bundespolizei trojaner

helena12 · 05.12.2012, 11:51

Hallo,
ich habe dieses forum empfohlen bekommen, da ich mich mit einem dieser bundespolizei trojaner herumschlage. einen scan mit Malwarebytes hab ich durchgeführt. ich würde mich sehr freuen, wenn ihr mir helfen könntet. hier das logfile:

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.24.11

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Helena :: HELENA-PC [Administrator]

05.12.2012 00:28:33
HDmbam-log-2012-12-05 (11-30-25).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 340097
Laufzeit: 1 Stunde(n), 31 Minute(n), 9 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 1
C:\Users\Helena\AppData\Local\Temp\wpbt0.dll (Exploit.Drop.GS) -> Keine Aktion durchgeführt.

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 6
C:\Users\Helena\AppData\Local\Temp\tmp5fc193df\loader2.exe (Malware.Packer) -> Keine Aktion durchgeführt.
C:\Users\Helena\AppData\Local\Temp\tmp99a90fe0\ig50.exe (Trojan.Zbot.SXGen) -> Keine Aktion durchgeführt.
C:\Users\Helena\AppData\Local\Temp\tmpc99dcdc9\loader1.exe (Backdoor.Bot) -> Keine Aktion durchgeführt.
C:\Users\Helena\AppData\Local\Temp\tmpdfe24fb4\loader1.exe (Trojan.Graftor) -> Keine Aktion durchgeführt.
C:\Users\Helena\AppData\Local\Temp\tmpf71a96cc\loader1.exe (Backdoor.Pushdo) -> Keine Aktion durchgeführt.
C:\Users\Helena\AppData\Local\Temp\wpbt0.dll (Exploit.Drop.GS) -> Keine Aktion durchgeführt.

(Ende)

markusg · 05.12.2012, 12:46

hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

helena12 · 05.12.2012, 22:34

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 12/5/2012 10:09:23 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Helena\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Österreich | Language: DEA | Date Format: dd.MM.yyyy
 
2.96 Gb Total Physical Memory | 1.95 Gb Available Physical Memory | 65.79% Memory free
5.92 Gb Paging File | 4.62 Gb Available in Paging File | 78.02% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
Drive C: | 282.99 Gb Total Space | 214.41 Gb Free Space | 75.76% Space Free | Partition Type: NTFS
 
Computer Name: HELENA-PC | User Name: Helena | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012/12/05 21:41:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Helena\Downloads\OTL.exe
PRC - [2012/10/17 00:46:34 | 001,573,576 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
PRC - [2012/10/10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
PRC - [2012/09/29 19:54:26 | 000,766,536 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/08/20 18:37:58 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2012/08/16 10:38:10 | 000,245,168 | ---- | M] (hxxp://yourfiledownloader.com) -- C:\Program Files\YourFileDownloader\YourFileUpdater.exe
PRC - [2012/05/24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Helena\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2011/06/29 03:10:21 | 000,269,480 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/05/21 22:13:45 | 000,496,128 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\sp_rsser.exe
PRC - [2011/04/27 15:22:06 | 000,136,360 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/11/20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2010/11/03 20:12:09 | 000,281,768 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 20:10:53 | 000,076,968 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2009/11/04 05:11:48 | 000,835,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
PRC - [2009/10/26 12:53:14 | 000,091,136 | ---- | M] (SAMSUNG Electronics) -- C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
PRC - [2009/10/20 10:13:00 | 000,079,360 | ---- | M] (DoctorSoft) -- C:\Program Files\AnyPC Client\APLanMgrC.exe
PRC - [2009/10/13 11:03:04 | 000,716,800 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
PRC - [2009/08/13 20:58:10 | 000,044,312 | ---- | M] () -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012/10/10 12:24:19 | 002,309,656 | ---- | M] () -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
MOD - [2012/10/10 12:23:16 | 002,068,504 | ---- | M] () -- c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2006/08/12 04:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV - [2012/10/28 04:08:45 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012/10/10 12:24:19 | 002,309,656 | ---- | M] () [Auto | Running] -- C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe -- (Browser Manager)
SRV - [2012/09/29 19:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012/09/29 19:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/09/20 13:28:48 | 030,785,672 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/06/29 03:10:21 | 000,269,480 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/05/21 22:13:45 | 000,496,128 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\sp_rsser.exe -- (sp_rssrv)
SRV - [2011/04/27 15:22:06 | 000,136,360 | ---- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2010/11/20 13:21:36 | 000,351,232 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- winhttp.dll -- (WinHttpAutoProxySvc)
SRV - [2010/07/17 14:56:13 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/08/13 20:58:10 | 000,044,312 | ---- | M] () [Auto | Running] -- C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe -- (OberonGameConsoleService)
SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2003/04/18 18:06:26 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\System32\srvany.exe -- (KMService)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Unknown] --  -- (a02by9va)
DRV - [2012/09/29 19:54:26 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/08/05 11:02:46 | 002,203,648 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011/06/29 03:10:21 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/06/29 03:10:21 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/05/21 22:13:45 | 000,142,592 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010/12/02 11:13:22 | 000,018,304 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/11/20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 10:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/07/17 09:59:09 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sptd.sys -- (sptd)
DRV - [2009/09/28 10:22:00 | 000,315,392 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/10 14:44:52 | 000,122,880 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2009/05/11 08:12:49 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKLM\..\SearchScopes,DefaultScope = {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://search.babylon.com/?affID=112555&tt=140812_bandext_3312_3&babsrc=HP_ss&mntrId=1e754307000000000000b482fe6bc980
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=112555&tt=140812_bandext_3312_3&babsrc=HP_ss&mntrId=1e754307000000000000b482fe6bc980
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=112555&tt=140812_bandext_3312_3&babsrc=HP_ss&mntrId=1e754307000000000000b482fe6bc980
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\URLSearchHook: {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,BrowserMngrDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112555&tt=140812_bandext_3312_3&babsrc=SP_ss&mntrId=1e754307000000000000b482fe6bc980
IE - HKCU\..\SearchScopes\{19735F2A-2CC3-46F4-A5C9-B5ADB4D5FEBD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYAT&apn_uid=8D965359-4C08-4B67-9477-731309EB0215&apn_sauid=E84F2F53-6924-4E89-982B-2BC2CE1E9113
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Ask.com"
FF - prefs.js..browser.startup.homepage: "hxxp://search.babylon.com/?affID=112555&tt=140812_bandext_3312_3&babsrc=HP_ss&mntrId=1e754307000000000000b482fe6bc980"
FF - prefs.js..extensions.enabledAddons: grooveshredder@code.argee.org:1.14.10
FF - prefs.js..extensions.enabledAddons: {b64982b1-d112-42b5-b1e4-d3867c4533f8}:2.2.643.41
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Ask.com"
FF - prefs.js..keyword.URL: "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=ORJ&o=&locale=&apn_uid=8D965359-4C08-4B67-9477-731309EB0215&apn_ptnrs=U3&apn_sauid=E84F2F53-6924-4E89-982B-2BC2CE1E9113&apn_dtid=OSJ000YYAT&&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101714.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 04:08:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/21 18:47:43 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/10/11 08:21:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012/10/28 04:08:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/05/21 18:47:43 | 000,000,000 | ---D | M]
 
[2011/05/22 17:27:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Helena\AppData\Roaming\mozilla\Extensions
[2012/11/27 20:46:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Helena\AppData\Roaming\mozilla\Firefox\Profiles\zvtm32gt.default\extensions
[2012/10/27 11:48:08 | 000,000,000 | ---D | M] (Firefox Hotfix) -- C:\Users\Helena\AppData\Roaming\mozilla\Firefox\Profiles\zvtm32gt.default\extensions\firefox-hotfix@mozilla.org
[2012/11/27 20:46:39 | 000,000,000 | ---D | M] (Groove Shredder) -- C:\Users\Helena\AppData\Roaming\mozilla\Firefox\Profiles\zvtm32gt.default\extensions\grooveshredder@code.argee.org
[2012/11/07 12:22:09 | 000,000,000 | ---D | M] (Ask Toolbar) -- C:\Users\Helena\AppData\Roaming\mozilla\Firefox\Profiles\zvtm32gt.default\extensions\toolbar@ask.com
[2012/10/26 11:08:58 | 000,025,868 | ---- | M] () (No name found) -- C:\Users\Helena\AppData\Roaming\mozilla\firefox\profiles\zvtm32gt.default\extensions\firefox-hotfix@mozilla.org.xpi
[2012/11/27 20:34:30 | 000,089,261 | ---- | M] () (No name found) -- C:\Users\Helena\AppData\Roaming\mozilla\firefox\profiles\zvtm32gt.default\extensions\grooveshredder@code.argee.org.xpi
[2012/11/22 14:15:48 | 000,035,614 | ---- | M] () (No name found) -- C:\Users\Helena\AppData\Roaming\mozilla\firefox\profiles\zvtm32gt.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2011/12/27 11:49:07 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
[2011/12/27 11:49:08 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2010/10/09 10:34:41 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Program Files\mozilla firefox\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2012/12/05 12:56:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\updated\extensions
[2012/12/05 12:56:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\mozilla firefox\updated\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012/12/05 12:56:04 | 000,000,000 | ---D | M] ("Citavi Picker") -- C:\Program Files\mozilla firefox\updated\extensions\{8AA36F4F-6DC7-4c06-77AF-5035170634FE}
[2012/12/05 12:56:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2012/10/28 04:08:45 | 000,261,600 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2010/07/12 17:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
[2012/08/15 08:46:00 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012/08/16 10:38:20 | 000,002,364 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012/09/15 18:23:21 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012/08/15 08:46:00 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012/08/15 08:46:00 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012/08/15 08:46:00 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012/08/15 08:46:00 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google ()
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - Extension: No name found = C:\Users\Helena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo\7.15.9.29524\
 
O1 HOSTS File: ([2009/06/10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Winamp Toolbar Loader) - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.4.6\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Easy-WebPrint) - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll ()
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (Winamp Toolbar) - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Winamp Toolbar) - {EBF2BA02-9094-4C5A-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL LLC.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Helena\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Easy-WebPrint - Drucken - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Vorschau - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen - C:\Program Files\Canon\Easy-WebPrint\Resource.dll ()
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\Helena\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000 File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.254 192.168.0.254 213.33.99.70
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8E1B4DF4-69F4-403E-A511-C8B9790D2E8F}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC3BB52C-1A20-4A0F-B6FD-02A4BDB72B86}: DhcpNameServer = 192.168.0.254 192.168.0.254 213.33.99.70
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~2\browse~1\23787~1.43\{16cdf~1\browse~1.dll) - c:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20 - AppInit_DLLs: (c:\progra~2\browse~1\22643~1.41\{16cdf~1\browse~1.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - igfxdev.dll (Intel Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\System32\Microsoft
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - C:\Windows\System32\Microsoft
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
NetSvcs: FastUserSwitchingCompatibility -  File not found
NetSvcs: Ias - C:\windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla -  File not found
NetSvcs: Ntmssvc -  File not found
NetSvcs: NWCWorkstation -  File not found
NetSvcs: Nwsapagent -  File not found
NetSvcs: SRService -  File not found
NetSvcs: WmdmPmSp -  File not found
NetSvcs: LogonHours -  File not found
NetSvcs: PCAudit -  File not found
NetSvcs: helpsvc -  File not found
NetSvcs: uploadmgr -  File not found
 
