Avira findet TR/Agent.554136

_Radieschen · 11.12.2012, 11:59

Hilfe, Avira findet o.g. Trojaner auf meinem Rechner, habe genau diesen nirgendwo im Netz erwähnt gefunden.
Was kann ich tun.

Bin kein PC Freak, sondern reiner Anwender!!

Bitte helft mir

LG
Anne

Hier der Scanreport:

Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 11. Dezember 2012 10:50

Es wird nach 4545769 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : ANNELI-PC

Versionsinformationen:
BUILD.DAT : 12.1.9.1236 40872 Bytes 11.10.2012 15:29:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 15.11.2012 08:34:07
AVSCAN.DLL : 12.3.0.15 66256 Bytes 08.05.2012 16:47:00
LUKE.DLL : 12.3.0.15 68304 Bytes 08.05.2012 16:47:01
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 08.05.2012 16:47:01
AVREG.DLL : 12.3.0.17 232200 Bytes 10.05.2012 19:59:17
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:31:49
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 16:29:02
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 17:28:19
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 12:40:12
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 14:46:12
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 14:54:25
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 16:21:29
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 16:21:29
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 16:21:29
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 16:21:29
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 16:21:29
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 16:21:29
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 16:21:29
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 16:21:29
VBASE015.VDF : 7.11.51.95 140288 Bytes 26.11.2012 16:21:30
VBASE016.VDF : 7.11.51.221 164352 Bytes 29.11.2012 16:21:22
VBASE017.VDF : 7.11.52.29 158208 Bytes 01.12.2012 08:45:54
VBASE018.VDF : 7.11.52.91 116736 Bytes 03.12.2012 08:45:53
VBASE019.VDF : 7.11.52.151 137728 Bytes 05.12.2012 08:53:32
VBASE020.VDF : 7.11.52.225 157696 Bytes 06.12.2012 09:04:43
VBASE021.VDF : 7.11.53.35 126976 Bytes 08.12.2012 16:50:20
VBASE022.VDF : 7.11.53.55 225792 Bytes 09.12.2012 16:50:26
VBASE023.VDF : 7.11.53.93 157184 Bytes 10.12.2012 16:50:25
VBASE024.VDF : 7.11.53.94 2048 Bytes 10.12.2012 16:50:25
VBASE025.VDF : 7.11.53.95 2048 Bytes 10.12.2012 16:50:25
VBASE026.VDF : 7.11.53.96 2048 Bytes 10.12.2012 16:50:25
VBASE027.VDF : 7.11.53.97 2048 Bytes 10.12.2012 16:50:25
VBASE028.VDF : 7.11.53.98 2048 Bytes 10.12.2012 16:50:25
VBASE029.VDF : 7.11.53.99 2048 Bytes 10.12.2012 16:50:25
VBASE030.VDF : 7.11.53.100 2048 Bytes 10.12.2012 16:50:25
VBASE031.VDF : 7.11.53.102 2048 Bytes 10.12.2012 16:50:25
Engineversion : 8.2.10.216
AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 14:15:38
AESCRIPT.DLL : 8.1.4.72 467323 Bytes 07.12.2012 09:04:50
AESCN.DLL : 8.1.9.4 131445 Bytes 16.11.2012 14:34:59
AESBX.DLL : 8.2.5.12 606578 Bytes 14.06.2012 16:32:28
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 15:13:22
AEPACK.DLL : 8.3.0.40 815479 Bytes 12.11.2012 16:26:20
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 06.11.2012 14:33:43
AEHEUR.DLL : 8.1.4.160 5624184 Bytes 07.12.2012 09:04:49
AEHELP.DLL : 8.1.25.2 258423 Bytes 11.10.2012 17:13:23
AEGEN.DLL : 8.1.6.10 438646 Bytes 16.11.2012 14:34:53
AEEXP.DLL : 8.2.0.18 123253 Bytes 07.12.2012 09:04:50
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 14:15:36
AECORE.DLL : 8.1.29.2 201079 Bytes 07.11.2012 15:13:14
AEBB.DLL : 8.1.1.4 53619 Bytes 06.11.2012 14:33:36
AVWINLL.DLL : 12.3.0.15 27344 Bytes 08.05.2012 16:47:00
AVPREF.DLL : 12.3.0.32 50720 Bytes 15.11.2012 08:34:06
AVREP.DLL : 12.3.0.15 179208 Bytes 08.05.2012 16:47:01
AVARKT.DLL : 12.3.0.33 209696 Bytes 15.11.2012 08:34:06
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 08.05.2012 16:47:00
SQLITE3.DLL : 3.7.0.1 398288 Bytes 08.05.2012 16:47:01
AVSMTP.DLL : 12.3.0.32 63480 Bytes 08.08.2012 14:30:09
NETNT.DLL : 12.3.0.15 17104 Bytes 08.05.2012 16:47:01
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 08.08.2012 14:30:05
RCTEXT.DLL : 12.3.0.32 98848 Bytes 15.11.2012 08:34:05

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:, Q:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Dienstag, 11. Dezember 2012 10:50

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'Q:\'
[INFO] Es wurde kein Virus gefunden!
[INFO] Bitte starten Sie den Suchlauf erneut mit Administratorrechten

Der Suchlauf nach versteckten Objekten wird begonnen.

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'SSScheduler.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_5_502_110.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_4_402_287.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_4_402_287.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqgpc01.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqbam08.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqSTE08.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '140' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.bin' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACEngSvr.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesTrayAgent.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'soffice.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'WDC.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'KBFiltr.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpwuschd2.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'ACMON.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'hpqtra08.exe' - '86' Modul(e) wurden durchsucht
Durchsuche Prozess 'wcourier.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'CLMLSvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControlUser.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveUpdate.exe' - '108' Modul(e) wurden durchsucht
Durchsuche Prozess 'DMedia.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'sensorsrv.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'ATKOSD2.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'AsScrPro.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'SonicFocusTray.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'CVHSVC.EXE' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftlist.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'sftvsa.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.EXE' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'HControl.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesPDLR.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'KiesAirMessage.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'Kies.exe' - '78' Modul(e) wurden durchsucht
Durchsuche Prozess 'Skype.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'InsOnWMI.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'InsOnSrv.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'GFNEXSrv.exe' - '10' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASLDRSrv.exe' - '21' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3684' Dateien ).

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\' <OS>
C:\Users\Anneli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q5P83I38\Firefox_Setup_9.0.1[1].exe
--> Object
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Anneli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\Q5P83I38\Firefox_Setup_9.0.1[2].exe
--> Object
[WARNUNG] Die Datei konnte nicht gelesen werden!
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Anneli\AppData\Local\Temp\viewer_install_.zip
[0] Archivtyp: ZIP
--> viewer_install_.exe
[FUND] Ist das Trojanische Pferd TR/Agent.554136
Beginne mit der Suche in 'D:\' <Data>
Beginne mit der Suche in 'Q:\'
Der zu durchsuchende Pfad Q:\ konnte nicht geöffnet werden!
Systemfehler [5]: Zugriff verweigert

Beginne mit der Desinfektion:
C:\Users\Anneli\AppData\Local\Temp\viewer_install_.zip
[FUND] Ist das Trojanische Pferd TR/Agent.554136
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '57a8b724.qua' verschoben!

Ende des Suchlaufs: Dienstag, 11. Dezember 2012 12:07
Benötigte Zeit: 1:16:20 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

35767 Verzeichnisse wurden überprüft
964418 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
964417 Dateien ohne Befall
8823 Archive wurden durchsucht
4 Warnungen
1 Hinweise
647588 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden

Ist das die Defogger Log datei?

---------------------------
Defogger
---------------------------
Defogger will forcefully terminate and disable all CD Emulator related drivers and processes. You will not be able to use this software until you click 'Re-enable'. Please do not click Disable again, unless instructed otherwise. The scan may take a minute or two, this is normal.

