4504  Fax - ok
18:10:38.0244 4504  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:10:38.0251 4504  fdc - ok
18:10:38.0270 4504  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
18:10:38.0285 4504  fdPHost - ok
18:10:38.0289 4504  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
18:10:38.0303 4504  FDResPub - ok
18:10:38.0306 4504  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:10:38.0312 4504  FileInfo - ok
18:10:38.0314 4504  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:10:38.0340 4504  Filetrace - ok
18:10:38.0351 4504  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:10:38.0359 4504  flpydisk - ok
18:10:38.0362 4504  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:10:38.0370 4504  FltMgr - ok
18:10:38.0407 4504  [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache       C:\Windows\system32\FntCache.dll
18:10:38.0438 4504  FontCache - ok
18:10:38.0488 4504  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:10:38.0499 4504  FontCache3.0.0.0 - ok
18:10:38.0504 4504  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:10:38.0513 4504  FsDepends - ok
18:10:38.0556 4504  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:10:38.0565 4504  Fs_Rec - ok
18:10:38.0607 4504  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:10:38.0625 4504  fvevol - ok
18:10:38.0643 4504  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
18:10:38.0650 4504  gagp30kx - ok
18:10:38.0679 4504  [ D556CB79967E92B5CC69686D16C1D846 ] gdrv            C:\Windows\gdrv.sys
18:10:38.0686 4504  gdrv - ok
18:10:38.0712 4504  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
18:10:38.0738 4504  gpsvc - ok
18:10:38.0800 4504  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:10:38.0814 4504  gupdate - ok
18:10:38.0818 4504  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:10:38.0830 4504  gupdatem - ok
18:10:38.0859 4504  [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv          C:\Windows\system32\Drivers\GVTDrv.sys
18:10:38.0870 4504  GVTDrv - ok
18:10:38.0895 4504  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:10:38.0903 4504  hcw85cir - ok
18:10:38.0924 4504  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:10:38.0934 4504  HdAudAddService - ok
18:10:38.0946 4504  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:10:38.0956 4504  HDAudBus - ok
18:10:38.0958 4504  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
18:10:38.0965 4504  HidBatt - ok
18:10:39.0006 4504  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
18:10:39.0015 4504  HidBth - ok
18:10:39.0023 4504  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:10:39.0032 4504  HidIr - ok
18:10:39.0038 4504  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
18:10:39.0054 4504  hidserv - ok
18:10:39.0056 4504  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:10:39.0063 4504  HidUsb - ok
18:10:39.0103 4504  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:10:39.0135 4504  hkmsvc - ok
18:10:39.0167 4504  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:10:39.0194 4504  HomeGroupListener - ok
18:10:39.0212 4504  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:10:39.0225 4504  HomeGroupProvider - ok
18:10:39.0241 4504  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
18:10:39.0251 4504  HpSAMD - ok
18:10:39.0270 4504  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:10:39.0293 4504  HTTP - ok
18:10:39.0296 4504  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:10:39.0305 4504  hwpolicy - ok
18:10:39.0307 4504  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:10:39.0316 4504  i8042prt - ok
18:10:39.0338 4504  [ E64665E2A6CAEB52C8AE6E5EB6F3FD7C ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:10:39.0347 4504  iaStor - ok
18:10:39.0441 4504  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:10:39.0453 4504  IAStorDataMgrSvc - ok
18:10:39.0460 4504  [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
18:10:39.0476 4504  iaStorV - ok
18:10:39.0506 4504  [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS            C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
18:10:39.0512 4504  ICCS ( UnsignedFile.Multi.Generic ) - warning
18:10:39.0512 4504  ICCS - detected UnsignedFile.Multi.Generic (1)
18:10:39.0578 4504  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:10:39.0587 4504  IDriverT ( UnsignedFile.Multi.Generic ) - warning
18:10:39.0587 4504  IDriverT - detected UnsignedFile.Multi.Generic (1)
18:10:39.0640 4504  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:10:39.0663 4504  idsvc - ok
18:10:39.0763 4504  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121106.001\IDSvix86.sys
18:10:39.0781 4504  IDSVix86 - ok
18:10:39.0954 4504  [ DEFCCA620FF9EC4E9E2E1619263821A7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
18:10:40.0121 4504  igfx - ok
18:10:40.0136 4504  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
18:10:40.0142 4504  iirsp - ok
18:10:40.0177 4504  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:10:40.0197 4504  IKEEXT - ok
18:10:40.0225 4504  [ 7081EFE4EBF9CBBFF4EB5A3AC478DDC5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:10:40.0243 4504  IntcDAud - ok
18:10:40.0298 4504  [ 28B3162EC8D01114313D7F447D8E157E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:10:40.0313 4504  Intel(R) Capability Licensing Service Interface - ok
18:10:40.0332 4504  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
18:10:40.0341 4504  intelide - ok
18:10:40.0345 4504  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:10:40.0356 4504  intelppm - ok
18:10:40.0368 4504  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:10:40.0384 4504  IPBusEnum - ok
18:10:40.0386 4504  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:10:40.0401 4504  IpFilterDriver - ok
18:10:40.0414 4504  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:10:40.0432 4504  iphlpsvc - ok
18:10:40.0438 4504  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:10:40.0447 4504  IPMIDRV - ok
18:10:40.0449 4504  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:10:40.0464 4504  IPNAT - ok
18:10:40.0473 4504  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:10:40.0482 4504  IRENUM - ok
18:10:40.0494 4504  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
18:10:40.0500 4504  isapnp - ok
18:10:40.0506 4504  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:10:40.0514 4504  iScsiPrt - ok
18:10:40.0536 4504  [ DF93E36D3DABDD53A6394806AD1B9807 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:10:40.0548 4504  iusb3hcs - ok
18:10:40.0569 4504  [ 725D1248F64D56E61453F4FCDFA6A0B6 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:10:40.0586 4504  iusb3hub - ok
18:10:40.0603 4504  [ 5C0C8D16027229BD7FC9465124BFEC9D ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:10:40.0629 4504  iusb3xhc - ok
18:10:40.0655 4504  [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service     C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:10:40.0661 4504  jhi_service - ok
18:10:40.0674 4504  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:10:40.0681 4504  kbdclass - ok
18:10:40.0683 4504  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:10:40.0691 4504  kbdhid - ok
18:10:40.0710 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
18:10:40.0717 4504  KeyIso - ok
18:10:40.0743 4504  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:10:40.0750 4504  KSecDD - ok
18:10:40.0758 4504  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:10:40.0766 4504  KSecPkg - ok
18:10:40.0779 4504  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:10:40.0797 4504  KtmRm - ok
18:10:40.0814 4504  [ 25046613DFA30A7361996F15901CA0DE ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
18:10:40.0821 4504  L1C - ok
18:10:40.0884 4504  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:10:40.0916 4504  LanmanServer - ok
18:10:40.0946 4504  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:10:40.0975 4504  LanmanWorkstation - ok
18:10:41.0003 4504  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:10:41.0019 4504  lltdio - ok
18:10:41.0028 4504  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:10:41.0044 4504  lltdsvc - ok
18:10:41.0046 4504  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:10:41.0061 4504  lmhosts - ok
18:10:41.0076 4504  [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:10:41.0083 4504  LMS - ok
18:10:41.0096 4504  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
18:10:41.0104 4504  LSI_FC - ok
18:10:41.0113 4504  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
18:10:41.0121 4504  LSI_SAS - ok
18:10:41.0124 4504  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:10:41.0130 4504  LSI_SAS2 - ok
18:10:41.0140 4504  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:10:41.0148 4504  LSI_SCSI - ok
18:10:41.0150 4504  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
18:10:41.0165 4504  luafv - ok
18:10:41.0182 4504  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:10:41.0191 4504  Mcx2Svc - ok
18:10:41.0200 4504  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
18:10:41.0207 4504  megasas - ok
18:10:41.0219 4504  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
18:10:41.0228 4504  MegaSR - ok
18:10:41.0238 4504  [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
18:10:41.0246 4504  MEI - ok
18:10:41.0256 4504  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
18:10:41.0271 4504  MMCSS - ok
18:10:41.0274 4504  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
18:10:41.0288 4504  Modem - ok
18:10:41.0291 4504  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:10:41.0299 4504  monitor - ok
18:10:41.0301 4504  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:10:41.0307 4504  mouclass - ok
18:10:41.0309 4504  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:10:41.0316 4504  mouhid - ok
18:10:41.0322 4504  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:10:41.0329 4504  mountmgr - ok
18:10:41.0331 4504  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
18:10:41.0339 4504  mpio - ok
18:10:41.0341 4504  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:10:41.0355 4504  mpsdrv - ok
18:10:41.0369 4504  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:10:41.0388 4504  MpsSvc - ok
18:10:41.0399 4504  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:10:41.0409 4504  MRxDAV - ok
18:10:41.0428 4504  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:10:41.0439 4504  mrxsmb - ok
18:10:41.0447 4504  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:10:41.0455 4504  mrxsmb10 - ok
18:10:41.0458 4504  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:10:41.0465 4504  mrxsmb20 - ok
18:10:41.0477 4504  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
18:10:41.0484 4504  msahci - ok
18:10:41.0503 4504  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
18:10:41.0511 4504  msdsm - ok
18:10:41.0519 4504  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
18:10:41.0528 4504  MSDTC - ok
18:10:41.0532 4504  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:10:41.0547 4504  Msfs - ok
18:10:41.0549 4504  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:10:41.0563 4504  mshidkmdf - ok
18:10:41.0565 4504  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
18:10:41.0571 4504  msisadrv - ok
18:10:41.0581 4504  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:10:41.0597 4504  MSiSCSI - ok
18:10:41.0599 4504  msiserver - ok
18:10:41.0614 4504  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:10:41.0629 4504  MSKSSRV - ok
18:10:41.0631 4504  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:10:41.0645 4504  MSPCLOCK - ok
18:10:41.0647 4504  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:10:41.0662 4504  MSPQM - ok
18:10:41.0673 4504  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:10:41.0681 4504  MsRPC - ok
18:10:41.0684 4504  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:10:41.0691 4504  mssmbios - ok
18:10:41.0693 4504  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:10:41.0707 4504  MSTEE - ok
18:10:41.0709 4504  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
18:10:41.0723 4504  MTConfig - ok
18:10:41.0725 4504  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
18:10:41.0732 4504  Mup - ok
18:10:41.0754 4504  [ 9A3946B3FEE94197EE1925D5D3AA0E5C ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
18:10:41.0762 4504  mvs91xx - ok
18:10:41.0865 4504  [ F2840DBFE9322F35557219AE82CC4597 ] N360            C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
18:10:41.0872 4504  N360 - ok
18:10:41.0894 4504  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
18:10:41.0912 4504  napagent - ok
18:10:41.0924 4504  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:10:41.0935 4504  NativeWifiP - ok
18:10:42.0017 4504  [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121106.032\NAVENG.SYS
18:10:42.0024 4504  NAVENG - ok
18:10:42.0059 4504  [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121106.032\NAVEX15.SYS
18:10:42.0077 4504  NAVEX15 - ok
18:10:42.0084 4504  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:10:42.0098 4504  NDIS - ok
18:10:42.0115 4504  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:10:42.0131 4504  NdisCap - ok
18:10:42.0144 4504  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:10:42.0158 4504  NdisTapi - ok
18:10:42.0168 4504  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:10:42.0184 4504  Ndisuio - ok
18:10:42.0192 4504  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:10:42.0208 4504  NdisWan - ok
18:10:42.0211 4504  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:10:42.0226 4504  NDProxy - ok
18:10:42.0228 4504  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:10:42.0243 4504  NetBIOS - ok
18:10:42.0261 4504  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:10:42.0277 4504  NetBT - ok
18:10:42.0293 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
18:10:42.0300 4504  Netlogon - ok
18:10:42.0347 4504  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
18:10:42.0379 4504  Netman - ok
18:10:42.0385 4504  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
18:10:42.0403 4504  netprofm - ok
18:10:42.0421 4504  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:10:42.0428 4504  NetTcpPortSharing - ok
18:10:42.0431 4504  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
18:10:42.0437 4504  nfrd960 - ok
18:10:42.0451 4504  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:10:42.0468 4504  NlaSvc - ok
18:10:42.0470 4504  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:10:42.0485 4504  Npfs - ok
18:10:42.0506 4504  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
18:10:42.0522 4504  nsi - ok
18:10:42.0524 4504  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:10:42.0539 4504  nsiproxy - ok
18:10:42.0577 4504  [ 5126C5402C730C2A953275D8497A4715 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:10:42.0618 4504  Ntfs - ok
18:10:42.0621 4504  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
18:10:42.0637 4504  Null - ok
18:10:42.0639 4504  [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
18:10:42.0646 4504  nvraid - ok
18:10:42.0649 4504  [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
18:10:42.0657 4504  nvstor - ok
18:10:42.0659 4504  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
18:10:42.0667 4504  nv_agp - ok
18:10:42.0669 4504  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:10:42.0676 4504  ohci1394 - ok
18:10:42.0693 4504  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:10:42.0709 4504  p2pimsvc - ok
18:10:42.0745 4504  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:10:42.0764 4504  p2psvc - ok
18:10:42.0767 4504  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
18:10:42.0775 4504  Parport - ok
18:10:42.0804 4504  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:10:42.0811 4504  partmgr - ok
18:10:42.0813 4504  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
18:10:42.0821 4504  Parvdm - ok
18:10:42.0824 4504  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:10:42.0834 4504  PcaSvc - ok
18:10:42.0837 4504  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
18:10:42.0844 4504  pci - ok
18:10:42.0866 4504  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
18:10:42.0872 4504  pciide - ok
18:10:42.0875 4504  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:10:42.0883 4504  pcmcia - ok
18:10:42.0886 4504  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
18:10:42.0892 4504  pcw - ok
18:10:42.0907 4504  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:10:42.0928 4504  PEAUTH - ok
18:10:42.0953 4504  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:10:42.0968 4504  PeerDistSvc - ok
18:10:42.0989 4504  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
18:10:43.0024 4504  pla - ok
18:10:43.0072 4504  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:10:43.0084 4504  PlugPlay - ok
18:10:43.0086 4504  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:10:43.0093 4504  PNRPAutoReg - ok
18:10:43.0096 4504  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:10:43.0104 4504  PNRPsvc - ok
18:10:43.0122 4504  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:10:43.0139 4504  PolicyAgent - ok
18:10:43.0146 4504  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
18:10:43.0161 4504  Power - ok
18:10:43.0173 4504  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:10:43.0188 4504  PptpMiniport - ok
18:10:43.0190 4504  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
18:10:43.0197 4504  Processor - ok
18:10:43.0219 4504  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
18:10:43.0238 4504  ProfSvc - ok
18:10:43.0240 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:10:43.0246 4504  ProtectedStorage - ok
18:10:43.0249 4504  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:10:43.0263 4504  Psched - ok
18:10:43.0291 4504  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
18:10:43.0320 4504  ql2300 - ok
18:10:43.0322 4504  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
18:10:43.0329 4504  ql40xx - ok
18:10:43.0340 4504  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
18:10:43.0351 4504  QWAVE - ok
18:10:43.0353 4504  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:10:43.0361 4504  QWAVEdrv - ok
18:10:43.0363 4504  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:10:43.0377 4504  RasAcd - ok
18:10:43.0392 4504  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:10:43.0408 4504  RasAgileVpn - ok
18:10:43.0416 4504  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
18:10:43.0433 4504  RasAuto - ok
18:10:43.0441 4504  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:10:43.0456 4504  Rasl2tp - ok
18:10:43.0465 4504  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
18:10:43.0482 4504  RasMan - ok
18:10:43.0491 4504  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:10:43.0506 4504  RasPppoe - ok
18:10:43.0516 4504  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:10:43.0531 4504  RasSstp - ok
18:10:43.0534 4504  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:10:43.0550 4504  rdbss - ok
18:10:43.0560 4504  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