MsConfig - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: Adobe Reader Speed Launcher - hkey= - key= - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: AdobeAAMUpdater-1.0 - hkey= - key= - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
MsConfig - StartUpReg: APLangApp - hkey= - key= - C:\Program Files\AnyPC Client\APLangApp.exe (DoctorSoft)
MsConfig - StartUpReg: CLMLServer - hkey= - key= - C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files\DivX\DivX Update\DivXUpdate.exe ()
MsConfig - StartUpReg: PDFPrint - hkey= - key= - C:\Program Files\PDF24\pdf24.exe (Geek Software GmbH)
MsConfig - StartUpReg: PDVD8LanguageShortcut - hkey= - key= - C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe (CyberLink Corp.)
MsConfig - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
MsConfig - StartUpReg: RemoteControl8 - hkey= - key= - C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (CyberLink Corp.)
MsConfig - StartUpReg: SpywareTerminatorUpdate - hkey= - key= - C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
MsConfig - StartUpReg: UCam_Menu - hkey= - key= - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdateLBPShortCut - hkey= - key= - C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdateP2GoShortCut - hkey= - key= - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdatePDRShortCut - hkey= - key= - C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdatePPShortCut - hkey= - key= - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - StartUpReg: UpdatePSTShortCut - hkey= - key= - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
MsConfig - State: "startup" - 2
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012/11/16 14:01:11 | 000,000,000 | ---D | C] -- C:\Users\Helena\Desktop\sommer 12
[2012/11/14 12:52:29 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012/11/13 14:26:26 | 000,000,000 | ---D | C] -- C:\Users\Helena\AppData\Roaming\DVDVideoSoft
[2012/11/11 23:53:25 | 000,000,000 | ---D | C] -- C:\Users\Helena\Desktop\dyer
[2012/11/11 03:04:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012/11/11 03:04:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
[2012/11/10 17:07:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2012/11/10 17:05:53 | 000,000,000 | ---D | C] -- C:\c3cc05ed6ddae82cb2c62eb6
[2012/11/08 01:31:50 | 000,000,000 | ---D | C] -- C:\Users\Helena\Desktop\tolle
[2012/11/07 12:22:02 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
[2012/11/07 12:22:02 | 000,000,000 | ---D | C] -- C:\Users\Helena\AppData\Local\APN
[2012/11/07 12:11:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012/11/07 12:11:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/07 12:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/11/07 12:10:19 | 000,000,000 | ---D | C] -- C:\Program Files\Java
 
========== Files - Modified Within 30 Days ==========
 
[2012/12/05 21:55:01 | 000,001,098 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/12/05 21:39:47 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/12/05 12:29:11 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/12/05 12:29:11 | 000,014,736 | -H-- | M] () -- C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/12/05 12:26:12 | 000,654,166 | ---- | M] () -- C:\windows\System32\perfh007.dat
[2012/12/05 12:26:12 | 000,616,008 | ---- | M] () -- C:\windows\System32\perfh009.dat
[2012/12/05 12:26:12 | 000,130,006 | ---- | M] () -- C:\windows\System32\perfc007.dat
[2012/12/05 12:26:12 | 000,106,388 | ---- | M] () -- C:\windows\System32\perfc009.dat
[2012/12/05 12:21:28 | 000,001,094 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/12/05 12:21:17 | 2384,941,056 | -HS- | M] () -- C:\hiberfil.sys
[2012/12/05 12:21:16 | 281,890,505 | ---- | M] () -- C:\windows\MEMORY.DMP
[2012/12/05 00:20:30 | 083,023,306 | ---- | M] () -- C:\ProgramData\0tbpw.pad
[2012/12/04 23:54:18 | 000,001,073 | ---- | M] () -- C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/11/30 20:06:36 | 000,002,324 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012/11/25 00:50:30 | 000,001,071 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012/11/20 12:23:25 | 001,089,457 | ---- | M] () -- C:\Users\Helena\Desktop\warrior.png
[2012/11/20 12:17:32 | 000,729,942 | ---- | M] () -- C:\Users\Helena\Desktop\brigitte bardot.png
[2012/11/20 12:15:24 | 002,352,196 | ---- | M] () -- C:\Users\Helena\Desktop\IMG_1563.JPG
[2012/11/20 12:15:16 | 002,527,255 | ---- | M] () -- C:\Users\Helena\Desktop\IMG_1562.JPG
[2012/11/18 19:18:11 | 001,303,566 | ---- | M] () -- C:\Users\Helena\Desktop\tth12_Fragebogen_Vorlage.pdf
[2012/11/15 22:27:59 | 000,306,572 | ---- | M] () -- C:\Users\Helena\unfinished_by_alexaink-d5igsoj.jpg
[2012/11/14 14:45:07 | 003,788,048 | ---- | M] () -- C:\windows\System32\FNTCACHE.DAT
[2012/11/13 14:26:17 | 000,001,201 | ---- | M] () -- C:\Users\Helena\Desktop\DVDVideoSoft Free Studio.lnk
[2012/11/13 14:26:16 | 000,001,360 | ---- | M] () -- C:\Users\Helena\Desktop\Free YouTube to MP3 Converter.lnk
[2012/11/13 11:26:06 | 000,588,471 | ---- | M] () -- C:\Users\Helena\Desktop\Einladung SHS.jpg
[2012/11/11 03:04:51 | 000,002,505 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
 
========== Files Created - No Company Name ==========
 
[2012/12/04 23:54:18 | 000,001,073 | ---- | C] () -- C:\Users\Helena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\runctf.lnk
[2012/11/20 12:23:25 | 001,089,457 | ---- | C] () -- C:\Users\Helena\Desktop\warrior.png
[2012/11/20 12:17:32 | 000,729,942 | ---- | C] () -- C:\Users\Helena\Desktop\brigitte bardot.png
[2012/11/20 12:15:06 | 002,527,255 | ---- | C] () -- C:\Users\Helena\Desktop\IMG_1562.JPG
[2012/11/20 12:15:06 | 002,352,196 | ---- | C] () -- C:\Users\Helena\Desktop\IMG_1563.JPG
[2012/11/18 19:17:00 | 001,303,566 | ---- | C] () -- C:\Users\Helena\Desktop\tth12_Fragebogen_Vorlage.pdf
[2012/11/15 22:27:58 | 000,306,572 | ---- | C] () -- C:\Users\Helena\unfinished_by_alexaink-d5igsoj.jpg
[2012/11/14 12:47:01 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012/11/14 12:46:29 | 000,000,003 | ---- | C] () -- C:\windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012/11/13 14:26:16 | 000,001,360 | ---- | C] () -- C:\Users\Helena\Desktop\Free YouTube to MP3 Converter.lnk
[2012/11/13 12:27:02 | 000,588,471 | ---- | C] () -- C:\Users\Helena\Desktop\Einladung SHS.jpg
[2012/10/04 14:39:39 | 083,023,306 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012/03/18 22:44:53 | 000,005,632 | ---- | C] () -- C:\Users\Helena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/09/11 10:47:25 | 000,001,534 | ---- | C] () -- C:\ProgramData\ss.ini
[2011/05/22 08:13:29 | 000,000,000 | ---- | C] () -- C:\Users\Helena\AppData\Local\{6CEE3637-699E-4C11-A4A2-CEAB597C4488}
[2011/05/22 07:44:43 | 000,000,000 | ---- | C] () -- C:\Users\Helena\AppData\Local\{D60BDD90-E05B-4799-B734-02DA00A9D362}
[2011/05/22 07:20:24 | 000,000,000 | ---- | C] () -- C:\Users\Helena\AppData\Local\{2620D88B-C290-4B71-BAD3-9B111CAB4479}
[2011/05/21 22:17:10 | 000,000,000 | ---- | C] () -- C:\Users\Helena\AppData\Local\{02A2C2F5-6D80-4976-8359-98B824D88339}
[2011/05/21 22:13:45 | 000,142,592 | ---- | C] () -- C:\windows\System32\drivers\sp_rsdrv2.sys
[2011/02/11 18:40:40 | 000,004,096 | ---- | C] ( ) -- C:\windows\System32\IGFXDEVLib.dll
[2010/07/24 21:50:07 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/07/17 14:01:36 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009/07/14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2010/07/17 15:25:34 | 000,000,000 | -HSD | M] -- C:\Users\Helena\AppData\Roaming\.#
[2010/10/09 18:28:27 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Academic Software Zurich
[2012/12/04 19:13:29 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Acym
[2010/12/18 17:42:25 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Amazon
[2012/08/16 10:38:14 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Babylon
[2012/08/16 10:38:40 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\BabylonToolbar
[2010/07/17 10:03:25 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\DAEMON Tools Lite
[2012/12/05 12:21:58 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Dropbox
[2012/11/13 14:26:39 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\DVDVideoSoft
[2012/11/13 14:26:26 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/07/17 15:25:19 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\GameConsole
[2010/07/21 17:41:36 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\PDF Writer
[2012/05/20 20:57:47 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Spotify
[2011/05/22 08:15:13 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\Spyware Terminator
[2012/08/16 10:38:39 | 000,000,000 | ---D | M] -- C:\Users\Helena\AppData\Roaming\YourFileDownloader
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2010/07/17 14:19:57 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2010/10/26 23:53:15 | 000,000,000 | ---D | M] -- C:\aa053eed7be24944f5cdf6
[2012/11/10 17:07:21 | 000,000,000 | ---D | M] -- C:\c3cc05ed6ddae82cb2c62eb6
[2012/11/14 12:58:24 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2009/07/14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2012/01/06 21:27:18 | 000,000,000 | -HSD | M] -- C:\found.000
[2012/03/01 20:55:42 | 000,000,000 | -HSD | M] -- C:\found.001
[2012/08/16 10:50:53 | 000,000,000 | -HSD | M] -- C:\found.002
[2009/12/05 03:37:27 | 000,000,000 | ---D | M] -- C:\Intel
[2010/07/17 10:04:33 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009/07/14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012/11/07 12:22:02 | 000,000,000 | R--D | M] -- C:\Program Files
[2012/12/05 11:31:28 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010/07/17 13:58:45 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012/12/05 22:11:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2010/07/17 14:00:00 | 000,000,000 | R--D | M] -- C:\Users
[2012/12/05 12:21:16 | 000,000,000 | ---D | M] -- C:\Windows
 
< %PROGRAMFILES%\*.exe >
 
< %LOCALAPPDATA%\*.exe >
 
< %systemroot%\*. /mp /s >
 
< C:\Windows\system32\*.tsp >
[2009/07/14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp
[2009/07/14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp
[2009/07/14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp
[2009/07/14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp
[2010/11/20 13:16:53 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp
[2009/07/14 05:53:46 | 000,032,632 | ---- | C] () -- C:\windows\Tasks\SCHEDLGU.TXT
[2009/07/14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\windows\Tasks\SA.DAT
[2010/07/29 19:20:23 | 000,001,094 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
[2010/07/29 19:20:24 | 000,001,098 | ---- | C] () -- C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
 
< MD5 for: AGP440.SYS  >
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
[2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2007/05/17 13:34:04 | 000,007,216 | ---- | M] () MD5=C2A279A458A06DE2C83D842AA042B5A8 -- C:\Program Files\CyberLink\PowerDirector\EventLog.dll
 
< MD5 for: EXPLORER.EXE  >
[2009/10/06 07:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_523cdab8f40fe558\explorer.exe
[2011/02/26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/14 02:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 06:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 06:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 13:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe
[2011/02/25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 06:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 06:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 07:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe
[2009/10/06 06:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_51c00e6ddae85c4b\explorer.exe
 
< MD5 for: IASTOR.SYS  >
[2009/10/13 03:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver\IaStor.sys
[2009/10/13 03:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Windows\System32\drivers\iaStor.sys
[2009/10/13 03:09:36 | 000,331,288 | ---- | M] (Intel Corporation) MD5=0BAA4115DFFFD6A6D809A89D65E1281A -- C:\Windows\System32\DriverStore\FileRepository\iaahci.inf_x86_neutral_3f3653f13a033ed4\iaStor.sys
[2009/10/13 03:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Program Files\Intel\Intel Matrix Storage Manager\driver64\IaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys
[2011/03/11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys
[2011/03/11 06:43:55 | 000,332,160 | ---- | M] (Intel Corporation) MD5=71F1A494FEDF4B33C02C4A6A28D6D9E9 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_aef580fde910b4b0\iaStorV.sys
[2011/03/11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys
[2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys
[2010/11/20 13:29:54 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys
[2011/03/11 06:52:21 | 000,332,160 | ---- | M] (Intel Corporation) MD5=B9039A34C2F8769490DCC494E2402445 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_afae2d45020c148b\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll
[2010/11/20 13:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys
[2011/03/11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 06:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 06:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys
[2010/11/20 13:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll
[2010/11/20 13:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009/07/14 02:16:17 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=34B7E222E81FAFA885F0C5F2CFA56861 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_cd0ec264ceb014a3\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll
[2010/11/20 13:21:33 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe
[2010/11/20 13:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/14 02:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
 