Continue?
---------------------------
Ja Nein
---------------------------

Oldtimer Report:OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 11.12.2012 13:06:06 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Anneli\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,92 Gb Available Physical Memory | 49,08% Memory free
7,81 Gb Paging File | 5,68 Gb Available in Paging File | 72,77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 125,03 Gb Total Space | 68,50 Gb Free Space | 54,79% Space Free | Partition Type: NTFS
Drive D: | 148,06 Gb Total Space | 147,96 Gb Free Space | 99,93% Space Free | Partition Type: NTFS
 
Computer Name: ANNELI-PC | User Name: Anneli | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.12.11 12:42:47 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Anneli\Downloads\OTL.exe
PRC - [2012.11.12 03:45:22 | 001,104,824 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2012.11.12 03:45:18 | 000,309,688 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2012.11.12 03:45:14 | 000,968,120 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2012.11.01 05:16:42 | 000,577,536 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
PRC - [2012.08.13 11:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 11:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.08.08 15:30:08 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.03 02:21:38 | 026,868,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Anneli\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2012.05.08 17:47:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 17:47:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.01.12 02:58:10 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.09 07:10:06 | 002,317,312 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2011.09.01 00:33:32 | 001,545,856 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
PRC - [2011.08.24 23:53:24 | 000,100,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe
PRC - [2011.08.24 23:53:22 | 000,092,800 | ---- | M] (ASUS) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
PRC - [2011.07.22 00:49:10 | 005,716,608 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2011.07.19 00:11:42 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011.05.30 22:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011.05.30 22:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011.02.25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.15 19:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010.10.07 23:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010.07.10 07:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.02 23:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.19 18:37:10 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012.11.19 17:43:26 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\aebb94e0eea9c39ec18a7915a711f621\System.Xaml.ni.dll
MOD - [2012.11.19 16:46:51 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\7c4de95aa433eb8d81a81caf805947a8\PresentationFramework.Aero.ni.dll
MOD - [2012.11.19 16:46:19 | 014,340,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\1ec80905a71750be50dfc7981ad5ae28\PresentationFramework.ni.dll
MOD - [2012.11.19 16:46:05 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll
MOD - [2012.11.19 16:45:58 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll
MOD - [2012.11.19 16:45:55 | 012,237,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\53d6d827964619285771ed72332d3659\PresentationCore.ni.dll
MOD - [2012.11.19 16:45:44 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b311b783e1efaa9527f4c2c9680c44d1\WindowsBase.ni.dll
MOD - [2012.11.19 16:45:39 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll
MOD - [2012.11.19 16:45:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\c64ca3678261c8ffcd9e7efd1af6ed54\System.Configuration.ni.dll
MOD - [2012.11.19 16:45:34 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll
MOD - [2012.11.19 16:45:27 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.11.19 16:18:39 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\7c8bffb6e42a248341d7821a8464ef0b\PresentationFramework.ni.dll
MOD - [2012.11.19 16:18:21 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012.11.19 16:18:08 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012.11.19 16:12:39 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012.11.19 16:12:37 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012.11.19 16:12:35 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012.11.19 16:12:28 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012.11.19 16:12:21 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012.08.10 16:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.09.09 07:10:06 | 001,163,264 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
MOD - [2011.09.01 00:33:32 | 000,208,384 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
MOD - [2011.08.18 00:37:40 | 000,204,800 | ---- | M] () -- C:\Program Files (x86)\asus\VirtualCamera\virtualCamera.ax
MOD - [2011.05.30 22:48:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011.02.19 05:23:39 | 000,249,856 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll
MOD - [2011.02.19 05:23:39 | 000,110,592 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll
MOD - [2010.11.13 00:26:08 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2009.11.02 23:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.02 23:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.09.23 02:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2012.12.11 10:12:41 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.12.06 01:49:53 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.07.27 21:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.08 17:47:01 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 17:47:00 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.08.24 23:53:22 | 000,092,800 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe -- (ASUS InstantOn)
SRV - [2011.03.02 05:23:36 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.02.25 18:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.10.22 13:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.20 05:35:36 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2012.09.20 05:35:36 | 000,102,368 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.05.08 17:47:01 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 17:47:01 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.08 17:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 15:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.08.02 17:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.07.26 09:22:48 | 012,288,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.06.02 19:32:50 | 000,401,896 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011.06.02 19:32:50 | 000,128,488 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011.06.02 06:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2011.06.02 06:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2011.06.02 06:47:22 | 000,146,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadserd.sys -- (ssadserd)
DRV:64bit: - [2011.06.02 06:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2011.05.24 09:24:22 | 002,750,464 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.05.05 13:32:56 | 001,439,792 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011.03.18 06:36:18 | 000,074,840 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.12.21 06:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)
DRV:64bit: - [2010.11.20 14:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010.11.05 16:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.08.24 10:55:44 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.07.20 10:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)
DRV:64bit: - [2009.06.10 21:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2011.09.07 18:55:04 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.de"
FF - prefs.js..extensions.enabledAddons: toolbar%40web.de:2.3.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_110.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.01.12 17:54:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.06 01:49:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.01.12 17:54:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.12.06 01:49:53 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.01.12 15:59:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anneli\AppData\Roaming\mozilla\Extensions
[2012.11.16 21:20:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Anneli\AppData\Roaming\mozilla\Firefox\Profiles\0l0agoce.default\extensions
[2012.11.16 21:20:34 | 000,566,853 | ---- | M] () (No name found) -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\extensions\toolbar@web.de.xpi
[2012.11.16 21:20:37 | 000,000,911 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\searchplugins\11-suche.xml
[2012.11.16 21:20:37 | 000,002,273 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\searchplugins\englische-ergebnisse.xml
[2012.11.16 21:20:36 | 000,010,563 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\searchplugins\gmx-suche.xml
[2012.11.16 21:20:37 | 000,002,432 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\searchplugins\lastminute.xml
[2012.11.16 21:20:36 | 000,005,545 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\mozilla\firefox\profiles\0l0agoce.default\searchplugins\webde-suche.xml
[2012.12.06 01:49:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.12.06 01:49:53 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.10.20 10:01:52 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.20 10:01:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.10.20 10:01:52 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.10.20 10:01:52 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.10.20 10:01:52 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.10.20 10:01:52 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Setwallpaper] c:\programdata\SetWallpaper.cmd File not found
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKCU..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Anneli\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.7.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D4BD1AAE-17ED-40A0-B92E-F8954AFD03A3}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.12.06 01:49:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012.11.28 19:44:54 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice.org 3.4.1
[2012.11.28 19:28:34 | 000,000,000 | ---D | C] -- C:\Users\Anneli\Desktop\OpenOffice.org 3.4.1 (de) Installation Files
[2012.11.28 16:57:51 | 000,000,000 | ---D | C] -- C:\Users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lernfortschrittskontrollen 2012 SS
[2012.11.28 10:06:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
[2012.11.15 11:39:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec
[2012.11.15 11:39:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MyFree Codec
[2012.11.14 17:28:32 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\NativeFus_Log
[2012.11.14 17:28:06 | 000,203,104 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudmdm.sys
[2012.11.14 17:28:06 | 000,102,368 | ---- | C] (DEVGURU Co., LTD.(www.devguru.co.kr)) -- C:\Windows\SysNative\drivers\ssudbus.sys
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.11 12:44:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.11 12:34:52 | 000,000,000 | ---- | M] () -- C:\Users\Anneli\defogger_reenable
[2012.12.11 10:16:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 10:16:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.11 10:14:42 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.11 10:14:42 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.11 10:14:42 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.11 10:14:42 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.11 10:14:42 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.11 10:09:47 | 000,002,378 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012.12.11 10:08:10 | 000,299,272 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.11 10:08:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.11 10:07:15 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.10 21:26:08 | 000,126,562 | ---- | M] () -- C:\Users\Anneli\Documents\Pflegetagegeldversicherung - Vergleich.pdf
[2012.12.02 17:27:33 | 000,004,608 | ---- | M] () -- C:\Users\Anneli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.11.29 09:47:05 | 000,001,241 | ---- | M] () -- C:\Users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.28 19:44:55 | 000,001,172 | ---- | M] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.28 16:57:51 | 000,001,987 | ---- | M] () -- C:\Users\Anneli\Desktop\Lernfortschrittskontrollen.lnk
[2012.11.27 19:09:35 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012.11.15 13:51:20 | 000,001,896 | ---- | M] () -- C:\Users\Anneli\.TransferManager.db
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.12.11 12:34:52 | 000,000,000 | ---- | C] () -- C:\Users\Anneli\defogger_reenable
[2012.12.10 21:26:05 | 000,126,562 | ---- | C] () -- C:\Users\Anneli\Documents\Pflegetagegeldversicherung - Vergleich.pdf
[2012.11.29 09:47:05 | 000,001,241 | ---- | C] () -- C:\Users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
[2012.11.28 19:44:55 | 000,001,172 | ---- | C] () -- C:\Users\Public\Desktop\OpenOffice.org 3.4.1.lnk
[2012.11.19 16:13:53 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.19 16:04:08 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.15 13:51:19 | 000,001,896 | ---- | C] () -- C:\Users\Anneli\.TransferManager.db
[2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.01.12 20:30:54 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.12 20:22:34 | 000,004,608 | ---- | C] () -- C:\Users\Anneli\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.01.12 17:49:41 | 000,266,616 | ---- | C] () -- C:\Windows\hpwins22.dat
[2012.01.12 17:49:41 | 000,002,850 | ---- | C] () -- C:\Windows\hpwmdl22.dat
[2012.01.11 20:29:06 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.16 09:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.09.16 09:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.16 09:20:19 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.09.16 09:20:15 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.09.16 09:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.09.16 09:20:10 | 013,903,872 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.04.13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.01.11 20:36:26 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\ASUS WebStorage
[2012.12.11 10:10:15 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\Dropbox
[2012.03.16 16:57:00 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\elsterformular
[2012.01.12 20:48:19 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\Nuance
[2012.01.12 18:25:33 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\OpenOffice.org
[2012.09.03 18:49:30 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\Samsung
[2012.10.24 19:05:36 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\SoftGrid Client
[2012.01.29 19:55:58 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\Softland
[2012.01.12 20:31:40 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\TP
[2012.01.12 20:48:15 | 000,000,000 | ---D | M] -- C:\Users\Anneli\AppData\Roaming\Zeon
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