18:10:43.0569 4504  rdpbus - ok
18:10:43.0571 4504  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:10:43.0585 4504  RDPCDD - ok
18:10:43.0598 4504  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:10:43.0610 4504  RDPDR - ok
18:10:43.0612 4504  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:10:43.0626 4504  RDPENCDD - ok
18:10:43.0628 4504  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:10:43.0642 4504  RDPREFMP - ok
18:10:43.0657 4504  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:10:43.0669 4504  RDPWD - ok
18:10:43.0687 4504  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:10:43.0696 4504  rdyboost - ok
18:10:43.0702 4504  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:10:43.0718 4504  RemoteAccess - ok
18:10:43.0724 4504  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:10:43.0741 4504  RemoteRegistry - ok
18:10:43.0760 4504  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:10:43.0776 4504  RpcEptMapper - ok
18:10:43.0785 4504  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
18:10:43.0793 4504  RpcLocator - ok
18:10:43.0804 4504  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
18:10:43.0821 4504  RpcSs - ok
18:10:43.0832 4504  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:10:43.0847 4504  rspndr - ok
18:10:43.0857 4504  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
18:10:43.0869 4504  s3cap - ok
18:10:43.0871 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
18:10:43.0878 4504  SamSs - ok
18:10:43.0880 4504  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
18:10:43.0887 4504  sbp2port - ok
18:10:43.0896 4504  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:10:43.0912 4504  SCardSvr - ok
18:10:43.0978 4504  [ 8475E746EB72D04F1015E6F091F50E09 ] SCBackService   C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
18:10:43.0995 4504  SCBackService - ok
18:10:43.0998 4504  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:10:44.0014 4504  scfilter - ok
18:10:44.0038 4504  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
18:10:44.0068 4504  Schedule - ok
18:10:44.0090 4504  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:10:44.0110 4504  SCPolicySvc - ok
18:10:44.0123 4504  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:10:44.0133 4504  SDRSVC - ok
18:10:44.0135 4504  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:10:44.0150 4504  secdrv - ok
18:10:44.0156 4504  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
18:10:44.0172 4504  seclogon - ok
18:10:44.0179 4504  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
18:10:44.0194 4504  SENS - ok
18:10:44.0205 4504  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:10:44.0217 4504  SensrSvc - ok
18:10:44.0236 4504  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:10:44.0244 4504  Serenum - ok
18:10:44.0253 4504  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:10:44.0261 4504  Serial - ok
18:10:44.0263 4504  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
18:10:44.0270 4504  sermouse - ok
18:10:44.0284 4504  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
18:10:44.0300 4504  SessionEnv - ok
18:10:44.0302 4504  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
18:10:44.0310 4504  sffdisk - ok
18:10:44.0312 4504  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:10:44.0320 4504  sffp_mmc - ok
18:10:44.0322 4504  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
18:10:44.0330 4504  sffp_sd - ok
18:10:44.0331 4504  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
18:10:44.0339 4504  sfloppy - ok
18:10:44.0348 4504  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:10:44.0365 4504  SharedAccess - ok
18:10:44.0373 4504  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:10:44.0384 4504  ShellHWDetection - ok
18:10:44.0396 4504  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
18:10:44.0403 4504  sisagp - ok
18:10:44.0411 4504  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:10:44.0417 4504  SiSRaid2 - ok
18:10:44.0430 4504  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
18:10:44.0438 4504  SiSRaid4 - ok
18:10:44.0463 4504  [ 94A221B95F4FB4FAAB6A56A683D6FDF3 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:10:44.0490 4504  SkypeUpdate - ok
18:10:44.0503 4504  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:10:44.0532 4504  Smb - ok
18:10:44.0541 4504  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:10:44.0549 4504  SNMPTRAP - ok
18:10:44.0556 4504  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:10:44.0563 4504  spldr - ok
18:10:44.0581 4504  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
18:10:44.0593 4504  Spooler - ok
18:10:44.0644 4504  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:10:44.0690 4504  sppsvc - ok
18:10:44.0707 4504  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:10:44.0723 4504  sppuinotify - ok
18:10:44.0776 4504  [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP           C:\Windows\System32\Drivers\N360\0604000.009\SRTSP.SYS
18:10:44.0787 4504  SRTSP - ok
18:10:44.0806 4504  [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX          C:\Windows\system32\drivers\N360\0604000.009\SRTSPX.SYS
18:10:44.0812 4504  SRTSPX - ok
18:10:44.0847 4504  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:10:44.0866 4504  srv - ok
18:10:44.0878 4504  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:10:44.0887 4504  srv2 - ok
18:10:44.0893 4504  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:10:44.0901 4504  srvnet - ok
18:10:44.0917 4504  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:10:44.0934 4504  SSDPSRV - ok
18:10:44.0936 4504  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:10:44.0952 4504  SstpSvc - ok
18:10:44.0998 4504  [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService      C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
18:10:45.0014 4504  SSUService - ok
18:10:45.0022 4504  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
18:10:45.0031 4504  stexstor - ok
18:10:45.0041 4504  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
18:10:45.0055 4504  StiSvc - ok
18:10:45.0076 4504  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
18:10:45.0084 4504  storflt - ok
18:10:45.0098 4504  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
18:10:45.0105 4504  storvsc - ok
18:10:45.0115 4504  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:10:45.0122 4504  swenum - ok
18:10:45.0134 4504  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
18:10:45.0151 4504  swprv - ok
18:10:45.0176 4504  [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS           C:\Windows\system32\drivers\N360\0604000.009\SYMDS.SYS
18:10:45.0185 4504  SymDS - ok
18:10:45.0208 4504  [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA          C:\Windows\system32\drivers\N360\0604000.009\SYMEFA.SYS
18:10:45.0223 4504  SymEFA - ok
18:10:45.0273 4504  [ 74E2521E96176A4449570E50BE91954D ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
18:10:45.0287 4504  SymEvent - ok
18:10:45.0306 4504  [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON         C:\Windows\system32\drivers\N360\0604000.009\Ironx86.SYS
18:10:45.0319 4504  SymIRON - ok
18:10:45.0324 4504  [ 3EE215D6FE821E3EDF0F7134D9AE905A ] SymNetS         C:\Windows\System32\Drivers\N360\0604000.009\SYMNETS.SYS
18:10:45.0347 4504  SymNetS - ok
18:10:45.0384 4504  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
18:10:45.0414 4504  SysMain - ok
18:10:45.0419 4504  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:10:45.0431 4504  TabletInputService - ok
18:10:45.0471 4504  [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
18:10:45.0514 4504  tap0901t - ok
18:10:45.0535 4504  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:10:45.0558 4504  TapiSrv - ok
18:10:45.0579 4504  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
18:10:45.0595 4504  TBS - ok
18:10:45.0621 4504  [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:10:45.0637 4504  Tcpip - ok
18:10:45.0671 4504  [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:10:45.0704 4504  TCPIP6 - ok
18:10:45.0717 4504  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:10:45.0733 4504  tcpipreg - ok
18:10:45.0736 4504  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:10:45.0761 4504  TDPIPE - ok
18:10:45.0797 4504  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:10:45.0812 4504  TDTCP - ok
18:10:45.0835 4504  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:10:45.0863 4504  tdx - ok
18:10:45.0866 4504  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:10:45.0878 4504  TermDD - ok
18:10:45.0892 4504  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
18:10:45.0911 4504  TermService - ok
18:10:45.0919 4504  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
18:10:45.0929 4504  Themes - ok
18:10:45.0941 4504  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
18:10:45.0956 4504  THREADORDER - ok
18:10:45.0975 4504  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
18:10:45.0991 4504  TrkWks - ok
18:10:46.0019 4504  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:10:46.0027 4504  TrustedInstaller - ok
18:10:46.0030 4504  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:10:46.0044 4504  tssecsrv - ok
18:10:46.0062 4504  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:10:46.0077 4504  tunnel - ok
18:10:46.0131 4504  [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService  C:\Program Files\Tunngle\TnglCtrl.exe
18:10:46.0143 4504  TunngleService - ok
18:10:46.0163 4504  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
18:10:46.0170 4504  uagp35 - ok
18:10:46.0181 4504  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:10:46.0198 4504  udfs - ok
18:10:46.0211 4504  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:10:46.0221 4504  UI0Detect - ok
18:10:46.0241 4504  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
18:10:46.0247 4504  uliagpkx - ok
18:10:46.0254 4504  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:10:46.0262 4504  umbus - ok
18:10:46.0263 4504  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
18:10:46.0271 4504  UmPass - ok
18:10:46.0292 4504  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:10:46.0301 4504  UmRdpService - ok
18:10:46.0351 4504  [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:10:46.0367 4504  UNS - ok
18:10:46.0378 4504  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
18:10:46.0400 4504  upnphost - ok
18:10:46.0405 4504  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:10:46.0413 4504  usbccgp - ok
18:10:46.0415 4504  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
18:10:46.0423 4504  usbcir - ok
18:10:46.0426 4504  [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:10:46.0433 4504  usbehci - ok
18:10:46.0456 4504  [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:10:46.0470 4504  usbhub - ok
18:10:46.0472 4504  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
18:10:46.0479 4504  usbohci - ok
18:10:46.0482 4504  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:10:46.0490 4504  usbprint - ok
18:10:46.0492 4504  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:10:46.0499 4504  USBSTOR - ok
18:10:46.0501 4504  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:10:46.0508 4504  usbuhci - ok
18:10:46.0513 4504  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
18:10:46.0528 4504  UxSms - ok
18:10:46.0545 4504  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
18:10:46.0551 4504  VaultSvc - ok
18:10:46.0563 4504  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
18:10:46.0569 4504  vdrvroot - ok
18:10:46.0582 4504  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
18:10:46.0593 4504  vds - ok
18:10:46.0606 4504  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:10:46.0614 4504  vga - ok
18:10:46.0616 4504  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:10:46.0630 4504  VgaSave - ok
18:10:46.0633 4504  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
18:10:46.0641 4504  vhdmp - ok
18:10:46.0663 4504  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
18:10:46.0669 4504  viaagp - ok
18:10:46.0671 4504  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
18:10:46.0678 4504  ViaC7 - ok
18:10:46.0724 4504  [ 0047FAA46D655FE2CB3191F4183A9010 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
18:10:46.0754 4504  VIAHdAudAddService - ok
18:10:46.0757 4504  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
18:10:46.0763 4504  viaide - ok
18:10:46.0802 4504  [ 65DE19339D794D652119973C28512031 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
18:10:46.0808 4504  VIAKaraokeService - ok
18:10:46.0846 4504  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
18:10:46.0863 4504  vmbus - ok
18:10:46.0870 4504  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
18:10:46.0878 4504  VMBusHID - ok
18:10:46.0890 4504  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
18:10:46.0898 4504  volmgr - ok
18:10:46.0909 4504  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:10:46.0918 4504  volmgrx - ok
18:10:46.0922 4504  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
18:10:46.0931 4504  volsnap - ok
18:10:46.0942 4504  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
18:10:46.0950 4504  vsmraid - ok
18:10:46.0967 4504  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
18:10:46.0983 4504  VSS - ok
18:10:47.0004 4504  [ C311C2A5C39B556CA30564134C9B808B ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
18:10:47.0015 4504  VUSB3HUB - ok
18:10:47.0017 4504  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:10:47.0025 4504  vwifibus - ok
18:10:47.0029 4504  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
18:10:47.0047 4504  W32Time - ok
18:10:47.0050 4504  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
18:10:47.0058 4504  WacomPen - ok
18:10:47.0060 4504  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:10:47.0075 4504  WANARP - ok
18:10:47.0077 4504  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:10:47.0091 4504  Wanarpv6 - ok
18:10:47.0110 4504  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
18:10:47.0137 4504  wbengine - ok
18:10:47.0142 4504  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:10:47.0152 4504  WbioSrvc - ok
18:10:47.0176 4504  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:10:47.0194 4504  wcncsvc - ok
18:10:47.0216 4504  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:10:47.0229 4504  WcsPlugInService - ok
18:10:47.0231 4504  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
18:10:47.0237 4504  Wd - ok
18:10:47.0252 4504  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:10:47.0269 4504  Wdf01000 - ok
18:10:47.0281 4504  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:10:47.0291 4504  WdiServiceHost - ok
18:10:47.0293 4504  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:10:47.0302 4504  WdiSystemHost - ok
18:10:47.0316 4504  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
18:10:47.0339 4504  WebClient - ok
18:10:47.0356 4504  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:10:47.0373 4504  Wecsvc - ok
18:10:47.0382 4504  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:10:47.0398 4504  wercplsupport - ok
18:10:47.0418 4504  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:10:47.0434 4504  WerSvc - ok
18:10:47.0436 4504  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:10:47.0451 4504  WfpLwf - ok
18:10:47.0453 4504  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:10:47.0460 4504  WIMMount - ok
18:10:47.0496 4504  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:10:47.0510 4504  WinDefend - ok
18:10:47.0512 4504  WinHttpAutoProxySvc - ok
18:10:47.0563 4504  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:10:47.0580 4504  Winmgmt - ok
18:10:47.0595 4504  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:10:47.0628 4504  WinRM - ok
18:10:47.0655 4504  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:10:47.0671 4504  Wlansvc - ok
18:10:47.0673 4504  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:10:47.0680 4504  WmiAcpi - ok
18:10:47.0701 4504  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:10:47.0709 4504  wmiApSrv - ok
18:10:47.0745 4504  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:10:47.0782 4504  WMPNetworkSvc - ok
18:10:47.0790 4504  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:10:47.0806 4504  WPCSvc - ok
18:10:47.0808 4504  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:10:47.0817 4504  WPDBusEnum - ok
18:10:47.0819 4504  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:10:47.0834 4504  ws2ifsl - ok
18:10:47.0857 4504  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\System32\wscsvc.dll
18:10:47.0866 4504  wscsvc - ok
18:10:47.0868 4504  WSearch - ok
18:10:47.0970 4504  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
18:10:48.0015 4504  wuauserv - ok
18:10:48.0019 4504  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:10:48.0034 4504  WudfPf - ok
18:10:48.0055 4504  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:10:48.0071 4504  wudfsvc - ok
18:10:48.0080 4504  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:10:48.0091 4504  WwanSvc - ok
18:10:48.0116 4504  [ 96653E5A68D2C648CB7070B6A7A2E7E5 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
18:10:48.0144 4504  xhcdrv - ok
18:10:48.0149 4504  ================ Scan global ===============================
18:10:48.0179 4504  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
18:10:48.0204 4504  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
18:10:48.0208 4504  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
18:10:48.0224 4504  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
18:10:48.0237 4504  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
18:10:48.0238 4504  [Global] - ok
18:10:48.0239 4504  ================ Scan MBR ==================================
18:10:48.0250 4504  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:10:48.0538 4504  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:10:48.0538 4504  \Device\Harddisk0\DR0 - detected TDSS File System (1)
18:10:48.0539 4504  ================ Scan VBR ==================================
18:10:48.0560 4504  [ 1E14D4D2AF15082DEC76A5212530E8BF ] \Device\Harddisk0\DR0\Partition1
18:10:48.0561 4504  \Device\Harddisk0\DR0\Partition1 - ok
18:10:48.0563 4504  [ 49CC011DCE1F238AFA26FB507B87FC4F ] \Device\Harddisk0\DR0\Partition2
18:10:48.0564 4504  \Device\Harddisk0\DR0\Partition2 - ok
18:10:48.0564 4504  ============================================================
18:10:48.0564 4504  Scan finished
18:10:48.0564 4504  ============================================================
18:10:48.0569 5016  Detected object count: 3
18:10:48.0569 5016  Actual detected object count: 3
18:11:15.0111 5016  ICCS ( UnsignedFile.Multi.Generic ) - skipped by user
18:11:15.0111 5016  ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:11:15.0112 5016  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
18:11:15.0112 5016  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:11:15.0113 5016  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:11:15.0113 5016  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