< MD5 for: WINLOGON.EXE  >
[2009/10/28 07:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 06:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe
[2010/11/20 13:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2012/09/29 19:54:26 | 000,218,184 | ---- | M] () MD5=8846E87210AD131CF71E3E2E49F647B0 -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009/07/14 02:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys
[2009/07/14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2010/07/17 09:59:09 | 000,691,696 | ---- | M] () Unable to obtain MD5 -- C:\windows\system32\drivers\sptd.sys
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2009/07/14 02:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\windows\system32\FirewallAPI.dll
 
< %USERPROFILE%\*.* >
[2012/12/05 22:25:41 | 004,456,448 | -HS- | M] () -- C:\Users\Helena\ntuser.dat
[2012/12/05 22:25:41 | 000,262,144 | -HS- | M] () -- C:\Users\Helena\ntuser.dat.LOG1
[2010/07/17 14:00:01 | 000,000,000 | -HS- | M] () -- C:\Users\Helena\ntuser.dat.LOG2
[2010/07/17 14:24:43 | 000,065,536 | -HS- | M] () -- C:\Users\Helena\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf
[2010/07/17 14:24:43 | 000,524,288 | -HS- | M] () -- C:\Users\Helena\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms
[2010/07/17 14:24:43 | 000,524,288 | -HS- | M] () -- C:\Users\Helena\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms
[2011/12/07 17:43:53 | 000,065,536 | -HS- | M] () -- C:\Users\Helena\ntuser.dat{9002172b-20f2-11e1-8b24-0024542a88ce}.TM.blf
[2011/12/07 17:43:53 | 000,524,288 | -HS- | M] () -- C:\Users\Helena\ntuser.dat{9002172b-20f2-11e1-8b24-0024542a88ce}.TMContainer00000000000000000001.regtrans-ms
[2011/12/07 17:43:53 | 000,524,288 | -HS- | M] () -- C:\Users\Helena\ntuser.dat{9002172b-20f2-11e1-8b24-0024542a88ce}.TMContainer00000000000000000002.regtrans-ms
[2010/07/17 14:00:02 | 000,000,020 | -HS- | M] () -- C:\Users\Helena\ntuser.ini
[2011/05/31 11:22:52 | 000,013,336 | ---- | M] () -- C:\Users\Helena\Sankt Jakobs Bruderschaft zur.docx
[2012/11/15 22:27:59 | 000,306,572 | ---- | M] () -- C:\Users\Helena\unfinished_by_alexaink-d5igsoj.jpg
 
< %USERPROFILE%\Local Settings\Temp\*.exe >
 
< %USERPROFILE%\Local Settings\Temp\*.dll >
 
< %USERPROFILE%\Application Data\*.exe >
 
< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
 
<           >

< End of report >

--- --- ---

das extra.txt konnte ich leider nicht finden

bin nicht so das computergenie, leider

markusg · 06.12.2012, 17:27

Hi
anmerkung, bin ab Morgen, bis Mittwoch im Urlaub
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