cosinus · 11.12.2012, 13:56

Hallo und

Code:

ATTFilter

C:\Users\Anneli\AppData\Local\Temp\viewer_install_.zip

Irgendeine Idee woher diese Datei stammt? viewer_install_.zip sagt dir etwas, vllt mal kürzlich runtergeladen?

Hast du noch weitere Logs von Malwarebytes oder anderen Virenscannern? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:

ATTFilter

 hier steht das Log

_Radieschen · 11.12.2012, 15:03

Hallo zurück und zunächst mal vielen Dank für die prompte Aufmerksamkeit.

Mehr Virenscanberichte habe ich nicht, Avira habe ich gepostet und Oldtimer auch, diese andere Version (bei euren Vorgaben Schritt 1) funktionierte ja nicht, da ich eine Fehlermeldung bekam, die ich ja nicht bestätigen sollte.

Sollte ich noch mehr haben?

Dieser "viewer Install zip" kommt mir irgendwie bekannt vor, sagt mir aber nichts spezielles.

Was kann ich noch tun?
Anne

Ich habe nochmal in den Downloads geguckt, ja habe ich heruntergeladen, kann mich aber nicht wirklich erinnern warum, wofür oder wo. Im Download ist securitiesarbitrations.com angegeben. Das sagt mir aber gar nichts

cosinus · 11.12.2012, 15:17

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

_Radieschen · 11.12.2012, 15:27

Hallo ich habe tatsächlich vorher eine Frage und zwar noch mal zu den Logfiles:

ich habe bei beiden (Avira und Oldtimer) mit der Kopieren und Einfügen Methode gearbeitet.

Wieso sehen sie so unterschiedlich aus? Und wie ist es für dich am besten?

cosinus · 11.12.2012, 15:35

Das OTL-Log ist in CODE-Tags, das von AntiVir nicht! Deswegen sieht es so anders aus

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.

Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].

Setze den Curser zwischen die CODE-Tags und drücke STRG+V.

Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

_Radieschen · 11.12.2012, 15:54

Habe die beide Punkte erledidt, bin mir nur nicht sicher, ob du mit den Logfiles so etwas anfangen kannst:

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-11 15:30:33
-----------------------------
15:30:33.647 OS Version: Windows x64 6.1.7601 Service Pack 1
15:30:33.647 Number of processors: 4 586 0x2A07
15:30:33.648 ComputerName: ANNELI-PC UserName: Anneli
15:30:34.167 Initialize success
15:33:21.238 AVAST engine defs: 12121101
15:33:26.980 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:33:26.982 Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
15:33:27.014 Disk 0 MBR read successfully
15:33:27.016 Disk 0 MBR scan
15:33:27.031 Disk 0 Windows 7 default MBR code
15:33:27.049 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
15:33:27.069 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 128028 MB offset 52430848
15:33:27.093 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 151615 MB offset 314632192
15:33:27.116 Disk 0 scanning C:\Windows\system32\drivers
15:33:39.493 Service scanning
15:34:03.550 Modules scanning
15:34:03.556 Disk 0 trace - called modules:
15:34:03.680 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
15:34:04.020 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006652060]
15:34:04.025 3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8003cfe040]
15:34:04.029 5 ACPI.sys[fffff88000d5c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800474e050]
15:34:04.681 AVAST engine scan C:\Windows
15:34:07.289 AVAST engine scan C:\Windows\system32
15:36:50.872 AVAST engine scan C:\Windows\system32\drivers
15:37:04.463 AVAST engine scan C:\Users\Anneli
15:42:04.460 AVAST engine scan C:\ProgramData
15:43:35.373 Scan finished successfully
15:43:55.375 Disk 0 MBR has been saved successfully to "C:\Users\Anneli\Desktop\MBR.dat"
15:43:55.379 The log file has been saved successfully to "C:\Users\Anneli\Desktop\aswMBR.txt"