markusg · 07.11.2012, 19:42

scanne noch mal
diesmal entferne den fund
TDSS File System )
starte neu, scanne dann noch mal

Kulzhar · 08.11.2012, 22:41

Gut hier is der neue scan

Code:

ATTFilter

22:40:00.0164 3352  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
22:40:00.0242 3352  ============================================================
22:40:00.0242 3352  Current date / time: 2012/11/08 22:40:00.0242
22:40:00.0242 3352  SystemInfo:
22:40:00.0242 3352  
22:40:00.0242 3352  OS Version: 6.1.7600 ServicePack: 0.0
22:40:00.0242 3352  Product type: Workstation
22:40:00.0242 3352  ComputerName: ALEX-PC
22:40:00.0242 3352  UserName: Alex
22:40:00.0242 3352  Windows directory: C:\Windows
22:40:00.0242 3352  System windows directory: C:\Windows
22:40:00.0242 3352  Processor architecture: Intel x86
22:40:00.0242 3352  Number of processors: 4
22:40:00.0242 3352  Page size: 0x1000
22:40:00.0242 3352  Boot type: Normal boot
22:40:00.0242 3352  ============================================================
22:40:08.0759 3352  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:40:08.0775 3352  ============================================================
22:40:08.0775 3352  \Device\Harddisk0\DR0:
22:40:08.0775 3352  MBR partitions:
22:40:08.0775 3352  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:40:08.0775 3352  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746CCDB0
22:40:08.0775 3352  ============================================================
22:40:08.0868 3352  C: <-> \Device\Harddisk0\DR0\Partition2
22:40:08.0900 3352  D: <-> \Device\Harddisk0\DR0\Partition1
22:40:08.0900 3352  ============================================================
22:40:08.0900 3352  Initialize success
22:40:08.0900 3352  ============================================================
22:40:12.0784 4208  ============================================================
22:40:12.0784 4208  Scan started
22:40:12.0784 4208  Mode: Manual; SigCheck; TDLFS; 
22:40:12.0784 4208  ============================================================
22:40:14.0063 4208  ================ Scan system memory ========================
22:40:14.0063 4208  System memory - ok
22:40:14.0063 4208  ================ Scan services =============================
22:40:14.0734 4208  [ 6D2ACA41739BFE8CB86EE8E85F29697D ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
22:40:15.0202 4208  1394ohci - ok
22:40:15.0233 4208  [ F0E07D144C8685B8774BC32FC8DA4DF0 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
22:40:15.0233 4208  ACPI - ok
22:40:15.0264 4208  [ 98D81CA942D19F7D9153B095162AC013 ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
22:40:15.0296 4208  AcpiPmi - ok
22:40:15.0327 4208  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:40:15.0327 4208  adp94xx - ok
22:40:15.0342 4208  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:40:15.0358 4208  adpahci - ok
22:40:15.0358 4208  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:40:15.0374 4208  adpu320 - ok
22:40:15.0389 4208  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:40:15.0420 4208  AeLookupSvc - ok
22:40:15.0483 4208  [ 0DB7A48388D54D154EBEC120461A0FCD ] AFD             C:\Windows\system32\drivers\afd.sys
22:40:15.0530 4208  AFD - ok
22:40:15.0530 4208  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
22:40:15.0545 4208  agp440 - ok
22:40:15.0561 4208  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:40:15.0576 4208  aic78xx - ok
22:40:15.0608 4208  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
22:40:15.0639 4208  ALG - ok
22:40:15.0654 4208  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
22:40:15.0654 4208  aliide - ok
22:40:15.0717 4208  [ CDE41D99DB840FF9454FC981EBD0EC50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
22:40:15.0748 4208  AMD External Events Utility - ok
22:40:15.0764 4208  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\DRIVERS\amdagp.sys
22:40:15.0764 4208  amdagp - ok
22:40:15.0795 4208  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
22:40:15.0795 4208  amdide - ok
22:40:15.0810 4208  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:40:15.0810 4208  AmdK8 - ok
22:40:15.0935 4208  [ FFD082F1F1D4FF5C87F66DF62486BCFA ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
22:40:16.0076 4208  amdkmdag - ok
22:40:16.0107 4208  [ C541DA5B72FA638469E8DC1E66079330 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
22:40:16.0138 4208  amdkmdap - ok
22:40:16.0169 4208  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:40:16.0232 4208  AmdPPM - ok
22:40:16.0481 4208  [ 2101A86C25C154F8314B24EF49D7FBC2 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
22:40:16.0497 4208  amdsata - ok
22:40:16.0497 4208  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:40:16.0512 4208  amdsbs - ok
22:40:16.0512 4208  [ B81C2B5616F6420A9941EA093A92B150 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
22:40:16.0512 4208  amdxata - ok
22:40:16.0528 4208  [ FEB834C02CE1E84B6A38F953CA067706 ] AppID           C:\Windows\system32\drivers\appid.sys
22:40:16.0544 4208  AppID - ok
22:40:16.0575 4208  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:40:16.0622 4208  AppIDSvc - ok
22:40:16.0637 4208  [ 7DEAD9E3F65DCB2794F2711003BBF650 ] Appinfo         C:\Windows\System32\appinfo.dll
22:40:16.0653 4208  Appinfo - ok
22:40:16.0715 4208  [ F5F0F78286A849BC0E45E0E99065B04F ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys
22:40:16.0715 4208  AppleCharger - ok
22:40:16.0809 4208  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe
22:40:16.0809 4208  AppleChargerSrv - ok
22:40:16.0871 4208  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:40:16.0918 4208  AppMgmt - ok
22:40:16.0949 4208  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:40:16.0949 4208  arc - ok
22:40:16.0965 4208  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:40:16.0965 4208  arcsas - ok
22:40:17.0027 4208  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:40:17.0043 4208  AsyncMac - ok
22:40:17.0058 4208  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
22:40:17.0074 4208  atapi - ok
22:40:17.0152 4208  [ 4D201D8B576BE4473405B2A86A2D28B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
22:40:17.0152 4208  AtiHDAudioService - ok
22:40:17.0214 4208  [ 510C873BFA135AA829F4180352772734 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:40:17.0246 4208  AudioEndpointBuilder - ok
22:40:17.0246 4208  [ 510C873BFA135AA829F4180352772734 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:40:17.0261 4208  Audiosrv - ok
22:40:17.0324 4208  [ DD6A431B43E34B91A767D1CE33728175 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:40:17.0355 4208  AxInstSV - ok
22:40:17.0370 4208  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:40:17.0386 4208  b06bdrv - ok
22:40:17.0417 4208  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:40:17.0417 4208  b57nd60x - ok
22:40:17.0480 4208  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:40:17.0495 4208  BDESVC - ok
22:40:17.0495 4208  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:40:17.0526 4208  Beep - ok
22:40:17.0558 4208  [ 85AC71C045CEB054ED48A7841AAE0C11 ] BFE             C:\Windows\System32\bfe.dll
22:40:17.0604 4208  BFE - ok
22:40:18.0353 4208  [ 684B12018A54ADC1F856372EC5762B48 ] BHDrvx86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20121030.002\BHDrvx86.sys
22:40:18.0369 4208  BHDrvx86 - ok
22:40:18.0400 4208  [ 53F476476F55A27F580661BDE09C4EC4 ] BITS            C:\Windows\System32\qmgr.dll
22:40:18.0416 4208  BITS - ok
22:40:18.0447 4208  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:40:18.0462 4208  blbdrive - ok
22:40:18.0478 4208  [ 9A5C671B7FBAE4865149BB11F59B91B2 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:40:18.0509 4208  bowser - ok
22:40:18.0509 4208  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:40:18.0540 4208  BrFiltLo - ok
22:40:18.0540 4208  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:40:18.0556 4208  BrFiltUp - ok
22:40:18.0618 4208  [ A0E691DC6589D4D2CBE373171D1A49E5 ] Browser         C:\Windows\System32\browser.dll
22:40:18.0650 4208  Browser - ok
22:40:18.0681 4208  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:40:18.0712 4208  Brserid - ok
22:40:18.0728 4208  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:40:18.0790 4208  BrSerWdm - ok
22:40:18.0821 4208  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:40:18.0837 4208  BrUsbMdm - ok
22:40:18.0837 4208  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:40:18.0852 4208  BrUsbSer - ok
22:40:18.0868 4208  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:40:18.0884 4208  BTHMODEM - ok
22:40:18.0915 4208  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
22:40:18.0946 4208  bthserv - ok
22:40:19.0040 4208  [ ACE85AF1C31F68BDFEE9333F6592917E ] ccSet_N360      C:\Windows\system32\drivers\N360\0604000.009\ccSetx86.sys
22:40:19.0055 4208  ccSet_N360 - ok
22:40:19.0086 4208  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:40:19.0118 4208  cdfs - ok
22:40:19.0133 4208  [ BA6E70AA0E6091BC39DE29477D866A77 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:40:19.0149 4208  cdrom - ok
22:40:19.0180 4208  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:40:19.0211 4208  CertPropSvc - ok
22:40:19.0227 4208  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:40:19.0242 4208  circlass - ok
22:40:19.0242 4208  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
22:40:19.0258 4208  CLFS - ok
22:40:19.0414 4208  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:40:19.0430 4208  clr_optimization_v2.0.50727_32 - ok
22:40:19.0679 4208  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:40:19.0695 4208  clr_optimization_v4.0.30319_32 - ok
22:40:19.0710 4208  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:40:19.0710 4208  CmBatt - ok
22:40:19.0726 4208  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
22:40:19.0726 4208  cmdide - ok
22:40:19.0742 4208  [ DB5E008B3744DD60C8498CBBF2A1CFA6 ] CNG             C:\Windows\system32\Drivers\cng.sys
22:40:19.0773 4208  CNG - ok
22:40:19.0788 4208  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:40:19.0788 4208  Compbatt - ok
22:40:19.0820 4208  [ F1724BA27E97D627F808FB0BA77A28A6 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
22:40:19.0835 4208  CompositeBus - ok
22:40:19.0851 4208  COMSysApp - ok
22:40:19.0898 4208  [ FDAFC5748C2509F96D0F7694408D9B95 ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
22:40:19.0913 4208  cphs - ok
22:40:19.0913 4208  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:40:19.0929 4208  crcdisk - ok
22:40:19.0960 4208  [ F2FDE6C8DBAAD44CC58D1E07E4AF4EED ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:40:19.0991 4208  CryptSvc - ok
22:40:20.0022 4208  [ 27C9490BDD0AE48911AB8CF1932591ED ] CSC             C:\Windows\system32\drivers\csc.sys
22:40:20.0038 4208  CSC - ok
22:40:20.0069 4208  [ 56FB5F222EA30D3D3FC459879772CB73 ] CscService      C:\Windows\System32\cscsvc.dll
22:40:20.0085 4208  CscService - ok
22:40:20.0116 4208  [ B82CD39E336973359D7C9BF911E8E84F ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:40:20.0132 4208  DcomLaunch - ok
22:40:20.0147 4208  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:40:20.0163 4208  defragsvc - ok