helena12 · 06.12.2012, 17:48

danke für deine hilfe. hier der log

17:44:02.0696 2704 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
17:44:03.0008 2704 ============================================================
17:44:03.0008 2704 Current date / time: 2012/12/06 17:44:03.0008
17:44:03.0008 2704 SystemInfo:
17:44:03.0008 2704
17:44:03.0008 2704 OS Version: 6.1.7601 ServicePack: 1.0
17:44:03.0008 2704 Product type: Workstation
17:44:03.0008 2704 ComputerName: HELENA-PC
17:44:03.0008 2704 UserName: Helena
17:44:03.0008 2704 Windows directory: C:\windows
17:44:03.0008 2704 System windows directory: C:\windows
17:44:03.0008 2704 Processor architecture: Intel x86
17:44:03.0008 2704 Number of processors: 2
17:44:03.0008 2704 Page size: 0x1000
17:44:03.0008 2704 Boot type: Normal boot
17:44:03.0008 2704 ============================================================
17:44:03.0804 2704 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:44:03.0804 2704 ============================================================
17:44:03.0804 2704 \Device\Harddisk0\DR0:
17:44:03.0804 2704 MBR partitions:
17:44:03.0804 2704 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1E00800, BlocksNum 0x32000
17:44:03.0804 2704 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E32800, BlocksNum 0x235FBAB0
17:44:03.0804 2704 ============================================================
17:44:03.0851 2704 C: <-> \Device\Harddisk0\DR0\Partition2
17:44:03.0851 2704 ============================================================
17:44:03.0851 2704 Initialize success
17:44:03.0851 2704 ============================================================
17:44:33.0038 1428 ============================================================
17:44:33.0038 1428 Scan started
17:44:33.0038 1428 Mode: Manual; SigCheck;
17:44:33.0038 1428 ============================================================
17:44:34.0021 1428 ================ Scan system memory ========================
17:44:34.0021 1428 System memory - ok
17:44:34.0021 1428 ================ Scan services =============================
17:44:34.0474 1428 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:44:34.0832 1428 1394ohci - ok
17:44:34.0910 1428 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:44:34.0942 1428 ACPI - ok
17:44:34.0988 1428 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:44:35.0066 1428 AcpiPmi - ok
17:44:35.0113 1428 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:44:35.0160 1428 adp94xx - ok
17:44:35.0207 1428 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:44:35.0254 1428 adpahci - ok
17:44:35.0269 1428 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:44:35.0300 1428 adpu320 - ok
17:44:35.0519 1428 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:44:35.0628 1428 AeLookupSvc - ok
17:44:35.0722 1428 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
17:44:35.0800 1428 AFD - ok
17:44:35.0862 1428 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
17:44:35.0878 1428 agp440 - ok
17:44:35.0971 1428 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
17:44:35.0987 1428 aic78xx - ok
17:44:36.0034 1428 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
17:44:36.0080 1428 ALG - ok
17:44:36.0143 1428 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
17:44:36.0174 1428 aliide - ok
17:44:36.0252 1428 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
17:44:36.0268 1428 amdagp - ok
17:44:36.0299 1428 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
17:44:36.0330 1428 amdide - ok
17:44:36.0361 1428 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:44:36.0424 1428 AmdK8 - ok
17:44:36.0470 1428 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:44:36.0548 1428 AmdPPM - ok
17:44:36.0658 1428 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
17:44:36.0689 1428 amdsata - ok
17:44:36.0720 1428 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:44:36.0736 1428 amdsbs - ok
17:44:36.0782 1428 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:44:36.0814 1428 amdxata - ok
17:44:36.0954 1428 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:44:36.0970 1428 AntiVirSchedulerService - ok
17:44:37.0001 1428 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:44:37.0016 1428 AntiVirService - ok
17:44:37.0094 1428 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
17:44:37.0204 1428 AppID - ok
17:44:37.0422 1428 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:44:37.0484 1428 AppIDSvc - ok
17:44:37.0562 1428 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
17:44:37.0609 1428 Appinfo - ok
17:44:37.0672 1428 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
17:44:37.0703 1428 arc - ok
17:44:37.0750 1428 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:44:37.0765 1428 arcsas - ok
17:44:37.0812 1428 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:44:37.0921 1428 AsyncMac - ok
17:44:37.0968 1428 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
17:44:37.0984 1428 atapi - ok
17:44:38.0093 1428 [ 235056492F54268883CE3DEA3ACB9997 ] athr C:\windows\system32\DRIVERS\athr.sys
17:44:38.0327 1428 athr - ok
17:44:38.0436 1428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:44:38.0530 1428 AudioEndpointBuilder - ok
17:44:38.0545 1428 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
17:44:38.0592 1428 Audiosrv - ok
17:44:38.0623 1428 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:44:38.0639 1428 avgntflt - ok
17:44:38.0686 1428 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:44:38.0701 1428 avipbb - ok
17:44:38.0764 1428 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:44:38.0842 1428 AxInstSV - ok
17:44:38.0888 1428 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
17:44:38.0935 1428 b06bdrv - ok
17:44:38.0982 1428 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
17:44:39.0013 1428 b57nd60x - ok
17:44:39.0060 1428 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
17:44:39.0107 1428 BDESVC - ok
17:44:39.0138 1428 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
17:44:39.0185 1428 Beep - ok
17:44:39.0247 1428 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
17:44:39.0310 1428 BFE - ok
17:44:39.0356 1428 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
17:44:39.0450 1428 BITS - ok
17:44:39.0466 1428 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:44:39.0559 1428 blbdrive - ok
17:44:39.0590 1428 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:44:39.0668 1428 bowser - ok
17:44:39.0700 1428 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:44:39.0793 1428 BrFiltLo - ok
17:44:39.0824 1428 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:44:39.0871 1428 BrFiltUp - ok
17:44:39.0902 1428 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
17:44:39.0965 1428 Browser - ok
17:44:40.0199 1428 [ 9FCD0930616714A752F48DDBA54F3109 ] Browser Manager C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
17:44:40.0417 1428 Browser Manager - ok
17:44:40.0464 1428 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:44:40.0573 1428 Brserid - ok
17:44:40.0589 1428 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:44:40.0636 1428 BrSerWdm - ok
17:44:40.0698 1428 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:44:40.0776 1428 BrUsbMdm - ok
17:44:40.0807 1428 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:44:40.0854 1428 BrUsbSer - ok
17:44:40.0916 1428 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:44:40.0963 1428 BTHMODEM - ok
17:44:41.0026 1428 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
17:44:41.0104 1428 bthserv - ok
17:44:41.0119 1428 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:44:41.0182 1428 cdfs - ok
17:44:41.0244 1428 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
17:44:41.0291 1428 cdrom - ok
17:44:41.0369 1428 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
17:44:41.0416 1428 CertPropSvc - ok
17:44:41.0462 1428 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:44:41.0509 1428 circlass - ok
17:44:41.0556 1428 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
17:44:41.0572 1428 CLFS - ok
17:44:41.0712 1428 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:44:41.0728 1428 clr_optimization_v2.0.50727_32 - ok
17:44:41.0790 1428 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:44:41.0852 1428 clr_optimization_v4.0.30319_32 - ok
17:44:41.0884 1428 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:44:41.0946 1428 CmBatt - ok
17:44:41.0962 1428 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
17:44:41.0977 1428 cmdide - ok
17:44:42.0071 1428 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
17:44:42.0102 1428 CNG - ok
17:44:42.0133 1428 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:44:42.0164 1428 Compbatt - ok
17:44:42.0227 1428 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:44:42.0242 1428 CompositeBus - ok
17:44:42.0258 1428 COMSysApp - ok
17:44:42.0289 1428 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:44:42.0305 1428 crcdisk - ok
17:44:42.0383 1428 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
17:44:42.0445 1428 CryptSvc - ok
17:44:42.0492 1428 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
17:44:42.0523 1428 DcomLaunch - ok
17:44:42.0554 1428 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
17:44:42.0617 1428 defragsvc - ok
17:44:42.0679 1428 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:44:42.0726 1428 DfsC - ok
17:44:42.0788 1428 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
17:44:42.0898 1428 Dhcp - ok
17:44:42.0929 1428 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
17:44:42.0976 1428 discache - ok
17:44:43.0054 1428 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
17:44:43.0085 1428 Disk - ok
17:44:43.0116 1428 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:44:43.0178 1428 Dnscache - ok
17:44:43.0225 1428 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
17:44:43.0366 1428 dot3svc - ok
17:44:43.0397 1428 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
17:44:43.0459 1428 DPS - ok
17:44:43.0490 1428 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:44:43.0522 1428 drmkaud - ok
17:44:43.0568 1428 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:44:43.0600 1428 DXGKrnl - ok
17:44:43.0678 1428 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
17:44:43.0724 1428 EapHost - ok
17:44:43.0818 1428 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
17:44:43.0927 1428 ebdrv - ok
17:44:43.0974 1428 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
17:44:44.0021 1428 EFS - ok
17:44:44.0083 1428 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:44:44.0177 1428 ehRecvr - ok
17:44:44.0208 1428 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
17:44:44.0255 1428 ehSched - ok
17:44:44.0317 1428 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:44:44.0333 1428 elxstor - ok
17:44:44.0458 1428 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:44:44.0504 1428 ErrDev - ok
17:44:44.0551 1428 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
17:44:44.0598 1428 EventSystem - ok
17:44:44.0629 1428 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
17:44:44.0676 1428 exfat - ok
17:44:44.0707 1428 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:44:44.0770 1428 fastfat - ok
17:44:44.0832 1428 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
17:44:44.0894 1428 Fax - ok
17:44:44.0910 1428 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:44:44.0957 1428 fdc - ok
17:44:44.0988 1428 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
17:44:45.0066 1428 fdPHost - ok
17:44:45.0066 1428 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
17:44:45.0128 1428 FDResPub - ok
17:44:45.0144 1428 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:44:45.0175 1428 FileInfo - ok
17:44:45.0191 1428 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:44:45.0238 1428 Filetrace - ok
17:44:45.0253 1428 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:44:45.0316 1428 flpydisk - ok
17:44:45.0347 1428 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:44:45.0378 1428 FltMgr - ok
17:44:45.0440 1428 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
17:44:45.0534 1428 FontCache - ok
17:44:45.0581 1428 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:44:45.0612 1428 FontCache3.0.0.0 - ok
17:44:45.0643 1428 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:44:45.0659 1428 FsDepends - ok
17:44:45.0690 1428 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:44:45.0706 1428 fssfltr - ok
17:44:45.0815 1428 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:44:45.0908 1428 fsssvc - ok
17:44:46.0018 1428 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:44:46.0064 1428 Fs_Rec - ok
17:44:46.0111 1428 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:44:46.0142 1428 fvevol - ok
17:44:46.0174 1428 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:44:46.0189 1428 gagp30kx - ok
17:44:46.0688 1428 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
17:44:46.0751 1428 gpsvc - ok
17:44:46.0844 1428 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:44:46.0876 1428 gupdate - ok
17:44:46.0922 1428 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:44:46.0938 1428 gupdatem - ok
17:44:47.0032 1428 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:44:47.0063 1428 gusvc - ok
17:44:47.0094 1428 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:44:47.0156 1428 hcw85cir - ok
17:44:47.0203 1428 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:44:47.0266 1428 HdAudAddService - ok
17:44:47.0297 1428 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:44:47.0328 1428 HDAudBus - ok
17:44:47.0359 1428 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:44:47.0390 1428 HidBatt - ok
17:44:47.0422 1428 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:44:47.0453 1428 HidBth - ok
17:44:47.0484 1428 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:44:47.0515 1428 HidIr - ok
17:44:47.0562 1428 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
17:44:47.0609 1428 hidserv - ok
17:44:47.0671 1428 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:44:47.0702 1428 HidUsb - ok
17:44:47.0765 1428 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
17:44:47.0812 1428 hkmsvc - ok
17:44:47.0874 1428 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:44:47.0999 1428 HomeGroupListener - ok
17:44:48.0092 1428 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:44:48.0186 1428 HomeGroupProvider - ok
17:44:48.0233 1428 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:44:48.0264 1428 HpSAMD - ok
17:44:48.0326 1428 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:44:48.0358 1428 HTTP - ok
17:44:48.0389 1428 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:44:48.0404 1428 hwpolicy - ok
17:44:48.0482 1428 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:44:48.0498 1428 i8042prt - ok
17:44:48.0576 1428 [ 0BAA4115DFFFD6A6D809A89D65E1281A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:44:48.0592 1428 iaStor - ok
17:44:48.0670 1428 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:44:48.0716 1428 iaStorV - ok
17:44:48.0810 1428 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:44:48.0935 1428 idsvc - ok
17:44:49.0200 1428 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
17:44:49.0684 1428 igfx - ok
17:44:49.0746 1428 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:44:49.0762 1428 iirsp - ok
17:44:49.0840 1428 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
17:44:49.0902 1428 IKEEXT - ok
17:44:50.0058 1428 [ 3202E26501E5E18C35DC2CC74709A704 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
17:44:50.0120 1428 IntcAzAudAddService - ok
17:44:50.0198 1428 [ 264632ADE8127B7BAA2190CF6FAD435B ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
17:44:50.0245 1428 IntcHdmiAddService - ok
17:44:50.0276 1428 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
17:44:50.0323 1428 intelide - ok