15:46:22.0628 2116 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:46:22.0907 2116 ============================================================
15:46:22.0907 2116 Current date / time: 2012/12/11 15:46:22.0907
15:46:22.0907 2116 SystemInfo:
15:46:22.0907 2116
15:46:22.0907 2116 OS Version: 6.1.7601 ServicePack: 1.0
15:46:22.0907 2116 Product type: Workstation
15:46:22.0907 2116 ComputerName: ANNELI-PC
15:46:22.0907 2116 UserName: Anneli
15:46:22.0907 2116 Windows directory: C:\Windows
15:46:22.0907 2116 System windows directory: C:\Windows
15:46:22.0907 2116 Running under WOW64
15:46:22.0907 2116 Processor architecture: Intel x64
15:46:22.0907 2116 Number of processors: 4
15:46:22.0907 2116 Page size: 0x1000
15:46:22.0907 2116 Boot type: Normal boot
15:46:22.0907 2116 ============================================================
15:46:23.0368 2116 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:23.0398 2116 ============================================================
15:46:23.0398 2116 \Device\Harddisk0\DR0:
15:46:23.0398 2116 MBR partitions:
15:46:23.0398 2116 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
15:46:23.0398 2116 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0E800, BlocksNum 0x1281F800
15:46:23.0398 2116 ============================================================
15:46:23.0448 2116 C: <-> \Device\Harddisk0\DR0\Partition1
15:46:23.0489 2116 D: <-> \Device\Harddisk0\DR0\Partition2
15:46:23.0489 2116 ============================================================
15:46:23.0489 2116 Initialize success
15:46:23.0489 2116 ============================================================
15:46:50.0352 12616 ============================================================
15:46:50.0352 12616 Scan started
15:46:50.0352 12616 Mode: Manual; SigCheck; TDLFS;
15:46:50.0352 12616 ============================================================
15:46:50.0683 12616 ================ Scan system memory ========================
15:46:50.0683 12616 System memory - ok
15:46:50.0683 12616 ================ Scan services =============================
15:46:50.0840 12616 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:46:50.0936 12616 1394ohci - ok
15:46:50.0965 12616 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:46:50.0984 12616 ACPI - ok
15:46:51.0009 12616 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:46:51.0096 12616 AcpiPmi - ok
15:46:51.0189 12616 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:51.0200 12616 AdobeARMservice - ok
15:46:51.0347 12616 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:51.0359 12616 AdobeFlashPlayerUpdateSvc - ok
15:46:51.0405 12616 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:46:51.0431 12616 adp94xx - ok
15:46:51.0487 12616 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:46:51.0506 12616 adpahci - ok
15:46:51.0528 12616 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:46:51.0542 12616 adpu320 - ok
15:46:51.0565 12616 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:46:51.0680 12616 AeLookupSvc - ok
15:46:51.0730 12616 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
15:46:51.0765 12616 AFBAgent - ok
15:46:51.0822 12616 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:46:51.0863 12616 AFD - ok
15:46:51.0899 12616 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:46:51.0910 12616 agp440 - ok
15:46:51.0927 12616 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:46:52.0074 12616 ALG - ok
15:46:52.0111 12616 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:46:52.0121 12616 aliide - ok
15:46:52.0125 12616 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:46:52.0135 12616 amdide - ok
15:46:52.0163 12616 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:46:52.0209 12616 AmdK8 - ok
15:46:52.0226 12616 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:46:52.0254 12616 AmdPPM - ok
15:46:52.0285 12616 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:46:52.0300 12616 amdsata - ok
15:46:52.0330 12616 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:46:52.0345 12616 amdsbs - ok
15:46:52.0356 12616 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:46:52.0368 12616 amdxata - ok
15:46:52.0411 12616 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:46:52.0421 12616 AmUStor - ok
15:46:52.0456 12616 [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
15:46:52.0496 12616 androidusb - ok
15:46:52.0598 12616 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:46:52.0623 12616 AntiVirSchedulerService - ok
15:46:52.0659 12616 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:46:52.0669 12616 AntiVirService - ok
15:46:52.0709 12616 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:46:52.0883 12616 AppID - ok
15:46:52.0913 12616 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:46:52.0976 12616 AppIDSvc - ok
15:46:53.0022 12616 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
15:46:53.0077 12616 Appinfo - ok
15:46:53.0170 12616 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:53.0178 12616 Apple Mobile Device - ok
15:46:53.0198 12616 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:46:53.0210 12616 arc - ok
15:46:53.0235 12616 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:46:53.0247 12616 arcsas - ok
15:46:53.0335 12616 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:46:53.0344 12616 ASLDRService - ok
15:46:53.0396 12616 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:46:53.0404 12616 ASMMAP64 - ok
15:46:53.0440 12616 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
15:46:53.0487 12616 asmthub3 - ok
15:46:53.0532 12616 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
15:46:53.0590 12616 asmtxhci - ok
15:46:53.0639 12616 [ 9836DDA9A33DACC7F40A672C47AD70D0 ] ASUS InstantOn C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
15:46:53.0647 12616 ASUS InstantOn - ok
15:46:53.0673 12616 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:53.0723 12616 AsyncMac - ok
15:46:53.0766 12616 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:46:53.0777 12616 atapi - ok
15:46:53.0857 12616 [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:46:53.0981 12616 athr - ok
15:46:54.0003 12616 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:46:54.0012 12616 ATKGFNEXSrv - ok
15:46:54.0063 12616 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:46:54.0070 12616 ATKWMIACPIIO - ok
15:46:54.0110 12616 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:54.0184 12616 AudioEndpointBuilder - ok
15:46:54.0209 12616 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:46:54.0250 12616 AudioSrv - ok
15:46:54.0282 12616 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:46:54.0293 12616 avgntflt - ok
15:46:54.0348 12616 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:46:54.0360 12616 avipbb - ok
15:46:54.0385 12616 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:46:54.0393 12616 avkmgr - ok
15:46:54.0462 12616 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:46:54.0548 12616 AxInstSV - ok
15:46:54.0587 12616 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:46:54.0640 12616 b06bdrv - ok
15:46:54.0669 12616 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:54.0704 12616 b57nd60a - ok
15:46:54.0778 12616 [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:46:54.0792 12616 BBSvc - ok
15:46:54.0812 12616 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:46:54.0853 12616 BDESVC - ok
15:46:54.0895 12616 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:46:54.0951 12616 Beep - ok
15:46:55.0022 12616 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:46:55.0103 12616 BFE - ok
15:46:55.0142 12616 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
15:46:55.0228 12616 BITS - ok
15:46:55.0268 12616 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:55.0301 12616 blbdrive - ok
15:46:55.0361 12616 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:55.0378 12616 Bonjour Service - ok
15:46:55.0413 12616 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:46:55.0450 12616 bowser - ok
15:46:55.0480 12616 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:46:55.0550 12616 BrFiltLo - ok
15:46:55.0570 12616 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:46:55.0595 12616 BrFiltUp - ok
15:46:55.0641 12616 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:46:55.0677 12616 Browser - ok
15:46:55.0694 12616 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:46:55.0737 12616 Brserid - ok
15:46:55.0747 12616 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:55.0779 12616 BrSerWdm - ok
15:46:55.0791 12616 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:55.0820 12616 BrUsbMdm - ok
15:46:55.0824 12616 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:55.0861 12616 BrUsbSer - ok
15:46:55.0917 12616 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:46:55.0997 12616 BthEnum - ok
15:46:56.0039 12616 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:46:56.0069 12616 BTHMODEM - ok
15:46:56.0105 12616 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:46:56.0148 12616 BthPan - ok
15:46:56.0191 12616 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:46:56.0255 12616 BTHPORT - ok
15:46:56.0292 12616 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:46:56.0350 12616 bthserv - ok
15:46:56.0393 12616 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:46:56.0421 12616 BTHUSB - ok
15:46:56.0470 12616 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:46:56.0527 12616 cdfs - ok
15:46:56.0571 12616 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:46:56.0601 12616 cdrom - ok
15:46:56.0638 12616 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:46:56.0694 12616 CertPropSvc - ok
15:46:56.0731 12616 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:46:56.0760 12616 circlass - ok
15:46:56.0783 12616 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:46:56.0801 12616 CLFS - ok
15:46:56.0870 12616 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:56.0881 12616 clr_optimization_v2.0.50727_32 - ok
15:46:56.0936 12616 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:56.0947 12616 clr_optimization_v2.0.50727_64 - ok
15:46:57.0018 12616 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:57.0029 12616 clr_optimization_v4.0.30319_32 - ok
15:46:57.0067 12616 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:57.0078 12616 clr_optimization_v4.0.30319_64 - ok
15:46:57.0100 12616 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:57.0130 12616 CmBatt - ok
15:46:57.0160 12616 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:46:57.0171 12616 cmdide - ok
15:46:57.0204 12616 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
15:46:57.0237 12616 CNG - ok
15:46:57.0268 12616 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:46:57.0279 12616 Compbatt - ok
15:46:57.0290 12616 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:46:57.0329 12616 CompositeBus - ok
15:46:57.0343 12616 COMSysApp - ok
15:46:57.0360 12616 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:46:57.0371 12616 crcdisk - ok
15:46:57.0409 12616 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:46:57.0456 12616 CryptSvc - ok
15:46:57.0547 12616 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:46:57.0586 12616 cvhsvc - ok
15:46:57.0624 12616 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:46:57.0696 12616 DcomLaunch - ok
15:46:57.0736 12616 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:46:57.0799 12616 defragsvc - ok
15:46:57.0830 12616 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:46:57.0882 12616 DfsC - ok
15:46:57.0920 12616 [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:46:57.0931 12616 dg_ssudbus - ok
15:46:57.0973 12616 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:46:58.0017 12616 Dhcp - ok
15:46:58.0037 12616 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:46:58.0094 12616 discache - ok
15:46:58.0138 12616 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:46:58.0150 12616 Disk - ok
15:46:58.0185 12616 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:46:58.0233 12616 Dnscache - ok
15:46:58.0269 12616 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:46:58.0326 12616 dot3svc - ok
15:46:58.0370 12616 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
15:46:58.0407 12616 Dot4 - ok
15:46:58.0433 12616 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:46:58.0464 12616 Dot4Print - ok
15:46:58.0468 12616 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
15:46:58.0495 12616 dot4usb - ok
15:46:58.0525 12616 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:46:58.0585 12616 DPS - ok