22:40:20.0194 4208  [ 83D1ECEA8FAAE75604C0FA49AC7AD996 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:40:20.0241 4208  DfsC - ok
22:40:20.0256 4208  [ C56495FBD770712367CAD35E5DE72DA6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:40:20.0288 4208  Dhcp - ok
22:40:20.0288 4208  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
22:40:20.0319 4208  discache - ok
22:40:20.0334 4208  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:40:20.0350 4208  Disk - ok
22:40:20.0366 4208  [ B15BE77A2BACF9C3177D27518AFE26A9 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:40:20.0381 4208  Dnscache - ok
22:40:20.0397 4208  [ 4408C85C21EEA48EB0CE486BAEEF0502 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:40:20.0428 4208  dot3svc - ok
22:40:20.0428 4208  [ 7FA81C6E11CAA594ADB52084DA73A1E5 ] DPS             C:\Windows\system32\dps.dll
22:40:20.0444 4208  DPS - ok
22:40:20.0459 4208  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:40:20.0475 4208  drmkaud - ok
22:40:20.0522 4208  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:40:20.0537 4208  dtsoftbus01 - ok
22:40:20.0568 4208  [ 1679A4669326CB1A67CC95658D273234 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:40:20.0584 4208  DXGKrnl - ok
22:40:20.0600 4208  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
22:40:20.0631 4208  EapHost - ok
22:40:20.0678 4208  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:40:20.0740 4208  ebdrv - ok
22:40:20.0896 4208  [ 85B8B4032A895A746D46A288A9B30DED ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:40:20.0912 4208  eeCtrl - ok
22:40:20.0943 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] EFS             C:\Windows\System32\lsass.exe
22:40:20.0958 4208  EFS - ok
22:40:21.0114 4208  [ 1697C39978CD69F6FBC15302EDCECE1F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:40:21.0146 4208  ehRecvr - ok
22:40:21.0177 4208  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
22:40:21.0208 4208  ehSched - ok
22:40:21.0239 4208  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:40:21.0255 4208  elxstor - ok
22:40:21.0286 4208  [ B5A8A04A6E5B4E86B95B1553AA918F5F ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:40:21.0286 4208  EraserUtilRebootDrv - ok
22:40:21.0302 4208  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
22:40:21.0317 4208  ErrDev - ok
22:40:21.0333 4208  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
22:40:21.0364 4208  EventSystem - ok
22:40:21.0380 4208  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
22:40:21.0395 4208  exfat - ok
22:40:21.0411 4208  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:40:21.0426 4208  fastfat - ok
22:40:21.0442 4208  [ F7EA23CC5E6BF2181F3F399D54F6EFC1 ] Fax             C:\Windows\system32\fxssvc.exe
22:40:21.0473 4208  Fax - ok
22:40:21.0473 4208  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:40:21.0489 4208  fdc - ok
22:40:21.0489 4208  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
22:40:21.0504 4208  fdPHost - ok
22:40:21.0504 4208  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
22:40:21.0520 4208  FDResPub - ok
22:40:21.0536 4208  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:40:21.0551 4208  FileInfo - ok
22:40:21.0551 4208  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:40:21.0567 4208  Filetrace - ok
22:40:21.0567 4208  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:40:21.0598 4208  flpydisk - ok
22:40:21.0598 4208  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:40:21.0598 4208  FltMgr - ok
22:40:21.0645 4208  [ 151258FC2EC8C48BDF8A53350AE0A676 ] FontCache       C:\Windows\system32\FntCache.dll
22:40:21.0676 4208  FontCache - ok
22:40:21.0723 4208  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:40:21.0738 4208  FontCache3.0.0.0 - ok
22:40:21.0738 4208  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:40:21.0738 4208  FsDepends - ok
22:40:21.0770 4208  [ 500A9814FD9446A8126858A5A7F7D273 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:40:21.0770 4208  Fs_Rec - ok
22:40:21.0832 4208  [ DAFBD9FE39197495AED6D51F3B85B5D2 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:40:21.0832 4208  fvevol - ok
22:40:21.0863 4208  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:40:21.0863 4208  gagp30kx - ok
22:40:21.0894 4208  [ D556CB79967E92B5CC69686D16C1D846 ] gdrv            C:\Windows\gdrv.sys
22:40:21.0894 4208  gdrv - ok
22:40:21.0910 4208  [ 8BA3C04702BF8F927AB36AE8313CA4EE ] gpsvc           C:\Windows\System32\gpsvc.dll
22:40:21.0941 4208  gpsvc - ok
22:40:21.0988 4208  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:40:21.0988 4208  gupdate - ok
22:40:21.0988 4208  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:40:21.0988 4208  gupdatem - ok
22:40:22.0019 4208  [ 689A8EEF2A2D62B28A0A578A6196531C ] GVTDrv          C:\Windows\system32\Drivers\GVTDrv.sys
22:40:22.0019 4208  GVTDrv - ok
22:40:22.0035 4208  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:40:22.0050 4208  hcw85cir - ok
22:40:22.0066 4208  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:40:22.0082 4208  HdAudAddService - ok
22:40:22.0097 4208  [ 717A2207FD6F13AD3E664C7D5A43C7BF ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:40:22.0113 4208  HDAudBus - ok
22:40:22.0113 4208  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:40:22.0128 4208  HidBatt - ok
22:40:22.0144 4208  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:40:22.0144 4208  HidBth - ok
22:40:22.0160 4208  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:40:22.0175 4208  HidIr - ok
22:40:22.0175 4208  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
22:40:22.0191 4208  hidserv - ok
22:40:22.0206 4208  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:40:22.0222 4208  HidUsb - ok
22:40:22.0222 4208  [ 741C2A45CA8407E374AABA3E330B7872 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:40:22.0238 4208  hkmsvc - ok
22:40:22.0253 4208  [ A768CA158BB06782A2835B907F4873C3 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:40:22.0269 4208  HomeGroupListener - ok
22:40:22.0300 4208  [ FB08DEC5EF43D0C66D83B8E9694E7549 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:40:22.0316 4208  HomeGroupProvider - ok
22:40:22.0331 4208  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
22:40:22.0347 4208  HpSAMD - ok
22:40:22.0378 4208  [ C531C7FD9E8B62021112787C4E2C5A5A ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:40:22.0394 4208  HTTP - ok
22:40:22.0394 4208  [ 8305F33CDE89AD6C7A0763ED0B5A8D42 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:40:22.0409 4208  hwpolicy - ok
22:40:22.0425 4208  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:40:22.0425 4208  i8042prt - ok
22:40:22.0456 4208  [ E64665E2A6CAEB52C8AE6E5EB6F3FD7C ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
22:40:22.0456 4208  iaStor - ok
22:40:22.0534 4208  [ 7D4B9A48430ED57ACA6373B71D5904CA ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:40:22.0534 4208  IAStorDataMgrSvc - ok
22:40:22.0550 4208  [ 934AF4D7C5F457B9F0743F4299B77B67 ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
22:40:22.0565 4208  iaStorV - ok
22:40:22.0596 4208  [ 33D4D4A24791587E83F7EE05A446FB7E ] ICCS            C:\Program Files\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
22:40:22.0596 4208  ICCS ( UnsignedFile.Multi.Generic ) - warning
22:40:22.0596 4208  ICCS - detected UnsignedFile.Multi.Generic (1)
22:40:22.0674 4208  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:40:22.0674 4208  IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:40:22.0674 4208  IDriverT - detected UnsignedFile.Multi.Generic (1)
22:40:22.0737 4208  [ 5AF815EB5BC9802E5A064E2BA62BFC0C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:40:22.0752 4208  idsvc - ok
22:40:22.0830 4208  [ 404FB2AAF532BC7BBACC8880BE401C74 ] IDSVix86        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20121106.001\IDSvix86.sys
22:40:22.0830 4208  IDSVix86 - ok
22:40:23.0064 4208  [ DEFCCA620FF9EC4E9E2E1619263821A7 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:40:23.0252 4208  igfx - ok
22:40:23.0267 4208  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:40:23.0283 4208  iirsp - ok
22:40:23.0298 4208  [ FAC0EE6562B121B1399D6E855583F7A5 ] IKEEXT          C:\Windows\System32\ikeext.dll
22:40:23.0314 4208  IKEEXT - ok
22:40:23.0361 4208  [ 7081EFE4EBF9CBBFF4EB5A3AC478DDC5 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:40:23.0408 4208  IntcDAud - ok
22:40:23.0532 4208  [ 28B3162EC8D01114313D7F447D8E157E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:40:23.0548 4208  Intel(R) Capability Licensing Service Interface - ok
22:40:23.0579 4208  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
22:40:23.0595 4208  intelide - ok
22:40:23.0626 4208  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:40:23.0642 4208  intelppm - ok
22:40:23.0657 4208  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:40:23.0688 4208  IPBusEnum - ok
22:40:23.0688 4208  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:40:23.0704 4208  IpFilterDriver - ok
22:40:23.0985 4208  [ 477397B432A256A50EE7E4339EB9EA14 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:40:24.0032 4208  iphlpsvc - ok
22:40:24.0047 4208  [ E4454B6C37D7FFD5649611F6496308A7 ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:40:24.0047 4208  IPMIDRV - ok
22:40:24.0063 4208  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:40:24.0141 4208  IPNAT - ok
22:40:24.0141 4208  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:40:24.0156 4208  IRENUM - ok
22:40:24.0203 4208  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
22:40:24.0203 4208  isapnp - ok
22:40:24.0250 4208  [ ED46C223AE46C6866AB77CDC41C404B7 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
22:40:24.0250 4208  iScsiPrt - ok
22:40:24.0281 4208  [ DF93E36D3DABDD53A6394806AD1B9807 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
22:40:24.0297 4208  iusb3hcs - ok
22:40:24.0344 4208  [ 725D1248F64D56E61453F4FCDFA6A0B6 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
22:40:24.0359 4208  iusb3hub - ok
22:40:24.0562 4208  [ 5C0C8D16027229BD7FC9465124BFEC9D ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
22:40:24.0578 4208  iusb3xhc - ok
22:40:24.0624 4208  [ 166FC0B36842135BC2D3C32DF70ED0D6 ] jhi_service     C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:40:24.0640 4208  jhi_service - ok
22:40:24.0671 4208  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:40:24.0687 4208  kbdclass - ok
22:40:24.0718 4208  [ 3D9F0EBF350EDCFD6498057301455964 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:40:24.0749 4208  kbdhid - ok
22:40:24.0780 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] KeyIso          C:\Windows\system32\lsass.exe
22:40:24.0796 4208  KeyIso - ok
22:40:24.0843 4208  [ 52FC17C8589F11747D01D3CF592673D0 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:40:24.0843 4208  KSecDD - ok
22:40:24.0890 4208  [ 3E5474B03568CFAB834DA3C38E8C9EFA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:40:24.0921 4208  KSecPkg - ok
22:40:25.0030 4208  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:40:25.0061 4208  KtmRm - ok
22:40:25.0124 4208  [ 25046613DFA30A7361996F15901CA0DE ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
22:40:25.0139 4208  L1C - ok