17:44:50.0432 1428 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:44:50.0479 1428 intelppm - ok
17:44:50.0604 1428 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:44:50.0698 1428 IPBusEnum - ok
17:44:50.0729 1428 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:44:50.0791 1428 IpFilterDriver - ok
17:44:50.0854 1428 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:44:50.0916 1428 iphlpsvc - ok
17:44:50.0947 1428 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:44:51.0025 1428 IPMIDRV - ok
17:44:51.0041 1428 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:44:51.0103 1428 IPNAT - ok
17:44:51.0119 1428 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
17:44:51.0197 1428 IRENUM - ok
17:44:51.0228 1428 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:44:51.0259 1428 isapnp - ok
17:44:51.0322 1428 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:44:51.0400 1428 iScsiPrt - ok
17:44:51.0524 1428 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:44:51.0618 1428 kbdclass - ok
17:44:51.0680 1428 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:44:51.0743 1428 kbdhid - ok
17:44:51.0758 1428 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
17:44:51.0774 1428 KeyIso - ok
17:44:51.0852 1428 [ 4635935FC972C582632BF45C26BFCB0E ] KMService C:\windows\system32\srvany.exe
17:44:51.0899 1428 KMService ( UnsignedFile.Multi.Generic ) - warning
17:44:51.0899 1428 KMService - detected UnsignedFile.Multi.Generic (1)
17:44:51.0930 1428 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:44:51.0961 1428 KSecDD - ok
17:44:51.0977 1428 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:44:52.0008 1428 KSecPkg - ok
17:44:52.0055 1428 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
17:44:52.0133 1428 KtmRm - ok
17:44:52.0164 1428 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
17:44:52.0242 1428 LanmanServer - ok
17:44:52.0289 1428 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:44:52.0336 1428 LanmanWorkstation - ok
17:44:52.0414 1428 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:44:52.0460 1428 lltdio - ok
17:44:52.0492 1428 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:44:52.0570 1428 lltdsvc - ok
17:44:52.0679 1428 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
17:44:52.0772 1428 lmhosts - ok
17:44:52.0804 1428 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:44:52.0882 1428 LSI_FC - ok
17:44:52.0913 1428 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:44:52.0944 1428 LSI_SAS - ok
17:44:52.0960 1428 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:44:52.0975 1428 LSI_SAS2 - ok
17:44:52.0991 1428 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:44:53.0022 1428 LSI_SCSI - ok
17:44:53.0053 1428 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
17:44:53.0131 1428 luafv - ok
17:44:53.0225 1428 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:44:53.0240 1428 MBAMProtector - ok
17:44:53.0396 1428 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:44:53.0443 1428 MBAMScheduler - ok
17:44:53.0537 1428 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:44:53.0568 1428 MBAMService - ok
17:44:53.0662 1428 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:44:53.0693 1428 Mcx2Svc - ok
17:44:53.0724 1428 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:44:53.0740 1428 megasas - ok
17:44:53.0771 1428 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:44:53.0818 1428 MegaSR - ok
17:44:53.0942 1428 Microsoft SharePoint Workspace Audit Service - ok
17:44:54.0005 1428 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
17:44:54.0067 1428 MMCSS - ok
17:44:54.0114 1428 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
17:44:54.0176 1428 Modem - ok
17:44:54.0208 1428 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:44:54.0239 1428 monitor - ok
17:44:54.0286 1428 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:44:54.0301 1428 mouclass - ok
17:44:54.0348 1428 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:44:54.0379 1428 mouhid - ok
17:44:54.0457 1428 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:44:54.0473 1428 mountmgr - ok
17:44:54.0582 1428 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:44:54.0598 1428 MozillaMaintenance - ok
17:44:54.0660 1428 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
17:44:54.0691 1428 mpio - ok
17:44:54.0722 1428 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:44:54.0785 1428 mpsdrv - ok
17:44:54.0816 1428 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
17:44:54.0878 1428 MpsSvc - ok
17:44:54.0925 1428 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:44:54.0956 1428 MRxDAV - ok
17:44:55.0003 1428 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:44:55.0050 1428 mrxsmb - ok
17:44:55.0081 1428 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:44:55.0144 1428 mrxsmb10 - ok
17:44:55.0175 1428 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:44:55.0206 1428 mrxsmb20 - ok
17:44:55.0237 1428 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
17:44:55.0268 1428 msahci - ok
17:44:55.0300 1428 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:44:55.0331 1428 msdsm - ok
17:44:55.0362 1428 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
17:44:55.0393 1428 MSDTC - ok
17:44:55.0456 1428 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
17:44:55.0502 1428 Msfs - ok
17:44:55.0518 1428 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:44:55.0580 1428 mshidkmdf - ok
17:44:55.0612 1428 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:44:55.0643 1428 msisadrv - ok
17:44:55.0690 1428 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:44:55.0752 1428 MSiSCSI - ok
17:44:55.0752 1428 msiserver - ok
17:44:55.0783 1428 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:44:55.0846 1428 MSKSSRV - ok
17:44:55.0877 1428 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:44:55.0939 1428 MSPCLOCK - ok
17:44:55.0955 1428 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:44:55.0986 1428 MSPQM - ok
17:44:56.0002 1428 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:44:56.0048 1428 MsRPC - ok
17:44:56.0158 1428 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:44:56.0173 1428 mssmbios - ok
17:44:56.0236 1428 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:44:56.0267 1428 MSTEE - ok
17:44:56.0298 1428 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:44:56.0407 1428 MTConfig - ok
17:44:56.0423 1428 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
17:44:56.0454 1428 Mup - ok
17:44:56.0501 1428 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
17:44:56.0657 1428 napagent - ok
17:44:56.0704 1428 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:44:56.0828 1428 NativeWifiP - ok
17:44:56.0875 1428 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
17:44:56.0906 1428 NDIS - ok
17:44:56.0922 1428 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:44:56.0984 1428 NdisCap - ok
17:44:57.0016 1428 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:44:57.0062 1428 NdisTapi - ok
17:44:57.0140 1428 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:44:57.0187 1428 Ndisuio - ok
17:44:57.0250 1428 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:44:57.0328 1428 NdisWan - ok
17:44:57.0343 1428 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:44:57.0406 1428 NDProxy - ok
17:44:57.0452 1428 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:44:57.0562 1428 NetBIOS - ok
17:44:57.0608 1428 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:44:57.0655 1428 NetBT - ok
17:44:57.0671 1428 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
17:44:57.0702 1428 Netlogon - ok
17:44:57.0733 1428 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
17:44:57.0811 1428 Netman - ok
17:44:57.0842 1428 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
17:44:57.0920 1428 netprofm - ok
17:44:57.0952 1428 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:44:57.0983 1428 NetTcpPortSharing - ok
17:44:58.0030 1428 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:44:58.0061 1428 nfrd960 - ok
17:44:58.0092 1428 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
17:44:58.0186 1428 NlaSvc - ok
17:44:58.0295 1428 [ 712BC0C22BA00B2BA324C6B8DF668EE7 ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
17:44:58.0388 1428 nmwcd - ok
17:44:58.0420 1428 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:44:58.0529 1428 Npfs - ok
17:44:58.0560 1428 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
17:44:58.0622 1428 nsi - ok
17:44:58.0654 1428 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:44:58.0700 1428 nsiproxy - ok
17:44:58.0778 1428 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:44:58.0903 1428 Ntfs - ok
17:44:58.0934 1428 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
17:44:58.0981 1428 Null - ok
17:44:59.0028 1428 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:44:59.0059 1428 nvraid - ok
17:44:59.0106 1428 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:44:59.0168 1428 nvstor - ok
17:44:59.0184 1428 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:44:59.0278 1428 nv_agp - ok
17:44:59.0340 1428 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
17:44:59.0356 1428 OberonGameConsoleService - ok
17:44:59.0434 1428 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:44:59.0480 1428 ohci1394 - ok
17:44:59.0558 1428 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:44:59.0590 1428 ose - ok
17:44:59.0808 1428 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:00.0120 1428 osppsvc - ok
17:45:00.0167 1428 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:45:00.0245 1428 p2pimsvc - ok
17:45:00.0292 1428 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
17:45:00.0338 1428 p2psvc - ok
17:45:00.0370 1428 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:45:00.0401 1428 Parport - ok
17:45:00.0432 1428 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
17:45:00.0463 1428 partmgr - ok
17:45:00.0479 1428 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
17:45:00.0510 1428 Parvdm - ok
17:45:00.0541 1428 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
17:45:00.0557 1428 PcaSvc - ok
17:45:00.0588 1428 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
17:45:00.0713 1428 pci - ok
17:45:00.0713 1428 Scan interrupted by user!
17:45:00.0713 1428 ================ Scan global ===============================
17:45:00.0713 1428 Scan interrupted by user!
17:45:00.0713 1428 ================ Scan MBR ==================================
17:45:00.0713 1428 Scan interrupted by user!
17:45:00.0713 1428 ================ Scan VBR ==================================
17:45:00.0713 1428 Scan interrupted by user!
17:45:00.0713 1428 ============================================================
17:45:00.0713 1428 Scan finished
17:45:00.0713 1428 ============================================================
17:45:00.0728 3572 Detected object count: 1
17:45:00.0728 3572 Actual detected object count: 1
17:45:09.0293 3572 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:45:09.0293 3572 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:45:16.0079 1504 ============================================================
17:45:16.0079 1504 Scan started
17:45:16.0079 1504 Mode: Manual; SigCheck; TDLFS;
17:45:16.0079 1504 ============================================================
17:45:16.0360 1504 ================ Scan system memory ========================
17:45:16.0360 1504 System memory - ok
17:45:16.0375 1504 ================ Scan services =============================
17:45:16.0672 1504 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:45:16.0703 1504 1394ohci - ok
17:45:16.0750 1504 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:45:16.0781 1504 ACPI - ok
17:45:16.0874 1504 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:45:16.0890 1504 AcpiPmi - ok
17:45:16.0921 1504 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
17:45:16.0952 1504 adp94xx - ok
17:45:16.0984 1504 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
17:45:16.0999 1504 adpahci - ok
17:45:17.0030 1504 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
17:45:17.0062 1504 adpu320 - ok
17:45:17.0202 1504 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:45:17.0218 1504 AeLookupSvc - ok
17:45:17.0405 1504 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\windows\system32\drivers\afd.sys
17:45:17.0420 1504 AFD - ok
17:45:17.0576 1504 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\windows\system32\drivers\agp440.sys
17:45:17.0592 1504 agp440 - ok
17:45:17.0670 1504 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\windows\system32\DRIVERS\djsvs.sys
17:45:17.0686 1504 aic78xx - ok
17:45:17.0732 1504 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\windows\System32\alg.exe
17:45:17.0748 1504 ALG - ok
17:45:17.0857 1504 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\windows\system32\drivers\aliide.sys
17:45:17.0888 1504 aliide - ok
17:45:17.0935 1504 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\windows\system32\drivers\amdagp.sys
17:45:17.0966 1504 amdagp - ok
17:45:17.0966 1504 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\windows\system32\drivers\amdide.sys
17:45:17.0982 1504 amdide - ok
17:45:18.0029 1504 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
17:45:18.0044 1504 AmdK8 - ok
17:45:18.0076 1504 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
17:45:18.0091 1504 AmdPPM - ok
17:45:18.0122 1504 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\windows\system32\drivers\amdsata.sys
17:45:18.0138 1504 amdsata - ok
17:45:18.0200 1504 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
17:45:18.0232 1504 amdsbs - ok
17:45:18.0247 1504 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\windows\system32\drivers\amdxata.sys
17:45:18.0263 1504 amdxata - ok
17:45:18.0356 1504 [ C27D46B06D340293670450FCE9DFB166 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
17:45:18.0372 1504 AntiVirSchedulerService - ok
17:45:18.0434 1504 [ 72D90E56563165984224493069C69ED4 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
17:45:18.0450 1504 AntiVirService - ok
17:45:18.0497 1504 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\windows\system32\drivers\appid.sys
17:45:18.0528 1504 AppID - ok
17:45:18.0575 1504 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:45:18.0606 1504 AppIDSvc - ok
17:45:18.0653 1504 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\windows\System32\appinfo.dll
17:45:18.0684 1504 Appinfo - ok
17:45:18.0715 1504 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\windows\system32\DRIVERS\arc.sys
17:45:18.0746 1504 arc - ok
17:45:18.0778 1504 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
17:45:18.0793 1504 arcsas - ok
17:45:18.0840 1504 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:45:18.0871 1504 AsyncMac - ok
17:45:18.0918 1504 [ 338C86357871C167A96AB976519BF59E ] atapi C:\windows\system32\drivers\atapi.sys
17:45:18.0934 1504 atapi - ok
17:45:19.0012 1504 [ 235056492F54268883CE3DEA3ACB9997 ] athr C:\windows\system32\DRIVERS\athr.sys
17:45:19.0058 1504 athr - ok
17:45:19.0121 1504 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:45:19.0152 1504 AudioEndpointBuilder - ok
17:45:19.0183 1504 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\windows\System32\Audiosrv.dll
17:45:19.0214 1504 Audiosrv - ok
17:45:19.0246 1504 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
17:45:19.0261 1504 avgntflt - ok
17:45:19.0292 1504 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
17:45:19.0308 1504 avipbb - ok
17:45:19.0386 1504 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\windows\System32\AxInstSV.dll
17:45:19.0402 1504 AxInstSV - ok
17:45:19.0542 1504 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\windows\system32\DRIVERS\bxvbdx.sys
17:45:19.0558 1504 b06bdrv - ok
17:45:19.0604 1504 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\windows\system32\DRIVERS\b57nd60x.sys