15:46:58.0629 12616 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:46:58.0651 12616 drmkaud - ok
15:46:58.0687 12616 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:46:58.0729 12616 DXGKrnl - ok
15:46:58.0753 12616 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:46:58.0803 12616 EapHost - ok
15:46:58.0913 12616 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:46:59.0065 12616 ebdrv - ok
15:46:59.0098 12616 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:46:59.0136 12616 EFS - ok
15:46:59.0195 12616 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:46:59.0267 12616 ehRecvr - ok
15:46:59.0277 12616 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:46:59.0340 12616 ehSched - ok
15:46:59.0389 12616 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:46:59.0411 12616 elxstor - ok
15:46:59.0429 12616 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:46:59.0455 12616 ErrDev - ok
15:46:59.0496 12616 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:46:59.0551 12616 EventSystem - ok
15:46:59.0583 12616 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:46:59.0631 12616 exfat - ok
15:46:59.0656 12616 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:46:59.0724 12616 fastfat - ok
15:46:59.0768 12616 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:46:59.0834 12616 Fax - ok
15:46:59.0856 12616 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:46:59.0882 12616 fdc - ok
15:46:59.0917 12616 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:46:59.0970 12616 fdPHost - ok
15:46:59.0991 12616 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:47:00.0043 12616 FDResPub - ok
15:47:00.0069 12616 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:47:00.0079 12616 FileInfo - ok
15:47:00.0102 12616 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:47:00.0168 12616 Filetrace - ok
15:47:00.0199 12616 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:47:00.0217 12616 flpydisk - ok
15:47:00.0244 12616 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:47:00.0260 12616 FltMgr - ok
15:47:00.0303 12616 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
15:47:00.0397 12616 FontCache - ok
15:47:00.0453 12616 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:00.0462 12616 FontCache3.0.0.0 - ok
15:47:00.0478 12616 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:47:00.0489 12616 FsDepends - ok
15:47:00.0519 12616 [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:47:00.0530 12616 fssfltr - ok
15:47:00.0589 12616 [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:47:00.0644 12616 fsssvc - ok
15:47:00.0676 12616 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:47:00.0687 12616 Fs_Rec - ok
15:47:00.0724 12616 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:47:00.0742 12616 fvevol - ok
15:47:00.0753 12616 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:47:00.0765 12616 gagp30kx - ok
15:47:00.0799 12616 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:00.0808 12616 GEARAspiWDM - ok
15:47:00.0843 12616 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:47:00.0911 12616 gpsvc - ok
15:47:00.0944 12616 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:47:00.0987 12616 hcw85cir - ok
15:47:01.0019 12616 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:01.0052 12616 HdAudAddService - ok
15:47:01.0077 12616 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:01.0104 12616 HDAudBus - ok
15:47:01.0119 12616 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:47:01.0142 12616 HidBatt - ok
15:47:01.0161 12616 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:47:01.0191 12616 HidBth - ok
15:47:01.0212 12616 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:47:01.0227 12616 HidIr - ok
15:47:01.0240 12616 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:47:01.0284 12616 hidserv - ok
15:47:01.0319 12616 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
15:47:01.0343 12616 HidUsb - ok
15:47:01.0377 12616 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:47:01.0439 12616 hkmsvc - ok
15:47:01.0459 12616 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:01.0505 12616 HomeGroupListener - ok
15:47:01.0526 12616 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:01.0568 12616 HomeGroupProvider - ok
15:47:01.0663 12616 [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:47:01.0676 12616 hpqcxs08 - ok
15:47:01.0711 12616 [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:47:01.0720 12616 hpqddsvc - ok
15:47:01.0748 12616 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:47:01.0759 12616 HpSAMD - ok
15:47:01.0813 12616 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:47:01.0866 12616 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:47:01.0866 12616 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:47:01.0905 12616 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:47:01.0989 12616 HTTP - ok
15:47:02.0013 12616 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:47:02.0023 12616 hwpolicy - ok
15:47:02.0067 12616 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:02.0080 12616 i8042prt - ok
15:47:02.0136 12616 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:47:02.0149 12616 iaStor - ok
15:47:02.0190 12616 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:47:02.0208 12616 iaStorV - ok
15:47:02.0267 12616 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:02.0305 12616 idsvc - ok
15:47:02.0574 12616 [ 10BB0DC3361C9420CC1B0B2128BB89DB ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:47:02.0927 12616 igfx - ok
15:47:02.0954 12616 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:47:02.0964 12616 iirsp - ok
15:47:02.0999 12616 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:47:03.0060 12616 IKEEXT - ok
15:47:03.0158 12616 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:47:03.0261 12616 IntcAzAudAddService - ok
15:47:03.0331 12616 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:47:03.0371 12616 IntcDAud - ok
15:47:03.0398 12616 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:47:03.0409 12616 intelide - ok
15:47:03.0436 12616 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:47:03.0464 12616 intelppm - ok
15:47:03.0493 12616 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:47:03.0544 12616 IPBusEnum - ok
15:47:03.0577 12616 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:03.0622 12616 IpFilterDriver - ok
15:47:03.0681 12616 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:47:03.0730 12616 iphlpsvc - ok
15:47:03.0759 12616 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:47:03.0787 12616 IPMIDRV - ok
15:47:03.0809 12616 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:47:03.0858 12616 IPNAT - ok
15:47:03.0927 12616 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:47:03.0961 12616 iPod Service - ok
15:47:03.0989 12616 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:47:04.0065 12616 IRENUM - ok
15:47:04.0092 12616 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:47:04.0102 12616 isapnp - ok
15:47:04.0127 12616 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:47:04.0143 12616 iScsiPrt - ok
15:47:04.0169 12616 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:04.0180 12616 kbdclass - ok
15:47:04.0187 12616 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:47:04.0221 12616 kbdhid - ok
15:47:04.0264 12616 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
15:47:04.0272 12616 kbfiltr - ok
15:47:04.0281 12616 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:47:04.0293 12616 KeyIso - ok
15:47:04.0308 12616 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:47:04.0319 12616 KSecDD - ok
15:47:04.0350 12616 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:47:04.0364 12616 KSecPkg - ok
15:47:04.0391 12616 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:47:04.0426 12616 ksthunk - ok
15:47:04.0481 12616 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:47:04.0544 12616 KtmRm - ok
15:47:04.0579 12616 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:47:04.0588 12616 L1C - ok
15:47:04.0613 12616 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:47:04.0668 12616 LanmanServer - ok
15:47:04.0705 12616 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:04.0757 12616 LanmanWorkstation - ok
15:47:04.0810 12616 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:47:04.0862 12616 lltdio - ok
15:47:04.0901 12616 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:47:04.0966 12616 lltdsvc - ok
15:47:04.0993 12616 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:47:05.0030 12616 lmhosts - ok
15:47:05.0109 12616 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:47:05.0124 12616 LMS - ok
15:47:05.0154 12616 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:47:05.0166 12616 LSI_FC - ok
15:47:05.0199 12616 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:47:05.0211 12616 LSI_SAS - ok
15:47:05.0219 12616 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:47:05.0231 12616 LSI_SAS2 - ok
15:47:05.0252 12616 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:47:05.0265 12616 LSI_SCSI - ok
15:47:05.0287 12616 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:47:05.0337 12616 luafv - ok
15:47:05.0369 12616 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:47:05.0387 12616 Mcx2Svc - ok
15:47:05.0401 12616 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:47:05.0412 12616 megasas - ok
15:47:05.0437 12616 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:47:05.0453 12616 MegaSR - ok
15:47:05.0492 12616 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:47:05.0501 12616 MEIx64 - ok
15:47:05.0515 12616 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:47:05.0570 12616 MMCSS - ok
15:47:05.0584 12616 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:47:05.0642 12616 Modem - ok
15:47:05.0679 12616 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:47:05.0706 12616 monitor - ok
15:47:05.0733 12616 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:47:05.0744 12616 mouclass - ok
15:47:05.0765 12616 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\drivers\mouhid.sys
15:47:05.0787 12616 mouhid - ok
15:47:05.0806 12616 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:47:05.0818 12616 mountmgr - ok
15:47:05.0888 12616 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:47:05.0899 12616 MozillaMaintenance - ok
15:47:05.0917 12616 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:47:05.0930 12616 mpio - ok
15:47:05.0944 12616 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:47:05.0996 12616 mpsdrv - ok
15:47:06.0036 12616 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:47:06.0113 12616 MpsSvc - ok
15:47:06.0137 12616 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:47:06.0167 12616 MRxDAV - ok
15:47:06.0208 12616 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:06.0247 12616 mrxsmb - ok
15:47:06.0263 12616 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:06.0287 12616 mrxsmb10 - ok
15:47:06.0304 12616 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:06.0345 12616 mrxsmb20 - ok
15:47:06.0374 12616 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:47:06.0386 12616 msahci - ok
15:47:06.0405 12616 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:47:06.0418 12616 msdsm - ok
15:47:06.0438 12616 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:47:06.0477 12616 MSDTC - ok
15:47:06.0496 12616 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:47:06.0544 12616 Msfs - ok
15:47:06.0571 12616 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:47:06.0614 12616 mshidkmdf - ok
15:47:06.0632 12616 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:47:06.0642 12616 msisadrv - ok
15:47:06.0673 12616 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:47:06.0732 12616 MSiSCSI - ok
15:47:06.0736 12616 msiserver - ok
15:47:06.0767 12616 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:47:06.0811 12616 MSKSSRV - ok
15:47:06.0829 12616 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:06.0880 12616 MSPCLOCK - ok
15:47:06.0899 12616 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:47:06.0950 12616 MSPQM - ok
15:47:06.0973 12616 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:47:06.0992 12616 MsRPC - ok
15:47:07.0012 12616 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:07.0023 12616 mssmbios - ok
15:47:07.0043 12616 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:47:07.0097 12616 MSTEE - ok
15:47:07.0101 12616 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:47:07.0133 12616 MTConfig - ok
15:47:07.0147 12616 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:47:07.0159 12616 Mup - ok