22:40:25.0248 4208  [ 8F6BF790D3168224C16F2AF68A84438C ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:40:25.0264 4208  LanmanServer - ok
22:40:25.0295 4208  [ B9891F885DCF1F0513A51CB58493CB1F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:40:25.0311 4208  LanmanWorkstation - ok
22:40:25.0611 4208  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:40:25.0643 4208  lltdio - ok
22:40:25.0802 4208  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:40:25.0836 4208  lltdsvc - ok
22:40:25.0848 4208  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:40:25.0863 4208  lmhosts - ok
22:40:26.0383 4208  [ C56E64BA70DC822B84D100A6F8D690D3 ] LMS             C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:40:26.0456 4208  LMS - ok
22:40:26.0553 4208  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:40:26.0562 4208  LSI_FC - ok
22:40:26.0771 4208  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:40:26.0779 4208  LSI_SAS - ok
22:40:26.0803 4208  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:40:26.0810 4208  LSI_SAS2 - ok
22:40:26.0939 4208  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:40:26.0946 4208  LSI_SCSI - ok
22:40:27.0057 4208  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
22:40:27.0100 4208  luafv - ok
22:40:27.0206 4208  [ E2B0887816ED336685954E3D8FDAA51D ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:40:27.0218 4208  Mcx2Svc - ok
22:40:27.0307 4208  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:40:27.0319 4208  megasas - ok
22:40:27.0391 4208  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:40:27.0406 4208  MegaSR - ok
22:40:27.0566 4208  [ 240D715CFE4FB8F4CDA76F6863E62334 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
22:40:27.0708 4208  MEI - ok
22:40:27.0726 4208  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
22:40:27.0742 4208  MMCSS - ok
22:40:27.0745 4208  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
22:40:27.0778 4208  Modem - ok
22:40:27.0802 4208  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:40:27.0811 4208  monitor - ok
22:40:27.0852 4208  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:40:27.0859 4208  mouclass - ok
22:40:27.0869 4208  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:40:27.0884 4208  mouhid - ok
22:40:27.0893 4208  [ 921C18727C5920D6C0300736646931C2 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:40:27.0900 4208  mountmgr - ok
22:40:27.0909 4208  [ 2AF5997438C55FB79D33D015C30E1974 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
22:40:27.0920 4208  mpio - ok
22:40:27.0924 4208  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:40:27.0945 4208  mpsdrv - ok
22:40:27.0990 4208  [ 5CD996CECF45CBC3E8D109C86B82D69E ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:40:28.0026 4208  MpsSvc - ok
22:40:28.0036 4208  [ B1BE47008D20E43DA3ADC37C24CDB89D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:40:28.0046 4208  MRxDAV - ok
22:40:28.0073 4208  [ CA7570E42522E24324A12161DB14EC02 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:40:28.0144 4208  mrxsmb - ok
22:40:28.0150 4208  [ F965C3AB2B2AE5C378F4562486E35051 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:40:28.0170 4208  mrxsmb10 - ok
22:40:28.0172 4208  [ 25C38264A3C72594DD21D355D70D7A5D ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:40:28.0180 4208  mrxsmb20 - ok
22:40:28.0205 4208  [ 4326D168944123F38DD3B2D9C37A0B12 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
22:40:28.0212 4208  msahci - ok
22:40:28.0222 4208  [ 455029C7174A2DBB03DBA8A0D8BDDD9A ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
22:40:28.0229 4208  msdsm - ok
22:40:28.0240 4208  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
22:40:28.0255 4208  MSDTC - ok
22:40:28.0264 4208  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:40:28.0279 4208  Msfs - ok
22:40:28.0281 4208  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:40:28.0295 4208  mshidkmdf - ok
22:40:28.0297 4208  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
22:40:28.0303 4208  msisadrv - ok
22:40:28.0326 4208  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:40:28.0343 4208  MSiSCSI - ok
22:40:28.0344 4208  msiserver - ok
22:40:28.0360 4208  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:40:28.0386 4208  MSKSSRV - ok
22:40:28.0401 4208  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:40:28.0451 4208  MSPCLOCK - ok
22:40:28.0460 4208  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:40:28.0506 4208  MSPQM - ok
22:40:28.0509 4208  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:40:28.0516 4208  MsRPC - ok
22:40:28.0519 4208  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
22:40:28.0525 4208  mssmbios - ok
22:40:28.0526 4208  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:40:28.0541 4208  MSTEE - ok
22:40:28.0543 4208  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:40:28.0576 4208  MTConfig - ok
22:40:28.0578 4208  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:40:28.0587 4208  Mup - ok
22:40:28.0641 4208  [ 9A3946B3FEE94197EE1925D5D3AA0E5C ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
22:40:28.0649 4208  mvs91xx - ok
22:40:28.0951 4208  [ F2840DBFE9322F35557219AE82CC4597 ] N360            C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe
22:40:28.0965 4208  N360 - ok
22:40:28.0989 4208  [ 80284F1985C70C86F0B5F86DA2DFE1DF ] napagent        C:\Windows\system32\qagentRT.dll
22:40:29.0011 4208  napagent - ok
22:40:29.0036 4208  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:40:29.0054 4208  NativeWifiP - ok
22:40:29.0121 4208  [ 8E4C77AD9BB279900C00F870CC0C674B ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121106.032\NAVENG.SYS
22:40:29.0128 4208  NAVENG - ok
22:40:29.0162 4208  [ 826F699B69E88A3920C70F344DD42D88 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20121106.032\NAVEX15.SYS
22:40:29.0193 4208  NAVEX15 - ok
22:40:29.0218 4208  [ 23759D175A0A9BAAF04D05047BC135A8 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:40:29.0231 4208  NDIS - ok
22:40:29.0244 4208  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:40:29.0276 4208  NdisCap - ok
22:40:29.0281 4208  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:40:29.0301 4208  NdisTapi - ok
22:40:29.0315 4208  [ B30AE7F2B6D7E343B0DF32E6C08FCE75 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:40:29.0330 4208  Ndisuio - ok
22:40:29.0332 4208  [ 267C415EADCBE53C9CA873DEE39CF3A4 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:40:29.0347 4208  NdisWan - ok
22:40:29.0355 4208  [ AF7E7C63DCEF3F8772726F86039D6EB4 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:40:29.0371 4208  NDProxy - ok
22:40:29.0385 4208  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:40:29.0400 4208  NetBIOS - ok
22:40:29.0403 4208  [ DD52A733BF4CA5AF84562A5E2F963B91 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:40:29.0418 4208  NetBT - ok
22:40:29.0430 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] Netlogon        C:\Windows\system32\lsass.exe
22:40:29.0437 4208  Netlogon - ok
22:40:29.0488 4208  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
22:40:29.0523 4208  Netman - ok
22:40:29.0550 4208  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
22:40:29.0575 4208  netprofm - ok
22:40:29.0620 4208  [ FE2AA5A684B0DD9B1FAE57B7817C198B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:40:29.0629 4208  NetTcpPortSharing - ok
22:40:29.0660 4208  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:40:29.0671 4208  nfrd960 - ok
22:40:29.0693 4208  [ 2226496E34BD40734946A054B1CD657F ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:40:29.0710 4208  NlaSvc - ok
22:40:29.0712 4208  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:40:29.0726 4208  Npfs - ok
22:40:29.0847 4208  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
22:40:29.0862 4208  nsi - ok
22:40:29.0865 4208  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:40:29.0918 4208  nsiproxy - ok
22:40:30.0278 4208  [ 5126C5402C730C2A953275D8497A4715 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:40:30.0447 4208  Ntfs - ok
22:40:30.0576 4208  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
22:40:30.0656 4208  Null - ok
22:40:30.0736 4208  [ 3F3D04B1D08D43C16EA7963954EC768D ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
22:40:30.0744 4208  nvraid - ok
22:40:30.0807 4208  [ C99F251A5DE63C6F129CF71933ACED0F ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
22:40:30.0815 4208  nvstor - ok
22:40:30.0844 4208  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
22:40:30.0851 4208  nv_agp - ok
22:40:30.0923 4208  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
22:40:30.0933 4208  ohci1394 - ok
22:40:30.0984 4208  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:40:31.0029 4208  p2pimsvc - ok
22:40:31.0138 4208  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:40:31.0171 4208  p2psvc - ok
22:40:31.0184 4208  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:40:31.0205 4208  Parport - ok
22:40:31.0273 4208  [ 66D3415C159741ADE7038A277EFFF99F ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:40:31.0279 4208  partmgr - ok
22:40:31.0281 4208  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:40:31.0289 4208  Parvdm - ok
22:40:31.0292 4208  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:40:31.0356 4208  PcaSvc - ok
22:40:31.0399 4208  [ C858CB77C577780ECC456A892E7E7D0F ] pci             C:\Windows\system32\DRIVERS\pci.sys
22:40:31.0406 4208  pci - ok
22:40:31.0443 4208  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
22:40:31.0460 4208  pciide - ok
22:40:31.0472 4208  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:40:31.0481 4208  pcmcia - ok
22:40:31.0484 4208  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
22:40:31.0490 4208  pcw - ok
22:40:31.0498 4208  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:40:31.0519 4208  PEAUTH - ok
22:40:31.0555 4208  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:40:31.0587 4208  PeerDistSvc - ok
22:40:31.0608 4208  [ 9C1BFF7910C89A1D12E57343475840CB ] pla             C:\Windows\system32\pla.dll
22:40:31.0643 4208  pla - ok
22:40:31.0691 4208  [ 71DEF5EC79774C798342D0EA16E41780 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:40:31.0711 4208  PlugPlay - ok
22:40:31.0727 4208  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:40:31.0741 4208  PNRPAutoReg - ok
22:40:31.0759 4208  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:40:31.0768 4208  PNRPsvc - ok
22:40:31.0818 4208  [ 48E1B75C6DC0232FD92BAAE4BD344721 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:40:31.0837 4208  PolicyAgent - ok
22:40:31.0865 4208  [ DBFF83F709A91049621C1D35DD45C92C ] Power           C:\Windows\system32\umpo.dll
22:40:31.0880 4208  Power - ok
22:40:31.0976 4208  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:40:31.0997 4208  PptpMiniport - ok
22:40:31.0999 4208  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:40:32.0023 4208  Processor - ok
22:40:32.0046 4208  [ AEA3BDBDBA667AA6F678CB38907E4F5E ] ProfSvc         C:\Windows\system32\profsvc.dll
22:40:32.0082 4208  ProfSvc - ok
22:40:32.0100 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:40:32.0108 4208  ProtectedStorage - ok
22:40:32.0174 4208  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:40:32.0189 4208  Psched - ok