17:45:19.0620 1504 b57nd60x - ok
17:45:19.0682 1504 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\windows\System32\bdesvc.dll
17:45:19.0698 1504 BDESVC - ok
17:45:19.0729 1504 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\windows\system32\drivers\Beep.sys
17:45:19.0760 1504 Beep - ok
17:45:20.0010 1504 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\windows\System32\bfe.dll
17:45:20.0041 1504 BFE - ok
17:45:20.0135 1504 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\windows\System32\qmgr.dll
17:45:20.0166 1504 BITS - ok
17:45:20.0197 1504 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:45:20.0213 1504 blbdrive - ok
17:45:20.0260 1504 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:45:20.0275 1504 bowser - ok
17:45:20.0306 1504 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
17:45:20.0338 1504 BrFiltLo - ok
17:45:20.0353 1504 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
17:45:20.0369 1504 BrFiltUp - ok
17:45:20.0416 1504 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\windows\System32\browser.dll
17:45:20.0462 1504 Browser - ok
17:45:20.0728 1504 [ 9FCD0930616714A752F48DDBA54F3109 ] Browser Manager C:\ProgramData\Browser Manager\2.3.787.43\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
17:45:20.0790 1504 Browser Manager - ok
17:45:20.0837 1504 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:45:20.0868 1504 Brserid - ok
17:45:20.0899 1504 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:45:20.0930 1504 BrSerWdm - ok
17:45:20.0946 1504 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:45:20.0962 1504 BrUsbMdm - ok
17:45:20.0977 1504 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:45:21.0008 1504 BrUsbSer - ok
17:45:21.0024 1504 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
17:45:21.0055 1504 BTHMODEM - ok
17:45:21.0180 1504 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\windows\system32\bthserv.dll
17:45:21.0227 1504 bthserv - ok
17:45:21.0274 1504 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:45:21.0336 1504 cdfs - ok
17:45:21.0398 1504 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\windows\system32\drivers\cdrom.sys
17:45:21.0414 1504 cdrom - ok
17:45:21.0461 1504 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\windows\System32\certprop.dll
17:45:21.0492 1504 CertPropSvc - ok
17:45:21.0523 1504 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\windows\system32\DRIVERS\circlass.sys
17:45:21.0539 1504 circlass - ok
17:45:21.0648 1504 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\windows\system32\CLFS.sys
17:45:21.0664 1504 CLFS - ok
17:45:21.0742 1504 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:45:21.0757 1504 clr_optimization_v2.0.50727_32 - ok
17:45:21.0851 1504 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:45:21.0882 1504 clr_optimization_v4.0.30319_32 - ok
17:45:21.0898 1504 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:45:21.0913 1504 CmBatt - ok
17:45:21.0944 1504 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\windows\system32\drivers\cmdide.sys
17:45:21.0960 1504 cmdide - ok
17:45:22.0069 1504 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\windows\system32\Drivers\cng.sys
17:45:22.0100 1504 CNG - ok
17:45:22.0116 1504 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
17:45:22.0132 1504 Compbatt - ok
17:45:22.0163 1504 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
17:45:22.0210 1504 CompositeBus - ok
17:45:22.0210 1504 COMSysApp - ok
17:45:22.0225 1504 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
17:45:22.0241 1504 crcdisk - ok
17:45:22.0303 1504 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\windows\system32\cryptsvc.dll
17:45:22.0334 1504 CryptSvc - ok
17:45:22.0366 1504 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\windows\system32\rpcss.dll
17:45:22.0412 1504 DcomLaunch - ok
17:45:22.0459 1504 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\windows\System32\defragsvc.dll
17:45:22.0490 1504 defragsvc - ok
17:45:22.0584 1504 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:45:22.0615 1504 DfsC - ok
17:45:22.0662 1504 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\windows\system32\dhcpcore.dll
17:45:22.0693 1504 Dhcp - ok
17:45:22.0724 1504 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\windows\system32\drivers\discache.sys
17:45:22.0771 1504 discache - ok
17:45:22.0787 1504 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\windows\system32\DRIVERS\disk.sys
17:45:22.0802 1504 Disk - ok
17:45:22.0849 1504 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:45:22.0880 1504 Dnscache - ok
17:45:22.0927 1504 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\windows\System32\dot3svc.dll
17:45:22.0974 1504 dot3svc - ok
17:45:23.0036 1504 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\windows\system32\dps.dll
17:45:23.0068 1504 DPS - ok
17:45:23.0146 1504 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:45:23.0161 1504 drmkaud - ok
17:45:23.0224 1504 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:45:23.0255 1504 DXGKrnl - ok
17:45:23.0286 1504 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\windows\System32\eapsvc.dll
17:45:23.0333 1504 EapHost - ok
17:45:23.0411 1504 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\windows\system32\DRIVERS\evbdx.sys
17:45:23.0473 1504 ebdrv - ok
17:45:23.0520 1504 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\windows\System32\lsass.exe
17:45:23.0536 1504 EFS - ok
17:45:23.0676 1504 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:45:23.0723 1504 ehRecvr - ok
17:45:23.0738 1504 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\windows\ehome\ehsched.exe
17:45:23.0754 1504 ehSched - ok
17:45:23.0801 1504 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
17:45:23.0832 1504 elxstor - ok
17:45:23.0863 1504 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:45:23.0894 1504 ErrDev - ok
17:45:23.0972 1504 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\windows\system32\es.dll
17:45:24.0004 1504 EventSystem - ok
17:45:24.0035 1504 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\windows\system32\drivers\exfat.sys
17:45:24.0082 1504 exfat - ok
17:45:24.0113 1504 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:45:24.0144 1504 fastfat - ok
17:45:24.0191 1504 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\windows\system32\fxssvc.exe
17:45:24.0238 1504 Fax - ok
17:45:24.0253 1504 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\windows\system32\DRIVERS\fdc.sys
17:45:24.0269 1504 fdc - ok
17:45:24.0300 1504 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\windows\system32\fdPHost.dll
17:45:24.0331 1504 fdPHost - ok
17:45:24.0362 1504 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\windows\system32\fdrespub.dll
17:45:24.0394 1504 FDResPub - ok
17:45:24.0409 1504 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:45:24.0440 1504 FileInfo - ok
17:45:24.0456 1504 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:45:24.0487 1504 Filetrace - ok
17:45:24.0518 1504 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
17:45:24.0534 1504 flpydisk - ok
17:45:24.0550 1504 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:45:24.0581 1504 FltMgr - ok
17:45:24.0674 1504 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\windows\system32\FntCache.dll
17:45:24.0706 1504 FontCache - ok
17:45:24.0799 1504 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:45:24.0815 1504 FontCache3.0.0.0 - ok
17:45:24.0862 1504 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:45:24.0877 1504 FsDepends - ok
17:45:24.0908 1504 [ B74B0578FD1D3F897E95F2A2B69EA051 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
17:45:24.0924 1504 fssfltr - ok
17:45:25.0064 1504 [ 206AD9A89BF05DFA1621F1FC7B82592D ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
17:45:25.0096 1504 fsssvc - ok
17:45:25.0158 1504 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:45:25.0174 1504 Fs_Rec - ok
17:45:25.0220 1504 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:45:25.0252 1504 fvevol - ok
17:45:25.0298 1504 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
17:45:25.0330 1504 gagp30kx - ok
17:45:25.0376 1504 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\windows\System32\gpsvc.dll
17:45:25.0470 1504 gpsvc - ok
17:45:25.0564 1504 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:25.0579 1504 gupdate - ok
17:45:25.0595 1504 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
17:45:25.0610 1504 gupdatem - ok
17:45:25.0673 1504 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:45:25.0688 1504 gusvc - ok
17:45:25.0704 1504 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:45:25.0782 1504 hcw85cir - ok
17:45:25.0985 1504 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:45:26.0094 1504 HdAudAddService - ok
17:45:26.0141 1504 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
17:45:26.0156 1504 HDAudBus - ok
17:45:26.0203 1504 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
17:45:26.0281 1504 HidBatt - ok
17:45:26.0312 1504 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
17:45:26.0406 1504 HidBth - ok
17:45:26.0422 1504 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\windows\system32\DRIVERS\hidir.sys
17:45:26.0453 1504 HidIr - ok
17:45:26.0484 1504 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\windows\system32\hidserv.dll
17:45:26.0546 1504 hidserv - ok
17:45:26.0562 1504 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
17:45:26.0578 1504 HidUsb - ok
17:45:26.0671 1504 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\windows\system32\kmsvc.dll
17:45:26.0702 1504 hkmsvc - ok
17:45:26.0718 1504 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:45:26.0749 1504 HomeGroupListener - ok
17:45:26.0796 1504 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:45:26.0812 1504 HomeGroupProvider - ok
17:45:26.0858 1504 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:45:26.0874 1504 HpSAMD - ok
17:45:26.0952 1504 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:45:26.0983 1504 HTTP - ok
17:45:27.0014 1504 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:45:27.0046 1504 hwpolicy - ok
17:45:27.0124 1504 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\windows\system32\drivers\i8042prt.sys
17:45:27.0155 1504 i8042prt - ok
17:45:27.0186 1504 [ 0BAA4115DFFFD6A6D809A89D65E1281A ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:45:27.0202 1504 iaStor - ok
17:45:27.0233 1504 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:45:27.0264 1504 iaStorV - ok
17:45:27.0467 1504 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:45:27.0498 1504 idsvc - ok
17:45:27.0888 1504 [ DCE0B53570703CCE580D066F89EF58CD ] igfx C:\windows\system32\DRIVERS\igdkmd32.sys
17:45:28.0013 1504 igfx - ok
17:45:28.0060 1504 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
17:45:28.0075 1504 iirsp - ok
17:45:28.0138 1504 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\windows\System32\ikeext.dll
17:45:28.0184 1504 IKEEXT - ok
17:45:28.0309 1504 [ 3202E26501E5E18C35DC2CC74709A704 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHDA.sys
17:45:28.0387 1504 IntcAzAudAddService - ok
17:45:28.0512 1504 [ 264632ADE8127B7BAA2190CF6FAD435B ] IntcHdmiAddService C:\windows\system32\drivers\IntcHdmi.sys
17:45:28.0559 1504 IntcHdmiAddService - ok
17:45:28.0590 1504 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\windows\system32\drivers\intelide.sys
17:45:28.0606 1504 intelide - ok
17:45:28.0668 1504 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:45:28.0684 1504 intelppm - ok
17:45:28.0762 1504 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:45:28.0793 1504 IPBusEnum - ok
17:45:28.0824 1504 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:45:28.0855 1504 IpFilterDriver - ok
17:45:28.0996 1504 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:45:29.0042 1504 iphlpsvc - ok
17:45:29.0089 1504 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:45:29.0105 1504 IPMIDRV - ok
17:45:29.0136 1504 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:45:29.0183 1504 IPNAT - ok
17:45:29.0214 1504 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\windows\system32\drivers\irenum.sys
17:45:29.0230 1504 IRENUM - ok
17:45:29.0261 1504 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:45:29.0276 1504 isapnp - ok
17:45:29.0370 1504 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:45:29.0401 1504 iScsiPrt - ok
17:45:29.0417 1504 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\windows\system32\drivers\kbdclass.sys
17:45:29.0432 1504 kbdclass - ok
17:45:29.0557 1504 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:45:29.0651 1504 kbdhid - ok
17:45:29.0682 1504 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\windows\system32\lsass.exe
17:45:29.0729 1504 KeyIso - ok
17:45:29.0822 1504 [ 4635935FC972C582632BF45C26BFCB0E ] KMService C:\windows\system32\srvany.exe
17:45:29.0822 1504 KMService ( UnsignedFile.Multi.Generic ) - warning
17:45:29.0822 1504 KMService - detected UnsignedFile.Multi.Generic (1)
17:45:29.0869 1504 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:45:29.0885 1504 KSecDD - ok
17:45:29.0916 1504 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:45:29.0932 1504 KSecPkg - ok
17:45:29.0978 1504 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\windows\system32\msdtckrm.dll
17:45:30.0010 1504 KtmRm - ok
17:45:30.0041 1504 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\windows\system32\srvsvc.dll
17:45:30.0088 1504 LanmanServer - ok
17:45:30.0103 1504 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:45:30.0134 1504 LanmanWorkstation - ok
17:45:30.0181 1504 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:45:30.0228 1504 lltdio - ok
17:45:30.0290 1504 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:45:30.0337 1504 lltdsvc - ok
17:45:30.0368 1504 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\windows\System32\lmhsvc.dll
17:45:30.0400 1504 lmhosts - ok
17:45:30.0431 1504 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
17:45:30.0462 1504 LSI_FC - ok
17:45:30.0478 1504 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
17:45:30.0493 1504 LSI_SAS - ok
17:45:30.0509 1504 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
17:45:30.0540 1504 LSI_SAS2 - ok
17:45:30.0556 1504 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
17:45:30.0571 1504 LSI_SCSI - ok
17:45:30.0602 1504 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\windows\system32\drivers\luafv.sys
17:45:30.0634 1504 luafv - ok
17:45:30.0712 1504 [ 500D089CE760D83DA2B6CBA681AA9949 ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:45:30.0727 1504 MBAMProtector - ok
17:45:30.0946 1504 [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
17:45:30.0977 1504 MBAMScheduler - ok
17:45:31.0195 1504 [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
17:45:31.0226 1504 MBAMService - ok
17:45:31.0273 1504 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:45:31.0289 1504 Mcx2Svc - ok
17:45:31.0523 1504 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\windows\system32\DRIVERS\megasas.sys
17:45:31.0538 1504 megasas - ok
17:45:31.0554 1504 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
17:45:31.0585 1504 MegaSR - ok
17:45:31.0679 1504 Microsoft SharePoint Workspace Audit Service - ok
17:45:31.0726 1504 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\windows\system32\mmcss.dll
17:45:31.0757 1504 MMCSS - ok
17:45:31.0772 1504 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\windows\system32\drivers\modem.sys
17:45:31.0804 1504 Modem - ok
17:45:31.0819 1504 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:45:31.0835 1504 monitor - ok
17:45:31.0882 1504 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:45:31.0897 1504 mouclass - ok
17:45:31.0928 1504 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
17:45:31.0944 1504 mouhid - ok