15:47:07.0189 12616 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:47:07.0244 12616 napagent - ok
15:47:07.0299 12616 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:47:07.0343 12616 NativeWifiP - ok
15:47:07.0398 12616 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:47:07.0440 12616 NDIS - ok
15:47:07.0482 12616 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:07.0533 12616 NdisCap - ok
15:47:07.0551 12616 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:07.0587 12616 NdisTapi - ok
15:47:07.0602 12616 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:07.0647 12616 Ndisuio - ok
15:47:07.0665 12616 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:07.0713 12616 NdisWan - ok
15:47:07.0729 12616 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:47:07.0780 12616 NDProxy - ok
15:47:07.0860 12616 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:47:07.0879 12616 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:47:07.0879 12616 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:47:07.0912 12616 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:47:07.0975 12616 NetBIOS - ok
15:47:08.0000 12616 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:47:08.0049 12616 NetBT - ok
15:47:08.0066 12616 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:47:08.0078 12616 Netlogon - ok
15:47:08.0113 12616 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:47:08.0183 12616 Netman - ok
15:47:08.0212 12616 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:47:08.0267 12616 netprofm - ok
15:47:08.0306 12616 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:47:08.0317 12616 NetTcpPortSharing - ok
15:47:08.0339 12616 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:47:08.0350 12616 nfrd960 - ok
15:47:08.0385 12616 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:47:08.0415 12616 NlaSvc - ok
15:47:08.0429 12616 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:47:08.0465 12616 Npfs - ok
15:47:08.0486 12616 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:47:08.0533 12616 nsi - ok
15:47:08.0553 12616 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:47:08.0605 12616 nsiproxy - ok
15:47:08.0673 12616 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:47:08.0744 12616 Ntfs - ok
15:47:08.0773 12616 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:47:08.0828 12616 Null - ok
15:47:08.0861 12616 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:47:08.0874 12616 nvraid - ok
15:47:08.0888 12616 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:47:08.0902 12616 nvstor - ok
15:47:08.0919 12616 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:47:08.0932 12616 nv_agp - ok
15:47:08.0947 12616 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:47:08.0969 12616 ohci1394 - ok
15:47:09.0015 12616 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:09.0027 12616 ose - ok
15:47:09.0148 12616 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:09.0308 12616 osppsvc - ok
15:47:09.0342 12616 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:47:09.0384 12616 p2pimsvc - ok
15:47:09.0401 12616 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:47:09.0433 12616 p2psvc - ok
15:47:09.0468 12616 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:47:09.0492 12616 Parport - ok
15:47:09.0524 12616 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:47:09.0536 12616 partmgr - ok
15:47:09.0556 12616 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:47:09.0584 12616 PcaSvc - ok
15:47:09.0608 12616 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:47:09.0622 12616 pci - ok
15:47:09.0636 12616 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:47:09.0647 12616 pciide - ok
15:47:09.0665 12616 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:47:09.0679 12616 pcmcia - ok
15:47:09.0696 12616 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:47:09.0708 12616 pcw - ok
15:47:09.0728 12616 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:47:09.0785 12616 PEAUTH - ok
15:47:09.0860 12616 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:47:09.0889 12616 PerfHost - ok
15:47:09.0948 12616 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:47:10.0040 12616 pla - ok
15:47:10.0078 12616 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:47:10.0130 12616 PlugPlay - ok
15:47:10.0195 12616 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:47:10.0213 12616 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:47:10.0213 12616 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:47:10.0242 12616 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:47:10.0273 12616 PNRPAutoReg - ok
15:47:10.0299 12616 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:47:10.0314 12616 PNRPsvc - ok
15:47:10.0341 12616 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:47:10.0393 12616 PolicyAgent - ok
15:47:10.0429 12616 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:47:10.0479 12616 Power - ok
15:47:10.0517 12616 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:47:10.0562 12616 PptpMiniport - ok
15:47:10.0575 12616 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:47:10.0597 12616 Processor - ok
15:47:10.0628 12616 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:47:10.0670 12616 ProfSvc - ok
15:47:10.0685 12616 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:10.0697 12616 ProtectedStorage - ok
15:47:10.0730 12616 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:47:10.0783 12616 Psched - ok
15:47:10.0852 12616 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:47:10.0909 12616 ql2300 - ok
15:47:10.0927 12616 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:47:10.0941 12616 ql40xx - ok
15:47:10.0972 12616 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:47:10.0992 12616 QWAVE - ok
15:47:11.0005 12616 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:47:11.0035 12616 QWAVEdrv - ok
15:47:11.0065 12616 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:47:11.0116 12616 RasAcd - ok
15:47:11.0156 12616 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:11.0207 12616 RasAgileVpn - ok
15:47:11.0241 12616 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:47:11.0287 12616 RasAuto - ok
15:47:11.0300 12616 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:11.0352 12616 Rasl2tp - ok
15:47:11.0383 12616 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:47:11.0427 12616 RasMan - ok
15:47:11.0441 12616 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:11.0478 12616 RasPppoe - ok
15:47:11.0508 12616 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:47:11.0569 12616 RasSstp - ok
15:47:11.0596 12616 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:47:11.0644 12616 rdbss - ok
15:47:11.0666 12616 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:47:11.0692 12616 rdpbus - ok
15:47:11.0721 12616 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:11.0770 12616 RDPCDD - ok
15:47:11.0790 12616 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:47:11.0836 12616 RDPENCDD - ok
15:47:11.0846 12616 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:47:11.0900 12616 RDPREFMP - ok
15:47:11.0930 12616 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:47:11.0981 12616 RDPWD - ok
15:47:12.0015 12616 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:47:12.0030 12616 rdyboost - ok
15:47:12.0056 12616 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:47:12.0104 12616 RemoteAccess - ok
15:47:12.0143 12616 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:47:12.0192 12616 RemoteRegistry - ok
15:47:12.0236 12616 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:47:12.0262 12616 RFCOMM - ok
15:47:12.0304 12616 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:47:12.0356 12616 RpcEptMapper - ok
15:47:12.0404 12616 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:47:12.0433 12616 RpcLocator - ok
15:47:12.0457 12616 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:47:12.0503 12616 RpcSs - ok
15:47:12.0532 12616 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:47:12.0569 12616 rspndr - ok
15:47:12.0578 12616 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:47:12.0589 12616 SamSs - ok
15:47:12.0612 12616 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:47:12.0624 12616 sbp2port - ok
15:47:12.0647 12616 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:47:12.0687 12616 SCardSvr - ok
15:47:12.0700 12616 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:47:12.0743 12616 scfilter - ok
15:47:12.0781 12616 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:47:12.0860 12616 Schedule - ok
15:47:12.0892 12616 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:47:12.0928 12616 SCPolicySvc - ok
15:47:12.0946 12616 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:47:12.0985 12616 SDRSVC - ok
15:47:13.0056 12616 [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:47:13.0070 12616 SeaPort - ok
15:47:13.0107 12616 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:47:13.0152 12616 secdrv - ok
15:47:13.0184 12616 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:47:13.0236 12616 seclogon - ok
15:47:13.0267 12616 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:47:13.0315 12616 SENS - ok
15:47:13.0330 12616 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:47:13.0366 12616 SensrSvc - ok
15:47:13.0398 12616 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
15:47:13.0416 12616 Serenum - ok
15:47:13.0445 12616 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:47:13.0472 12616 Serial - ok
15:47:13.0502 12616 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:47:13.0528 12616 sermouse - ok
15:47:13.0553 12616 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:47:13.0604 12616 SessionEnv - ok
15:47:13.0621 12616 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:47:13.0643 12616 sffdisk - ok
15:47:13.0647 12616 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:47:13.0669 12616 sffp_mmc - ok
15:47:13.0673 12616 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:47:13.0700 12616 sffp_sd - ok
15:47:13.0710 12616 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:47:13.0729 12616 sfloppy - ok
15:47:13.0781 12616 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:47:13.0817 12616 Sftfs - ok
15:47:13.0886 12616 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:47:13.0904 12616 sftlist - ok
15:47:13.0918 12616 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:47:13.0932 12616 Sftplay - ok
15:47:13.0940 12616 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:47:13.0949 12616 Sftredir - ok
15:47:13.0962 12616 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:47:13.0971 12616 Sftvol - ok
15:47:13.0983 12616 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:47:13.0995 12616 sftvsa - ok
15:47:14.0030 12616 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:47:14.0081 12616 SharedAccess - ok
15:47:14.0117 12616 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:14.0173 12616 ShellHWDetection - ok
15:47:14.0218 12616 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
15:47:14.0244 12616 SiSGbeLH - ok
15:47:14.0248 12616 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:47:14.0258 12616 SiSRaid2 - ok
15:47:14.0276 12616 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:47:14.0288 12616 SiSRaid4 - ok
15:47:14.0331 12616 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:47:14.0342 12616 SkypeUpdate - ok
15:47:14.0360 12616 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:47:14.0397 12616 Smb - ok
15:47:14.0440 12616 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:47:14.0471 12616 SNMPTRAP - ok
15:47:14.0488 12616 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:47:14.0498 12616 spldr - ok
15:47:14.0531 12616 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:47:14.0586 12616 Spooler - ok
15:47:14.0668 12616 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:47:14.0807 12616 sppsvc - ok
15:47:14.0825 12616 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:47:14.0876 12616 sppuinotify - ok
15:47:14.0915 12616 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:47:14.0969 12616 srv - ok
15:47:14.0990 12616 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:47:15.0017 12616 srv2 - ok
15:47:15.0039 12616 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:47:15.0065 12616 srvnet - ok
15:47:15.0108 12616 [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
15:47:15.0148 12616 ssadbus - ok
15:47:15.0173 12616 [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:47:15.0210 12616 ssadmdfl - ok
15:47:15.0234 12616 [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