22:40:32.0401 4208  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:40:32.0430 4208  ql2300 - ok
22:40:32.0445 4208  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:32.0453 4208  ql40xx - ok
22:40:32.0526 4208  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
22:40:32.0548 4208  QWAVE - ok
22:40:32.0551 4208  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:40:32.0559 4208  QWAVEdrv - ok
22:40:32.0561 4208  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:40:32.0617 4208  RasAcd - ok
22:40:32.0636 4208  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:32.0736 4208  RasAgileVpn - ok
22:40:32.0785 4208  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
22:40:32.0801 4208  RasAuto - ok
22:40:32.0849 4208  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:32.0880 4208  Rasl2tp - ok
22:40:32.0911 4208  [ 0CE66EC736B7FC526D78F7624C7D2A94 ] RasMan          C:\Windows\System32\rasmans.dll
22:40:32.0929 4208  RasMan - ok
22:40:32.0953 4208  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:32.0991 4208  RasPppoe - ok
22:40:33.0036 4208  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:40:33.0051 4208  RasSstp - ok
22:40:33.0054 4208  [ 835D7E81BF517A3B72384BDCC85E1CE6 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:40:33.0073 4208  rdbss - ok
22:40:33.0097 4208  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:33.0119 4208  rdpbus - ok
22:40:33.0123 4208  [ 1E016846895B15A99F9A176A05029075 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:33.0136 4208  RDPCDD - ok
22:40:33.0185 4208  [ C5FF95883FFEF704D50C40D21CFB3AB5 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:40:33.0222 4208  RDPDR - ok
22:40:33.0266 4208  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:40:33.0281 4208  RDPENCDD - ok
22:40:33.0283 4208  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:40:33.0298 4208  RDPREFMP - ok
22:40:33.0360 4208  [ C5B8D47A4688DE9D335204EA757C2240 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:40:33.0486 4208  RDPWD - ok
22:40:33.0521 4208  [ 4EA225BF1CF05E158853F30A99CA29A7 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:40:33.0529 4208  rdyboost - ok
22:40:33.0560 4208  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:40:33.0646 4208  RemoteAccess - ok
22:40:33.0733 4208  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:40:33.0753 4208  RemoteRegistry - ok
22:40:33.0769 4208  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:40:33.0820 4208  RpcEptMapper - ok
22:40:33.0853 4208  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
22:40:33.0866 4208  RpcLocator - ok
22:40:33.0881 4208  [ B82CD39E336973359D7C9BF911E8E84F ] RpcSs           C:\Windows\system32\rpcss.dll
22:40:33.0899 4208  RpcSs - ok
22:40:33.0939 4208  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:40:34.0062 4208  rspndr - ok
22:40:34.0182 4208  [ 5423D8437051E89DD34749F242C98648 ] s3cap           C:\Windows\system32\DRIVERS\vms3cap.sys
22:40:34.0203 4208  s3cap - ok
22:40:34.0373 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] SamSs           C:\Windows\system32\lsass.exe
22:40:34.0381 4208  SamSs - ok
22:40:34.0515 4208  [ 34EE0C44B724E3E4CE2EFF29126DE5B5 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
22:40:34.0523 4208  sbp2port - ok
22:40:34.0592 4208  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:40:34.0623 4208  SCardSvr - ok
22:40:35.0019 4208  [ 8475E746EB72D04F1015E6F091F50E09 ] SCBackService   C:\Program Files\Splashtop\Splashtop Connect\BackService.exe
22:40:35.0031 4208  SCBackService - ok
22:40:35.0081 4208  [ A95C54B2AC3CC9C73FCDF9E51A1D6B51 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:40:35.0176 4208  scfilter - ok
22:40:35.0304 4208  [ DF1E5C82E4D09CF8105CC644980C4803 ] Schedule        C:\Windows\system32\schedsvc.dll
22:40:35.0386 4208  Schedule - ok
22:40:35.0481 4208  [ 628A9E30EC5E18DD5DE6BE4DBDC12198 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:40:35.0496 4208  SCPolicySvc - ok
22:40:35.0681 4208  [ 5FD90ABDBFAEE85986802622CBB03446 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:40:35.0730 4208  SDRSVC - ok
22:40:35.0757 4208  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:40:35.0808 4208  secdrv - ok
22:40:35.0831 4208  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
22:40:35.0953 4208  seclogon - ok
22:40:35.0987 4208  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
22:40:36.0030 4208  SENS - ok
22:40:36.0054 4208  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:40:36.0092 4208  SensrSvc - ok
22:40:36.0127 4208  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:40:36.0134 4208  Serenum - ok
22:40:36.0161 4208  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:40:36.0189 4208  Serial - ok
22:40:36.0217 4208  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:40:36.0266 4208  sermouse - ok
22:40:36.0342 4208  [ 8F55CE568C543D5ADF45C409D16718FC ] SessionEnv      C:\Windows\system32\sessenv.dll
22:40:36.0368 4208  SessionEnv - ok
22:40:36.0372 4208  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
22:40:36.0396 4208  sffdisk - ok
22:40:36.0398 4208  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
22:40:36.0424 4208  sffp_mmc - ok
22:40:36.0427 4208  [ 4F1E5B0FE7C8050668DBFADE8999AEFB ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
22:40:36.0450 4208  sffp_sd - ok
22:40:36.0483 4208  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:36.0491 4208  sfloppy - ok
22:40:36.0535 4208  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:40:36.0557 4208  SharedAccess - ok
22:40:36.0629 4208  [ CD2E48FA5B29EE2B3B5858056D246EF2 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:40:36.0652 4208  ShellHWDetection - ok
22:40:36.0670 4208  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\DRIVERS\sisagp.sys
22:40:36.0677 4208  sisagp - ok
22:40:36.0706 4208  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:36.0713 4208  SiSRaid2 - ok
22:40:36.0745 4208  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:36.0753 4208  SiSRaid4 - ok
22:40:36.0841 4208  [ 94A221B95F4FB4FAAB6A56A683D6FDF3 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:40:36.0850 4208  SkypeUpdate - ok
22:40:36.0852 4208  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:40:36.0882 4208  Smb - ok
22:40:37.0028 4208  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:40:37.0042 4208  SNMPTRAP - ok
22:40:37.0045 4208  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:40:37.0051 4208  spldr - ok
22:40:37.0110 4208  [ E17323B0AA9FB3FF9945731D736EDA2F ] Spooler         C:\Windows\System32\spoolsv.exe
22:40:37.0172 4208  Spooler - ok
22:40:37.0851 4208  [ 4C287F9069FEDBD791178876EE9DE536 ] sppsvc          C:\Windows\system32\sppsvc.exe
22:40:37.0912 4208  sppsvc - ok
22:40:37.0944 4208  [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:40:37.0960 4208  sppuinotify - ok
22:40:38.0081 4208  [ 7BB297CADA42903328E92425D9761DA6 ] SRTSP           C:\Windows\System32\Drivers\N360\0604000.009\SRTSP.SYS
22:40:38.0091 4208  SRTSP - ok
22:40:38.0137 4208  [ 475FCF0F28D845BF1C8ABAC27F19003E ] SRTSPX          C:\Windows\system32\drivers\N360\0604000.009\SRTSPX.SYS
22:40:38.0143 4208  SRTSPX - ok
22:40:38.0267 4208  [ C4A027B8C0BD3FC0699F41FA5E9E0C87 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:40:38.0337 4208  srv - ok
22:40:38.0473 4208  [ 414BB592CAD8A79649D01F9D94318FB3 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:40:38.0507 4208  srv2 - ok
22:40:38.0538 4208  [ FF207D67700AA18242AAF985D3E7D8F4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:40:38.0560 4208  srvnet - ok
22:40:38.0612 4208  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:40:38.0666 4208  SSDPSRV - ok
22:40:38.0708 4208  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:40:38.0725 4208  SstpSvc - ok
22:40:38.0959 4208  [ 1CFA4A1F3C7BB4C8F299E00428EB8677 ] SSUService      C:\Program Files\Splashtop\Splashtop Software Updater\SSUService.exe
22:40:38.0974 4208  SSUService - ok
22:40:39.0035 4208  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:40:39.0042 4208  stexstor - ok
22:40:39.0197 4208  [ A22825E7BB7018E8AF3E229A5AF17221 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:40:39.0211 4208  StiSvc - ok
22:40:39.0271 4208  [ 957E346CA948668F2496A6CCF6FF82CC ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
22:40:39.0278 4208  storflt - ok
22:40:39.0348 4208  [ D5751969DC3E4B88BF482AC8EC9FE019 ] storvsc         C:\Windows\system32\DRIVERS\storvsc.sys
22:40:39.0355 4208  storvsc - ok
22:40:39.0394 4208  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
22:40:39.0400 4208  swenum - ok
22:40:39.0487 4208  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
22:40:39.0519 4208  swprv - ok
22:40:39.0546 4208  [ 690FA0E61B90084C4D9A721BD4F3D779 ] SymDS           C:\Windows\system32\drivers\N360\0604000.009\SYMDS.SYS
22:40:39.0556 4208  SymDS - ok
22:40:39.0675 4208  [ 8F88EDB211B12537D2DC2A6D73D6067C ] SymEFA          C:\Windows\system32\drivers\N360\0604000.009\SYMEFA.SYS
22:40:39.0709 4208  SymEFA - ok
22:40:39.0938 4208  [ 74E2521E96176A4449570E50BE91954D ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
22:40:40.0047 4208  SymEvent - ok
22:40:40.0078 4208  [ 2C356CCA706505CF63CBE39D532B9236 ] SymIRON         C:\Windows\system32\drivers\N360\0604000.009\Ironx86.SYS
22:40:40.0094 4208  SymIRON - ok
22:40:40.0359 4208  [ 3EE215D6FE821E3EDF0F7134D9AE905A ] SymNetS         C:\Windows\System32\Drivers\N360\0604000.009\SYMNETS.SYS
22:40:40.0359 4208  SymNetS - ok
22:40:40.0905 4208  [ 04105C8DA62353589C29BDAEB8D88BD8 ] SysMain         C:\Windows\system32\sysmain.dll
22:40:40.0967 4208  SysMain - ok
22:40:41.0030 4208  [ FCFB6C552FBC0DA299799CBD50AD9FD4 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:40:41.0092 4208  TabletInputService - ok
22:40:41.0201 4208  [ B7AEE68D2E867CBF69B649B18FCEDBBB ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
22:40:41.0233 4208  tap0901t - ok
22:40:41.0467 4208  [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:40:41.0545 4208  TapiSrv - ok
22:40:41.0576 4208  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
22:40:41.0623 4208  TBS - ok
22:40:41.0857 4208  [ 55E9965552741F3850CB22CBBA9671ED ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:40:41.0950 4208  Tcpip - ok
22:40:42.0028 4208  [ 55E9965552741F3850CB22CBBA9671ED ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:40:42.0044 4208  TCPIP6 - ok
22:40:42.0091 4208  [ E64444523ADD154F86567C469BC0B17F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:40:42.0153 4208  tcpipreg - ok
22:40:42.0153 4208  [ 1875C1490D99E70E449E3AFAE9FCBADF ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:40:42.0215 4208  TDPIPE - ok
22:40:42.0247 4208  [ 7156308896D34EA75A582F9A09E50C17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:40:42.0293 4208  TDTCP - ok
22:40:42.0293 4208  [ CB39E896A2A83702D1737BFD402B3542 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:40:42.0340 4208  tdx - ok
22:40:42.0371 4208  [ C36F41EE20E6999DBF4B0425963268A5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
22:40:42.0387 4208  TermDD - ok
22:40:42.0559 4208  [ A01E50A04D7B1960B33E92B9080E6A94 ] TermService     C:\Windows\System32\termsrv.dll
22:40:42.0637 4208  TermService - ok
22:40:42.0699 4208  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