17:45:32.0131 1504 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:45:32.0162 1504 mountmgr - ok
17:45:32.0209 1504 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:45:32.0225 1504 MozillaMaintenance - ok
17:45:32.0272 1504 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\windows\system32\drivers\mpio.sys
17:45:32.0287 1504 mpio - ok
17:45:32.0350 1504 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:45:32.0412 1504 mpsdrv - ok
17:45:32.0521 1504 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\windows\system32\mpssvc.dll
17:45:32.0584 1504 MpsSvc - ok
17:45:32.0662 1504 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:45:32.0724 1504 MRxDAV - ok
17:45:32.0818 1504 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:45:32.0864 1504 mrxsmb - ok
17:45:32.0911 1504 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:45:32.0927 1504 mrxsmb10 - ok
17:45:32.0942 1504 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:45:32.0958 1504 mrxsmb20 - ok
17:45:33.0005 1504 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\windows\system32\drivers\msahci.sys
17:45:33.0036 1504 msahci - ok
17:45:33.0067 1504 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:45:33.0083 1504 msdsm - ok
17:45:33.0161 1504 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\windows\System32\msdtc.exe
17:45:33.0176 1504 MSDTC - ok
17:45:33.0239 1504 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\windows\system32\drivers\Msfs.sys
17:45:33.0286 1504 Msfs - ok
17:45:33.0301 1504 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:45:33.0332 1504 mshidkmdf - ok
17:45:33.0395 1504 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:45:33.0426 1504 msisadrv - ok
17:45:33.0457 1504 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:45:33.0488 1504 MSiSCSI - ok
17:45:33.0504 1504 msiserver - ok
17:45:33.0520 1504 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:45:33.0566 1504 MSKSSRV - ok
17:45:33.0582 1504 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:45:33.0613 1504 MSPCLOCK - ok
17:45:33.0660 1504 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:45:33.0691 1504 MSPQM - ok
17:45:33.0816 1504 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:45:33.0832 1504 MsRPC - ok
17:45:33.0878 1504 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
17:45:33.0894 1504 mssmbios - ok
17:45:33.0910 1504 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:45:33.0956 1504 MSTEE - ok
17:45:34.0300 1504 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
17:45:34.0378 1504 MTConfig - ok
17:45:34.0393 1504 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\windows\system32\Drivers\mup.sys
17:45:34.0424 1504 Mup - ok
17:45:34.0456 1504 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\windows\system32\qagentRT.dll
17:45:34.0502 1504 napagent - ok
17:45:34.0534 1504 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:45:34.0549 1504 NativeWifiP - ok
17:45:34.0596 1504 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\windows\system32\drivers\ndis.sys
17:45:34.0643 1504 NDIS - ok
17:45:34.0674 1504 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:45:34.0705 1504 NdisCap - ok
17:45:34.0721 1504 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:45:34.0752 1504 NdisTapi - ok
17:45:34.0783 1504 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:45:34.0830 1504 Ndisuio - ok
17:45:34.0861 1504 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:45:34.0892 1504 NdisWan - ok
17:45:34.0908 1504 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:45:34.0955 1504 NDProxy - ok
17:45:34.0970 1504 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:45:35.0002 1504 NetBIOS - ok
17:45:35.0048 1504 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:45:35.0095 1504 NetBT - ok
17:45:35.0111 1504 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\windows\system32\lsass.exe
17:45:35.0142 1504 Netlogon - ok
17:45:35.0173 1504 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\windows\System32\netman.dll
17:45:35.0220 1504 Netman - ok
17:45:35.0267 1504 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\windows\System32\netprofm.dll
17:45:35.0314 1504 netprofm - ok
17:45:35.0345 1504 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:45:35.0360 1504 NetTcpPortSharing - ok
17:45:35.0392 1504 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
17:45:35.0407 1504 nfrd960 - ok
17:45:35.0454 1504 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\windows\System32\nlasvc.dll
17:45:35.0485 1504 NlaSvc - ok
17:45:35.0532 1504 [ 712BC0C22BA00B2BA324C6B8DF668EE7 ] nmwcd C:\windows\system32\drivers\ccdcmb.sys
17:45:35.0594 1504 nmwcd - ok
17:45:35.0594 1504 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:45:35.0641 1504 Npfs - ok
17:45:35.0672 1504 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\windows\system32\nsisvc.dll
17:45:35.0704 1504 nsi - ok
17:45:35.0735 1504 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:45:35.0766 1504 nsiproxy - ok
17:45:35.0844 1504 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:45:35.0891 1504 Ntfs - ok
17:45:35.0906 1504 [ F9756A98D69098DCA8945D62858A812C ] Null C:\windows\system32\drivers\Null.sys
17:45:35.0938 1504 Null - ok
17:45:35.0984 1504 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:45:36.0000 1504 nvraid - ok
17:45:36.0047 1504 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:45:36.0078 1504 nvstor - ok
17:45:36.0094 1504 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:45:36.0109 1504 nv_agp - ok
17:45:36.0187 1504 [ B5D5DA8230D3D3525839D939A9196C3E ] OberonGameConsoleService C:\Program Files\Samsung Casual Games\GameConsole\OberonGameConsoleService.exe
17:45:36.0203 1504 OberonGameConsoleService - ok
17:45:36.0234 1504 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:45:36.0281 1504 ohci1394 - ok
17:45:36.0359 1504 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:45:36.0374 1504 ose - ok
17:45:36.0530 1504 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:45:36.0624 1504 osppsvc - ok
17:45:36.0671 1504 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:45:36.0702 1504 p2pimsvc - ok
17:45:36.0749 1504 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\windows\system32\p2psvc.dll
17:45:36.0780 1504 p2psvc - ok
17:45:36.0827 1504 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\windows\system32\DRIVERS\parport.sys
17:45:36.0842 1504 Parport - ok
17:45:36.0889 1504 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\windows\system32\drivers\partmgr.sys
17:45:36.0905 1504 partmgr - ok
17:45:36.0936 1504 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\windows\system32\DRIVERS\parvdm.sys
17:45:36.0952 1504 Parvdm - ok
17:45:36.0967 1504 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\windows\System32\pcasvc.dll
17:45:36.0998 1504 PcaSvc - ok
17:45:37.0045 1504 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\windows\system32\drivers\pci.sys
17:45:37.0076 1504 pci - ok
17:45:37.0108 1504 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\windows\system32\drivers\pciide.sys
17:45:37.0123 1504 pciide - ok
17:45:37.0154 1504 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
17:45:37.0201 1504 pcmcia - ok
17:45:37.0201 1504 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\windows\system32\drivers\pcw.sys
17:45:37.0232 1504 pcw - ok
17:45:37.0264 1504 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:45:37.0326 1504 PEAUTH - ok
17:45:37.0420 1504 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\windows\system32\pla.dll
17:45:37.0560 1504 pla - ok
17:45:37.0654 1504 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:45:37.0716 1504 PlugPlay - ok
17:45:37.0747 1504 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:45:37.0778 1504 PNRPAutoReg - ok
17:45:37.0825 1504 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:45:37.0841 1504 PNRPsvc - ok
17:45:37.0872 1504 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:45:37.0934 1504 PolicyAgent - ok
17:45:37.0981 1504 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\windows\system32\umpo.dll
17:45:38.0028 1504 Power - ok
17:45:38.0059 1504 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:45:38.0106 1504 PptpMiniport - ok
17:45:38.0122 1504 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\windows\system32\DRIVERS\processr.sys
17:45:38.0153 1504 Processor - ok
17:45:38.0200 1504 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\windows\system32\profsvc.dll
17:45:38.0246 1504 ProfSvc - ok
17:45:38.0278 1504 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\windows\system32\lsass.exe
17:45:38.0293 1504 ProtectedStorage - ok
17:45:38.0324 1504 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:45:38.0371 1504 Psched - ok
17:45:38.0418 1504 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
17:45:38.0512 1504 ql2300 - ok
17:45:38.0527 1504 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
17:45:38.0558 1504 ql40xx - ok
17:45:38.0590 1504 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\windows\system32\qwave.dll
17:45:38.0668 1504 QWAVE - ok
17:45:38.0699 1504 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:45:38.0730 1504 QWAVEdrv - ok
17:45:38.0761 1504 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:45:38.0808 1504 RasAcd - ok
17:45:38.0855 1504 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:45:38.0902 1504 RasAgileVpn - ok
17:45:38.0917 1504 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\windows\System32\rasauto.dll
17:45:38.0964 1504 RasAuto - ok
17:45:39.0011 1504 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:45:39.0058 1504 Rasl2tp - ok
17:45:39.0136 1504 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\windows\System32\rasmans.dll
17:45:39.0198 1504 RasMan - ok
17:45:39.0214 1504 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:45:39.0260 1504 RasPppoe - ok
17:45:39.0292 1504 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:45:39.0370 1504 RasSstp - ok
17:45:39.0416 1504 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:45:39.0479 1504 rdbss - ok
17:45:39.0494 1504 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
17:45:39.0557 1504 rdpbus - ok
17:45:39.0588 1504 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:45:39.0635 1504 RDPCDD - ok
17:45:39.0682 1504 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:45:39.0729 1504 RDPENCDD - ok
17:45:39.0744 1504 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:45:39.0775 1504 RDPREFMP - ok
17:45:39.0822 1504 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:45:39.0869 1504 RDPWD - ok
17:45:39.0947 1504 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:45:39.0978 1504 rdyboost - ok
17:45:40.0009 1504 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\windows\System32\mprdim.dll
17:45:40.0056 1504 RemoteAccess - ok
17:45:40.0087 1504 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:45:40.0150 1504 RemoteRegistry - ok
17:45:40.0259 1504 [ 7CCAEBCAB6FC1ED0206C07E083E79207 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
17:45:40.0275 1504 RichVideo - ok
17:45:40.0306 1504 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:45:40.0353 1504 RpcEptMapper - ok
17:45:40.0384 1504 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\windows\system32\locator.exe
17:45:40.0431 1504 RpcLocator - ok
17:45:40.0462 1504 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\windows\system32\rpcss.dll
17:45:40.0493 1504 RpcSs - ok
17:45:40.0555 1504 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:45:40.0602 1504 rspndr - ok
17:45:40.0665 1504 [ 7DFD48E24479B68B258D8770121155A0 ] RTL8167 C:\windows\system32\DRIVERS\Rt86win7.sys
17:45:40.0727 1504 RTL8167 - ok
17:45:40.0758 1504 [ 6E5FBB7CBAEC47038B945D5E9B144A64 ] SABI C:\windows\system32\Drivers\SABI.sys
17:45:40.0821 1504 SABI - ok
17:45:40.0836 1504 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\windows\system32\lsass.exe
17:45:40.0867 1504 SamSs - ok
17:45:40.0899 1504 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:45:40.0930 1504 sbp2port - ok
17:45:40.0961 1504 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:45:41.0023 1504 SCardSvr - ok
17:45:41.0055 1504 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:45:41.0086 1504 scfilter - ok
17:45:41.0148 1504 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\windows\system32\schedsvc.dll
17:45:41.0242 1504 Schedule - ok
17:45:41.0257 1504 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\windows\System32\certprop.dll
17:45:41.0289 1504 SCPolicySvc - ok
17:45:41.0335 1504 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:45:41.0398 1504 SDRSVC - ok
17:45:41.0445 1504 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\windows\system32\drivers\secdrv.sys
17:45:41.0569 1504 secdrv - ok
17:45:41.0616 1504 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\windows\system32\seclogon.dll
17:45:41.0694 1504 seclogon - ok
17:45:41.0725 1504 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\windows\System32\sens.dll
17:45:41.0772 1504 SENS - ok
17:45:41.0803 1504 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\windows\system32\sensrsvc.dll
17:45:41.0850 1504 SensrSvc - ok
17:45:41.0881 1504 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
17:45:41.0944 1504 Serenum - ok
17:45:41.0975 1504 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\windows\system32\DRIVERS\serial.sys
17:45:42.0022 1504 Serial - ok
17:45:42.0053 1504 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
17:45:42.0084 1504 sermouse - ok
17:45:42.0147 1504 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\windows\system32\sessenv.dll
17:45:42.0193 1504 SessionEnv - ok
17:45:42.0225 1504 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:45:42.0287 1504 sffdisk - ok
17:45:42.0318 1504 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:45:42.0349 1504 sffp_mmc - ok
17:45:42.0381 1504 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:45:42.0412 1504 sffp_sd - ok
17:45:42.0443 1504 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
17:45:42.0474 1504 sfloppy - ok
17:45:42.0537 1504 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:45:42.0646 1504 SharedAccess - ok
17:45:42.0693 1504 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:45:42.0739 1504 ShellHWDetection - ok
17:45:42.0786 1504 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\windows\system32\drivers\sisagp.sys
17:45:42.0817 1504 sisagp - ok
17:45:42.0849 1504 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
17:45:42.0864 1504 SiSRaid2 - ok
17:45:42.0895 1504 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
17:45:42.0911 1504 SiSRaid4 - ok
17:45:43.0005 1504 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:45:43.0020 1504 SkypeUpdate - ok
17:45:43.0051 1504 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\windows\system32\DRIVERS\smb.sys
17:45:43.0114 1504 Smb - ok
17:45:43.0161 1504 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:45:43.0192 1504 SNMPTRAP - ok
17:45:43.0207 1504 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\windows\system32\drivers\spldr.sys
17:45:43.0239 1504 spldr - ok
17:45:43.0285 1504 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\windows\System32\spoolsv.exe
17:45:43.0348 1504 Spooler - ok
17:45:43.0473 1504 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\windows\system32\sppsvc.exe
17:45:43.0535 1504 sppsvc - ok
17:45:43.0597 1504 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:45:43.0691 1504 sppuinotify - ok
17:45:43.0785 1504 [ CDDDEC541BC3C96F91ECB48759673505 ] sptd C:\windows\system32\Drivers\sptd.sys
17:45:43.0785 1504 Suspicious file (NoAccess): C:\windows\system32\Drivers\sptd.sys. md5: CDDDEC541BC3C96F91ECB48759673505
17:45:43.0785 1504 sptd ( LockedFile.Multi.Generic ) - warning
17:45:43.0785 1504 sptd - detected LockedFile.Multi.Generic (1)
17:45:43.0831 1504 [ 8831252BCF05FCFB5ABD116A22E552D8 ] sp_rsdrv2 C:\windows\system32\drivers\sp_rsdrv2.sys