15:47:15.0256 12616 ssadmdm - ok
15:47:15.0276 12616 [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd C:\Windows\system32\DRIVERS\ssadserd.sys
15:47:15.0318 12616 ssadserd - ok
15:47:15.0358 12616 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:47:15.0406 12616 SSDPSRV - ok
15:47:15.0418 12616 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:47:15.0465 12616 SstpSvc - ok
15:47:15.0512 12616 [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:47:15.0525 12616 ssudmdm - ok
15:47:15.0551 12616 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:47:15.0562 12616 stexstor - ok
15:47:15.0596 12616 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:47:15.0625 12616 StillCam - ok
15:47:15.0673 12616 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:47:15.0711 12616 stisvc - ok
15:47:15.0741 12616 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:47:15.0750 12616 swenum - ok
15:47:15.0774 12616 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:47:15.0835 12616 swprv - ok
15:47:15.0921 12616 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:47:15.0976 12616 SynTP - ok
15:47:16.0036 12616 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:47:16.0118 12616 SysMain - ok
15:47:16.0132 12616 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:16.0165 12616 TabletInputService - ok
15:47:16.0189 12616 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:47:16.0246 12616 TapiSrv - ok
15:47:16.0265 12616 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:47:16.0316 12616 TBS - ok
15:47:16.0383 12616 [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:47:16.0455 12616 Tcpip - ok
15:47:16.0515 12616 [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:47:16.0554 12616 TCPIP6 - ok
15:47:16.0577 12616 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:47:16.0605 12616 tcpipreg - ok
15:47:16.0639 12616 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:47:16.0665 12616 TDPIPE - ok
15:47:16.0692 12616 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:47:16.0703 12616 TDTCP - ok
15:47:16.0717 12616 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:47:16.0763 12616 tdx - ok
15:47:16.0793 12616 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:47:16.0805 12616 TermDD - ok
15:47:16.0844 12616 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:47:16.0902 12616 TermService - ok
15:47:16.0915 12616 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:47:16.0944 12616 Themes - ok
15:47:16.0960 12616 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:47:16.0996 12616 THREADORDER - ok
15:47:17.0014 12616 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:47:17.0065 12616 TrkWks - ok
15:47:17.0118 12616 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:17.0179 12616 TrustedInstaller - ok
15:47:17.0197 12616 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:17.0232 12616 tssecsrv - ok
15:47:17.0269 12616 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:47:17.0314 12616 TsUsbFlt - ok
15:47:17.0334 12616 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:47:17.0359 12616 TsUsbGD - ok
15:47:17.0385 12616 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:47:17.0435 12616 tunnel - ok
15:47:17.0455 12616 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:47:17.0467 12616 uagp35 - ok
15:47:17.0486 12616 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:47:17.0543 12616 udfs - ok
15:47:17.0574 12616 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:47:17.0609 12616 UI0Detect - ok
15:47:17.0629 12616 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:47:17.0641 12616 uliagpkx - ok
15:47:17.0676 12616 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:47:17.0704 12616 umbus - ok
15:47:17.0731 12616 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:47:17.0759 12616 UmPass - ok
15:47:17.0865 12616 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:47:17.0956 12616 UNS - ok
15:47:17.0995 12616 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:47:18.0055 12616 upnphost - ok
15:47:18.0102 12616 [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:47:18.0130 12616 USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:47:18.0130 12616 USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:47:18.0157 12616 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:18.0192 12616 usbccgp - ok
15:47:18.0216 12616 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:47:18.0249 12616 usbcir - ok
15:47:18.0264 12616 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:47:18.0293 12616 usbehci - ok
15:47:18.0317 12616 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:47:18.0343 12616 usbhub - ok
15:47:18.0374 12616 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:47:18.0385 12616 usbohci - ok
15:47:18.0428 12616 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:47:18.0450 12616 usbprint - ok
15:47:18.0476 12616 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:47:18.0506 12616 usbscan - ok
15:47:18.0539 12616 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:18.0577 12616 USBSTOR - ok
15:47:18.0608 12616 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:47:18.0631 12616 usbuhci - ok
15:47:18.0679 12616 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:47:18.0709 12616 usbvideo - ok
15:47:18.0731 12616 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:47:18.0769 12616 UxSms - ok
15:47:18.0798 12616 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:47:18.0809 12616 VaultSvc - ok
15:47:18.0828 12616 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:47:18.0839 12616 vdrvroot - ok
15:47:18.0867 12616 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:47:18.0929 12616 vds - ok
15:47:18.0956 12616 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:18.0971 12616 vga - ok
15:47:18.0982 12616 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:47:19.0018 12616 VgaSave - ok
15:47:19.0036 12616 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:47:19.0051 12616 vhdmp - ok
15:47:19.0066 12616 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:47:19.0077 12616 viaide - ok
15:47:19.0089 12616 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:47:19.0101 12616 volmgr - ok
15:47:19.0123 12616 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:47:19.0140 12616 volmgrx - ok
15:47:19.0179 12616 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:47:19.0195 12616 volsnap - ok
15:47:19.0213 12616 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:47:19.0226 12616 vsmraid - ok
15:47:19.0274 12616 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:47:19.0374 12616 VSS - ok
15:47:19.0385 12616 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:47:19.0414 12616 vwifibus - ok
15:47:19.0427 12616 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:47:19.0458 12616 vwififlt - ok
15:47:19.0479 12616 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:47:19.0533 12616 W32Time - ok
15:47:19.0561 12616 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:47:19.0586 12616 WacomPen - ok
15:47:19.0616 12616 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:47:19.0663 12616 WANARP - ok
15:47:19.0678 12616 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:47:19.0713 12616 Wanarpv6 - ok
15:47:19.0756 12616 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:47:19.0834 12616 wbengine - ok
15:47:19.0846 12616 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:47:19.0878 12616 WbioSrvc - ok
15:47:19.0899 12616 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:47:19.0949 12616 wcncsvc - ok
15:47:19.0970 12616 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:20.0013 12616 WcsPlugInService - ok
15:47:20.0036 12616 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:47:20.0047 12616 Wd - ok
15:47:20.0088 12616 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:47:20.0128 12616 Wdf01000 - ok
15:47:20.0145 12616 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:47:20.0234 12616 WdiServiceHost - ok
15:47:20.0237 12616 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:47:20.0255 12616 WdiSystemHost - ok
15:47:20.0288 12616 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:47:20.0326 12616 WebClient - ok
15:47:20.0348 12616 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:47:20.0401 12616 Wecsvc - ok
15:47:20.0419 12616 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:47:20.0471 12616 wercplsupport - ok
15:47:20.0490 12616 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:47:20.0537 12616 WerSvc - ok
15:47:20.0577 12616 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:20.0629 12616 WfpLwf - ok
15:47:20.0691 12616 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:47:20.0705 12616 WimFltr - ok
15:47:20.0715 12616 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:47:20.0725 12616 WIMMount - ok
15:47:20.0756 12616 WinDefend - ok
15:47:20.0760 12616 WinHttpAutoProxySvc - ok
15:47:20.0824 12616 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:47:20.0874 12616 Winmgmt - ok
15:47:20.0947 12616 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:47:21.0052 12616 WinRM - ok
15:47:21.0112 12616 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:47:21.0127 12616 WinUsb - ok
15:47:21.0177 12616 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:47:21.0237 12616 Wlansvc - ok
15:47:21.0299 12616 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:47:21.0309 12616 wlcrasvc - ok
15:47:21.0403 12616 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:47:21.0488 12616 wlidsvc - ok
15:47:21.0525 12616 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:21.0554 12616 WmiAcpi - ok
15:47:21.0595 12616 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:47:21.0618 12616 wmiApSrv - ok
15:47:21.0648 12616 WMPNetworkSvc - ok
15:47:21.0667 12616 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:47:21.0691 12616 WPCSvc - ok
15:47:21.0708 12616 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:47:21.0724 12616 WPDBusEnum - ok
15:47:21.0751 12616 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:47:21.0796 12616 ws2ifsl - ok
15:47:21.0815 12616 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
15:47:21.0848 12616 wscsvc - ok
15:47:21.0851 12616 WSearch - ok
15:47:21.0932 12616 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:47:22.0020 12616 wuauserv - ok
15:47:22.0037 12616 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:47:22.0079 12616 WudfPf - ok
15:47:22.0111 12616 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:22.0142 12616 WUDFRd - ok
15:47:22.0171 12616 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:47:22.0203 12616 wudfsvc - ok
15:47:22.0225 12616 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:47:22.0247 12616 WwanSvc - ok
15:47:22.0267 12616 ================ Scan global ===============================
15:47:22.0298 12616 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:47:22.0329 12616 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:47:22.0339 12616 [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:47:22.0356 12616 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:47:22.0382 12616 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:47:22.0387 12616 [Global] - ok
15:47:22.0388 12616 ================ Scan MBR ==================================
15:47:22.0406 12616 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:47:22.0805 12616 \Device\Harddisk0\DR0 - ok
15:47:22.0805 12616 ================ Scan VBR ==================================
15:47:22.0808 12616 [ 136C634DCD8797923B6CFE1E927A91A8 ] \Device\Harddisk0\DR0\Partition1
15:47:22.0810 12616 \Device\Harddisk0\DR0\Partition1 - ok
15:47:22.0837 12616 [ A760E7F7DC2D7282072779BD8FFC0AD5 ] \Device\Harddisk0\DR0\Partition2
15:47:22.0840 12616 \Device\Harddisk0\DR0\Partition2 - ok
15:47:22.0841 12616 ============================================================
15:47:22.0841 12616 Scan finished
15:47:22.0841 12616 ============================================================
15:47:22.0849 12188 Detected object count: 4
15:47:22.0849 12188 Actual detected object count: 4
15:48:08.0307 12188 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0307 12188 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:48:08.0307 12188 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0307 12188 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:48:08.0309 12188 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0309 12188 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:48:08.0312 12188 USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0312 12188 USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