22:40:42.0715 4208  Themes - ok
22:40:42.0746 4208  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
22:40:42.0761 4208  THREADORDER - ok
22:40:42.0808 4208  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
22:40:42.0886 4208  TrkWks - ok
22:40:42.0917 4208  [ 41A4C781D2286208D397D72099304133 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:40:42.0933 4208  TrustedInstaller - ok
22:40:42.0949 4208  [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:42.0995 4208  tssecsrv - ok
22:40:43.0011 4208  [ 3E461D890A97F9D4C168F5FDA36E1D00 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:40:43.0027 4208  tunnel - ok
22:40:43.0151 4208  [ 1A5F1301C1EA3B49D1222E9CBB552EBB ] TunngleService  C:\Program Files\Tunngle\TnglCtrl.exe
22:40:43.0167 4208  TunngleService - ok
22:40:43.0183 4208  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:40:43.0183 4208  uagp35 - ok
22:40:43.0214 4208  [ 09CC3E16F8E5EE7168E01CF8FCBE061A ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:40:43.0229 4208  udfs - ok
22:40:43.0245 4208  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:40:43.0261 4208  UI0Detect - ok
22:40:43.0354 4208  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
22:40:43.0375 4208  uliagpkx - ok
22:40:43.0430 4208  [ 049B3A50B3D646BAEEEE9EEC9B0668DC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:40:43.0460 4208  umbus - ok
22:40:43.0463 4208  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:40:43.0477 4208  UmPass - ok
22:40:43.0578 4208  [ 8ECACA5454844F66386F7BE4AE0D7CD1 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:40:43.0593 4208  UmRdpService - ok
22:40:43.0720 4208  [ 0F9E1BC7E2BEA1A4108EC9736CF0C2D9 ] UNS             C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:43.0731 4208  UNS - ok
22:40:43.0760 4208  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
22:40:43.0795 4208  upnphost - ok
22:40:43.0798 4208  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:43.0827 4208  usbccgp - ok
22:40:43.0830 4208  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
22:40:43.0854 4208  usbcir - ok
22:40:43.0863 4208  [ 1C333BFD60F2FED2C7AD5DAF533CB742 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:40:43.0880 4208  usbehci - ok
22:40:43.0959 4208  [ EE6EF93CCFA94FAE8C6AB298273D8AE2 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:40:43.0971 4208  usbhub - ok
22:40:44.0050 4208  [ A6FB7957EA7AFB1165991E54CE934B74 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
22:40:44.0069 4208  usbohci - ok
22:40:44.0073 4208  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:40:44.0100 4208  usbprint - ok
22:40:44.0129 4208  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:44.0149 4208  USBSTOR - ok
22:40:44.0170 4208  [ 78780C3EBCE17405B1CCD07A3A8A7D72 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
22:40:44.0213 4208  usbuhci - ok
22:40:44.0249 4208  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
22:40:44.0297 4208  UxSms - ok
22:40:44.0323 4208  [ C2243FF9E9AAD0C30E8B1A0914DA15B6 ] VaultSvc        C:\Windows\system32\lsass.exe
22:40:44.0337 4208  VaultSvc - ok
22:40:44.0350 4208  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
22:40:44.0360 4208  vdrvroot - ok
22:40:44.0456 4208  [ 8C4E7C49D3641BC9E299E466A7F8867D ] vds             C:\Windows\System32\vds.exe
22:40:44.0480 4208  vds - ok
22:40:44.0519 4208  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:44.0543 4208  vga - ok
22:40:44.0546 4208  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:40:44.0682 4208  VgaSave - ok
22:40:44.0682 4208  [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583 ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
22:40:44.0682 4208  vhdmp - ok
22:40:44.0713 4208  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\DRIVERS\viaagp.sys
22:40:44.0728 4208  viaagp - ok
22:40:44.0728 4208  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:40:44.0744 4208  ViaC7 - ok
22:40:45.0058 4208  [ 0047FAA46D655FE2CB3191F4183A9010 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
22:40:45.0080 4208  VIAHdAudAddService - ok
22:40:45.0103 4208  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
22:40:45.0110 4208  viaide - ok
22:40:45.0138 4208  [ 65DE19339D794D652119973C28512031 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
22:40:45.0144 4208  VIAKaraokeService - ok
22:40:45.0190 4208  [ 379B349F65F453D2A6E75EA6B7448E49 ] vmbus           C:\Windows\system32\DRIVERS\vmbus.sys
22:40:45.0213 4208  vmbus - ok
22:40:45.0251 4208  [ EC2BBAB4B84D0738C6C83D2234DC36FE ] VMBusHID        C:\Windows\system32\DRIVERS\VMBusHID.sys
22:40:45.0268 4208  VMBusHID - ok
22:40:45.0284 4208  [ 384E5A2AA49934295171E499F86BA6F3 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
22:40:45.0293 4208  volmgr - ok
22:40:45.0297 4208  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:40:45.0308 4208  volmgrx - ok
22:40:45.0332 4208  [ 58DF9D2481A56EDDE167E51B334D44FD ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
22:40:45.0348 4208  volsnap - ok
22:40:45.0363 4208  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:45.0376 4208  vsmraid - ok
22:40:45.0457 4208  [ 7EA2BCD94D9CFAF4C556F5CC94532A6C ] VSS             C:\Windows\system32\vssvc.exe
22:40:45.0493 4208  VSS - ok
22:40:45.0544 4208  [ C311C2A5C39B556CA30564134C9B808B ] VUSB3HUB        C:\Windows\system32\DRIVERS\ViaHub3.sys
22:40:45.0576 4208  VUSB3HUB - ok
22:40:45.0580 4208  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:40:45.0605 4208  vwifibus - ok
22:40:45.0634 4208  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
22:40:45.0674 4208  W32Time - ok
22:40:45.0678 4208  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:40:45.0685 4208  WacomPen - ok
22:40:45.0697 4208  [ 692A712062146E96D28BA0B7D75DE31B ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:40:45.0712 4208  WANARP - ok
22:40:45.0714 4208  [ 692A712062146E96D28BA0B7D75DE31B ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:40:45.0728 4208  Wanarpv6 - ok
22:40:45.0838 4208  [ 7790B77FE1E5EE47DCC66247095BB4C9 ] wbengine        C:\Windows\system32\wbengine.exe
22:40:45.0900 4208  wbengine - ok
22:40:45.0931 4208  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:40:45.0947 4208  WbioSrvc - ok
22:40:45.0994 4208  [ 6D9B75275C3E3A5F51AEF81AFFADB2B6 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:40:46.0025 4208  wcncsvc - ok
22:40:46.0056 4208  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:40:46.0103 4208  WcsPlugInService - ok
22:40:46.0103 4208  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:40:46.0119 4208  Wd - ok
22:40:46.0150 4208  [ 9950E3D0F08141C7E89E64456AE7DC73 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:40:46.0165 4208  Wdf01000 - ok
22:40:46.0228 4208  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:40:46.0275 4208  WdiServiceHost - ok
22:40:46.0275 4208  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:40:46.0290 4208  WdiSystemHost - ok
22:40:46.0357 4208  [ BB5EC38F8D4600119B4720BC5D4211F1 ] WebClient       C:\Windows\System32\webclnt.dll
22:40:46.0467 4208  WebClient - ok
22:40:46.0499 4208  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:40:46.0589 4208  Wecsvc - ok
22:40:46.0664 4208  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:40:46.0733 4208  wercplsupport - ok
22:40:46.0779 4208  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:40:46.0861 4208  WerSvc - ok
22:40:46.0883 4208  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:46.0930 4208  WfpLwf - ok
22:40:46.0932 4208  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:40:46.0939 4208  WIMMount - ok
22:40:47.0148 4208  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:40:47.0215 4208  WinDefend - ok
22:40:47.0217 4208  WinHttpAutoProxySvc - ok
22:40:47.0404 4208  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:40:47.0431 4208  Winmgmt - ok
22:40:47.0527 4208  [ C4F5D3901D1B41D602DDC196E0B95B51 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:40:47.0589 4208  WinRM - ok
22:40:47.0620 4208  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:40:47.0675 4208  Wlansvc - ok
22:40:47.0709 4208  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
22:40:47.0730 4208  WmiAcpi - ok
22:40:47.0750 4208  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:40:47.0791 4208  wmiApSrv - ok
22:40:47.0918 4208  [ 77FBD400984CF72BA0FC4B3489D65F74 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:40:48.0011 4208  WMPNetworkSvc - ok
22:40:48.0030 4208  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:40:48.0055 4208  WPCSvc - ok
22:40:48.0082 4208  [ B7F658A2EBC07129538AD9AB35212637 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:40:48.0103 4208  WPDBusEnum - ok
22:40:48.0167 4208  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:40:48.0274 4208  ws2ifsl - ok
22:40:48.0314 4208  [ A661A76333057B383A06E65F0073222F ] wscsvc          C:\Windows\System32\wscsvc.dll
22:40:48.0346 4208  wscsvc - ok
22:40:48.0349 4208  WSearch - ok
22:40:48.0428 4208  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
22:40:48.0521 4208  wuauserv - ok
22:40:48.0552 4208  [ 6F9B6C0C93232CFF47D0F72D6DB1D21E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:40:48.0568 4208  WudfPf - ok
22:40:48.0584 4208  [ DDEE3682FE97037C45F4D7AB467CB8B6 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:40:48.0615 4208  wudfsvc - ok
22:40:48.0630 4208  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:40:48.0662 4208  WwanSvc - ok
22:40:48.0693 4208  [ 96653E5A68D2C648CB7070B6A7A2E7E5 ] xhcdrv          C:\Windows\system32\DRIVERS\xhcdrv.sys
22:40:48.0759 4208  xhcdrv - ok
22:40:48.0762 4208  ================ Scan global ===============================
22:40:48.0777 4208  [ 9A595DF601070DA78C40481120DD2C06 ] C:\Windows\system32\basesrv.dll
22:40:48.0853 4208  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
22:40:48.0868 4208  [ 43B34CADB516800794BDF486E493ED32 ] C:\Windows\system32\winsrv.dll
22:40:48.0889 4208  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
22:40:48.0935 4208  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
22:40:48.0938 4208  [Global] - ok
22:40:48.0939 4208  ================ Scan MBR ==================================
22:40:48.0973 4208  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:40:50.0217 4208  \Device\Harddisk0\DR0 - ok
22:40:50.0217 4208  ================ Scan VBR ==================================
22:40:50.0252 4208  [ 1E14D4D2AF15082DEC76A5212530E8BF ] \Device\Harddisk0\DR0\Partition1
22:40:50.0263 4208  \Device\Harddisk0\DR0\Partition1 - ok
22:40:50.0266 4208  [ 49CC011DCE1F238AFA26FB507B87FC4F ] \Device\Harddisk0\DR0\Partition2
22:40:50.0267 4208  \Device\Harddisk0\DR0\Partition2 - ok
22:40:50.0268 4208  ============================================================
22:40:50.0268 4208  Scan finished
22:40:50.0268 4208  ============================================================
22:40:50.0278 4200  Detected object count: 2
22:40:50.0278 4200  Actual detected object count: 2
22:40:54.0594 4200  ICCS ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:54.0595 4200  ICCS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
22:40:54.0595 4200  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:54.0595 4200  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 08.11.2012, 22:50