17:45:43.0863 1504 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
17:45:43.0863 1504 sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
17:45:43.0925 1504 [ 642180B8F50E7FC1FBAF87C718E259D6 ] sp_rssrv C:\Program Files\Spyware Terminator\sp_rsser.exe
17:45:43.0956 1504 sp_rssrv ( UnsignedFile.Multi.Generic ) - warning
17:45:43.0956 1504 sp_rssrv - detected UnsignedFile.Multi.Generic (1)
17:45:44.0003 1504 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\windows\system32\DRIVERS\srv.sys
17:45:44.0050 1504 srv - ok
17:45:44.0081 1504 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:45:44.0112 1504 srv2 - ok
17:45:44.0143 1504 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:45:44.0175 1504 srvnet - ok
17:45:44.0221 1504 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:45:44.0253 1504 SSDPSRV - ok
17:45:44.0284 1504 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\windows\system32\DRIVERS\ssmdrv.sys
17:45:44.0315 1504 ssmdrv - ok
17:45:44.0331 1504 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\windows\system32\sstpsvc.dll
17:45:44.0377 1504 SstpSvc - ok
17:45:44.0424 1504 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
17:45:44.0455 1504 stexstor - ok
17:45:44.0518 1504 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\windows\System32\wiaservc.dll
17:45:44.0549 1504 StiSvc - ok
17:45:44.0596 1504 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\windows\system32\drivers\swenum.sys
17:45:44.0611 1504 swenum - ok
17:45:44.0736 1504 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
17:45:44.0783 1504 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
17:45:44.0783 1504 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
17:45:44.0830 1504 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\windows\System32\swprv.dll
17:45:44.0892 1504 swprv - ok
17:45:44.0939 1504 [ 215A45246C6E2D0A9C263CE1786C8D8A ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:45:44.0986 1504 SynTP - ok
17:45:45.0033 1504 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\windows\system32\sysmain.dll
17:45:45.0095 1504 SysMain - ok
17:45:45.0142 1504 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\windows\System32\TabSvc.dll
17:45:45.0189 1504 TabletInputService - ok
17:45:45.0220 1504 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\windows\System32\tapisrv.dll
17:45:45.0298 1504 TapiSrv - ok
17:45:45.0345 1504 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\windows\System32\tbssvc.dll
17:45:45.0391 1504 TBS - ok
17:45:45.0547 1504 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:45:45.0688 1504 Tcpip - ok
17:45:45.0719 1504 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:45:45.0750 1504 TCPIP6 - ok
17:45:45.0797 1504 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:45:45.0844 1504 tcpipreg - ok
17:45:45.0875 1504 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:45:45.0922 1504 TDPIPE - ok
17:45:45.0969 1504 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:45:46.0015 1504 TDTCP - ok
17:45:46.0062 1504 [ B459575348C20E8121D6039DA063C704 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:45:46.0109 1504 tdx - ok
17:45:46.0156 1504 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\windows\system32\drivers\termdd.sys
17:45:46.0171 1504 TermDD - ok
17:45:46.0218 1504 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\windows\System32\termsrv.dll
17:45:46.0265 1504 TermService - ok
17:45:46.0296 1504 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\windows\system32\themeservice.dll
17:45:46.0343 1504 Themes - ok
17:45:46.0374 1504 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\windows\system32\mmcss.dll
17:45:46.0405 1504 THREADORDER - ok
17:45:46.0437 1504 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\windows\System32\trkwks.dll
17:45:46.0499 1504 TrkWks - ok
17:45:46.0577 1504 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:45:46.0624 1504 TrustedInstaller - ok
17:45:46.0671 1504 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:45:46.0717 1504 tssecsrv - ok
17:45:46.0795 1504 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:45:46.0827 1504 TsUsbFlt - ok
17:45:46.0889 1504 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:45:46.0920 1504 tunnel - ok
17:45:46.0951 1504 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
17:45:46.0983 1504 uagp35 - ok
17:45:47.0029 1504 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:45:47.0092 1504 udfs - ok
17:45:47.0139 1504 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\windows\system32\UI0Detect.exe
17:45:47.0185 1504 UI0Detect - ok
17:45:47.0217 1504 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:45:47.0248 1504 uliagpkx - ok
17:45:47.0326 1504 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\windows\system32\drivers\umbus.sys
17:45:47.0373 1504 umbus - ok
17:45:47.0404 1504 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\windows\system32\DRIVERS\umpass.sys
17:45:47.0451 1504 UmPass - ok
17:45:47.0482 1504 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\windows\System32\upnphost.dll
17:45:47.0544 1504 upnphost - ok
17:45:47.0669 1504 [ 1D9F2BD026E8E2D45033A4DF3F16B78C ] usbaudio C:\windows\system32\drivers\usbaudio.sys
17:45:47.0716 1504 usbaudio - ok
17:45:47.0747 1504 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:45:47.0794 1504 usbccgp - ok
17:45:47.0809 1504 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:45:47.0872 1504 usbcir - ok
17:45:47.0903 1504 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:45:47.0934 1504 usbehci - ok
17:45:47.0965 1504 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:45:48.0012 1504 usbhub - ok
17:45:48.0043 1504 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:45:48.0059 1504 usbohci - ok
17:45:48.0106 1504 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
17:45:48.0153 1504 usbprint - ok
17:45:48.0168 1504 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:45:48.0215 1504 USBSTOR - ok
17:45:48.0246 1504 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\windows\system32\DRIVERS\usbuhci.sys
17:45:48.0277 1504 usbuhci - ok
17:45:48.0340 1504 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
17:45:48.0402 1504 usbvideo - ok
17:45:48.0449 1504 [ D82F43D15FDAA666856C0190CB73E7C9 ] usb_rndisx C:\windows\system32\drivers\usb8023x.sys
17:45:48.0511 1504 usb_rndisx - ok
17:45:48.0543 1504 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\windows\System32\uxsms.dll
17:45:48.0574 1504 UxSms - ok
17:45:48.0605 1504 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\windows\system32\lsass.exe
17:45:48.0621 1504 VaultSvc - ok
17:45:48.0683 1504 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:45:48.0714 1504 vdrvroot - ok
17:45:48.0761 1504 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\windows\System32\vds.exe
17:45:48.0839 1504 vds - ok
17:45:48.0870 1504 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:45:48.0901 1504 vga - ok
17:45:48.0917 1504 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\windows\System32\drivers\vga.sys
17:45:48.0979 1504 VgaSave - ok
17:45:49.0011 1504 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:45:49.0042 1504 vhdmp - ok
17:45:49.0135 1504 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\windows\system32\drivers\viaagp.sys
17:45:49.0182 1504 viaagp - ok
17:45:49.0229 1504 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\windows\system32\DRIVERS\viac7.sys
17:45:49.0276 1504 ViaC7 - ok
17:45:49.0323 1504 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\windows\system32\drivers\viaide.sys
17:45:49.0354 1504 viaide - ok
17:45:49.0447 1504 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:45:49.0572 1504 volmgr - ok
17:45:49.0603 1504 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:45:49.0619 1504 volmgrx - ok
17:45:49.0681 1504 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\windows\system32\drivers\volsnap.sys
17:45:49.0728 1504 volsnap - ok
17:45:49.0759 1504 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
17:45:49.0791 1504 vsmraid - ok
17:45:49.0853 1504 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\windows\system32\vssvc.exe
17:45:49.0962 1504 VSS - ok
17:45:49.0993 1504 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:45:50.0025 1504 vwifibus - ok
17:45:50.0056 1504 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:45:50.0103 1504 vwififlt - ok
17:45:50.0134 1504 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\windows\system32\w32time.dll
17:45:50.0181 1504 W32Time - ok
17:45:50.0243 1504 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
17:45:50.0274 1504 WacomPen - ok
17:45:50.0337 1504 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:45:50.0571 1504 WANARP - ok
17:45:50.0633 1504 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:45:50.0664 1504 Wanarpv6 - ok
17:45:50.0773 1504 [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:45:50.0914 1504 WatAdminSvc - ok
17:45:50.0992 1504 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\windows\system32\wbengine.exe
17:45:51.0117 1504 wbengine - ok
17:45:51.0163 1504 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:45:51.0210 1504 WbioSrvc - ok
17:45:51.0273 1504 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\windows\System32\wcncsvc.dll
17:45:51.0335 1504 wcncsvc - ok
17:45:51.0366 1504 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:45:51.0413 1504 WcsPlugInService - ok
17:45:51.0444 1504 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\windows\system32\DRIVERS\wd.sys
17:45:51.0475 1504 Wd - ok
17:45:51.0538 1504 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:45:51.0585 1504 Wdf01000 - ok
17:45:51.0600 1504 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\windows\system32\wdi.dll
17:45:51.0678 1504 WdiServiceHost - ok
17:45:51.0694 1504 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\windows\system32\wdi.dll
17:45:51.0725 1504 WdiSystemHost - ok
17:45:51.0772 1504 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\windows\System32\webclnt.dll
17:45:51.0834 1504 WebClient - ok
17:45:51.0865 1504 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\windows\system32\wecsvc.dll
17:45:51.0897 1504 Wecsvc - ok
17:45:51.0928 1504 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\windows\System32\wercplsupport.dll
17:45:51.0959 1504 wercplsupport - ok
17:45:52.0006 1504 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\windows\System32\WerSvc.dll
17:45:52.0053 1504 WerSvc - ok
17:45:52.0099 1504 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:45:52.0162 1504 WfpLwf - ok
17:45:52.0209 1504 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:45:52.0224 1504 WIMMount - ok
17:45:52.0302 1504 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:45:52.0365 1504 WinDefend - ok
17:45:52.0380 1504 WinHttpAutoProxySvc - ok
17:45:52.0458 1504 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:45:52.0505 1504 Winmgmt - ok
17:45:52.0583 1504 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\windows\system32\WsmSvc.dll
17:45:52.0677 1504 WinRM - ok
17:45:52.0770 1504 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
17:45:52.0801 1504 WinUsb - ok
17:45:52.0848 1504 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\windows\System32\wlansvc.dll
17:45:52.0895 1504 Wlansvc - ok
17:45:52.0942 1504 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
17:45:52.0989 1504 WmiAcpi - ok
17:45:53.0051 1504 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:45:53.0113 1504 wmiApSrv - ok
17:45:53.0223 1504 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:45:53.0269 1504 WMPNetworkSvc - ok
17:45:53.0301 1504 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\windows\System32\wpcsvc.dll
17:45:53.0332 1504 WPCSvc - ok
17:45:53.0363 1504 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:45:53.0394 1504 WPDBusEnum - ok
17:45:53.0441 1504 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:45:53.0488 1504 ws2ifsl - ok
17:45:53.0519 1504 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\windows\System32\wscsvc.dll
17:45:53.0535 1504 wscsvc - ok
17:45:53.0550 1504 WSearch - ok
17:45:53.0691 1504 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\windows\system32\wuaueng.dll
17:45:53.0737 1504 wuauserv - ok
17:45:53.0784 1504 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:45:53.0815 1504 WudfPf - ok
17:45:53.0847 1504 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:45:53.0878 1504 WUDFRd - ok
17:45:53.0925 1504 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:45:53.0940 1504 wudfsvc - ok
17:45:53.0971 1504 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\windows\System32\wwansvc.dll
17:45:54.0034 1504 WwanSvc - ok
17:45:54.0081 1504 [ 30B73EB97218A16CBC6DE535782A1B35 ] yukonw7 C:\windows\system32\DRIVERS\yk62x86.sys
17:45:54.0143 1504 yukonw7 - ok
17:45:54.0190 1504 ================ Scan global ===============================
17:45:54.0237 1504 [ DAB748AE0439955ED2FA22357533DDDB ] C:\windows\system32\basesrv.dll
17:45:54.0283 1504 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
17:45:54.0299 1504 [ 48CB4FDBCAAEAC7BCE2F5941545FF071 ] C:\windows\system32\winsrv.dll
17:45:54.0330 1504 [ 364455805E64882844EE9ACB72522830 ] C:\windows\system32\sxssrv.dll
17:45:54.0361 1504 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\windows\system32\services.exe
17:45:54.0377 1504 [Global] - ok
17:45:54.0377 1504 ================ Scan MBR ==================================
17:45:54.0393 1504 [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
17:45:55.0063 1504 \Device\Harddisk0\DR0 - ok
17:45:55.0079 1504 ================ Scan VBR ==================================
17:45:55.0079 1504 [ 80F1F6505F4F7557F37C3705680228DC ] \Device\Harddisk0\DR0\Partition1
17:45:55.0079 1504 \Device\Harddisk0\DR0\Partition1 - ok
17:45:55.0126 1504 [ 286C04681AF3147FD0DE6706A9BFC56C ] \Device\Harddisk0\DR0\Partition2
17:45:55.0126 1504 \Device\Harddisk0\DR0\Partition2 - ok
17:45:55.0126 1504 ============================================================
17:45:55.0126 1504 Scan finished
17:45:55.0126 1504 ============================================================
17:45:55.0141 0360 Detected object count: 5
17:45:55.0141 0360 Actual detected object count: 5
17:46:24.0235 0360 KMService ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:24.0235 0360 KMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:24.0251 0360 sptd ( LockedFile.Multi.Generic ) - skipped by user
17:46:24.0251 0360 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
17:46:24.0251 0360 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:24.0251 0360 sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:24.0251 0360 sp_rssrv ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:24.0251 0360 sp_rssrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:46:24.0251 0360 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
17:46:24.0251 0360 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

markusg · 06.12.2012, 20:57

Hi
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

helena12 · 06.12.2012, 21:53

hier ist die file.

markusg · 06.12.2012, 22:20

Update bitte Malwarebytes, über die Registerkarte aktualisiren, Vollständiger Scan, Funde löschen, Log posten

helena12 · 06.12.2012, 22:39

danke markus. scan läuft... schönen urlaub, falls wir uns nicht mehr lesen.

markusg · 06.12.2012, 22:40

Danke dir.

helena12 · 06.12.2012, 23:57

hier das file.

markusg · 13.12.2012, 19:30

Hi
hattest du den Fund löschen lassen?
Sicherheitshalber Malwarebytes öffnen, aktualisieren, vollständiger Scan, Fund(e) löschen, log posten.
danach:
lade den CCleaner standard:
CCleaner Download - CCleaner 3.25.1872
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

06.12.2012, 22:40	#10
markusg /// Malware-holic	bundespolizei trojaner Danke dir. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

bundespolizei trojaner

Plagegeister aller Art und deren Bekämpfung: bundespolizei trojaner