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste
mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

Kulzhar · 09.11.2012, 14:41

so hier is der adw scan

Code:

ATTFilter

# AdwCleaner v2.007 - Logfile created 11/09/2012 at 14:40:25
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate  (32 bits)
# User : Alex - ALEX-PC
# Boot Mode : Normal
# Running from : C:\Users\Alex\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1078 octets] - [09/11/2012 14:40:25]

########## EOF - C:\AdwCleaner[R1].txt - [1138 octets] ##########

markusg · 09.11.2012, 19:31

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige
jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die
Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

Kulzhar · 10.11.2012, 14:01

so und hier der neue scan. Schon mal danke für deine Hilfe hätte nicht gedacht das einem hier so schnell geholfen wird

Code:

ATTFilter

# AdwCleaner v2.007 - Logfile created 11/10/2012 at 13:57:30
# Updated 06/11/2012 by Xplode
# Operating system : Windows 7 Ultimate  (32 bits)
# User : Alex - ALEX-PC
# Boot Mode : Normal
# Running from : C:\Users\Alex\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Alex\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1207 octets] - [09/11/2012 14:40:25]
AdwCleaner[S1].txt - [1146 octets] - [10/11/2012 13:57:30]

########## EOF - C:\AdwCleaner[S1].txt - [1206 octets] ##########

markusg · 10.11.2012, 15:19

hi

dieses script sowie evtl. folgende scripts sind nur für den jeweiligen user.
wenn ihr probleme habt, eröffnet eigene topics und wartet auf, für euch angepasste scripts.

• Starte bitte die OTL.exe
• Kopiere nun das Folgende in die Textbox.

Code:

ATTFilter

:OTL
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.searchgateway.net/search/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.searchgateway.net/search/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.searchgateway.net/search/
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ffsrc=kwtb=AVR-3o=APN10395locale=de_DEapn_uid=aba7d435-b559-42d3-9b75-dd745adef5baapn_ptnrs=%5EABTapn_sauid=91A2CCA2-F037-40D6-A749-56A2FFECB1EBapn_dtid=%5EYYYYYY%5EYY%5EDE&q="
 :Files
:Commands
[purity]
[EMPTYFLASH] 
[emptytemp]
[Reboot]

• Schliesse bitte nun alle Programme.
• Klicke nun bitte auf den Fix Button.
• OTL kann gegebenfalls einen Neustart verlangen. Bitte dies zulassen.
• Nach dem Neustart findest Du ein Textdokument, dessen inhalt in deiner nächsten antwort hier reinkopieren.