_Radieschen · 11.12.2012, 15:57

Okay, deine Antowrt hat sich überschnitten. Ich versuche es nochmal

Code:

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-11 15:30:33
-----------------------------
15:30:33.647    OS Version: Windows x64 6.1.7601 Service Pack 1
15:30:33.647    Number of processors: 4 586 0x2A07
15:30:33.648    ComputerName: ANNELI-PC  UserName: Anneli
15:30:34.167    Initialize success
15:33:21.238    AVAST engine defs: 12121101
15:33:26.980    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:33:26.982    Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
15:33:27.014    Disk 0 MBR read successfully
15:33:27.016    Disk 0 MBR scan
15:33:27.031    Disk 0 Windows 7 default MBR code
15:33:27.049    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    25600 MB offset 2048
15:33:27.069    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       128028 MB offset 52430848
15:33:27.093    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       151615 MB offset 314632192
15:33:27.116    Disk 0 scanning C:\Windows\system32\drivers
15:33:39.493    Service scanning
15:34:03.550    Modules scanning
15:34:03.556    Disk 0 trace - called modules:
15:34:03.680    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
15:34:04.020    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8006652060]
15:34:04.025    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa8003cfe040]
15:34:04.029    5 ACPI.sys[fffff88000d5c7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800474e050]
15:34:04.681    AVAST engine scan C:\Windows
15:34:07.289    AVAST engine scan C:\Windows\system32
15:36:50.872    AVAST engine scan C:\Windows\system32\drivers
15:37:04.463    AVAST engine scan C:\Users\Anneli
15:42:04.460    AVAST engine scan C:\ProgramData
15:43:35.373    Scan finished successfully
15:43:55.375    Disk 0 MBR has been saved successfully to "C:\Users\Anneli\Desktop\MBR.dat"
15:43:55.379    The log file has been saved successfully to "C:\Users\Anneli\Desktop\aswMBR.txt"

Code:

ATTFilter

15:46:22.0628 2116  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:46:22.0907 2116  ============================================================
15:46:22.0907 2116  Current date / time: 2012/12/11 15:46:22.0907
15:46:22.0907 2116  SystemInfo:
15:46:22.0907 2116  
15:46:22.0907 2116  OS Version: 6.1.7601 ServicePack: 1.0
15:46:22.0907 2116  Product type: Workstation
15:46:22.0907 2116  ComputerName: ANNELI-PC
15:46:22.0907 2116  UserName: Anneli
15:46:22.0907 2116  Windows directory: C:\Windows
15:46:22.0907 2116  System windows directory: C:\Windows
15:46:22.0907 2116  Running under WOW64
15:46:22.0907 2116  Processor architecture: Intel x64
15:46:22.0907 2116  Number of processors: 4
15:46:22.0907 2116  Page size: 0x1000
15:46:22.0907 2116  Boot type: Normal boot
15:46:22.0907 2116  ============================================================
15:46:23.0368 2116  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:46:23.0398 2116  ============================================================
15:46:23.0398 2116  \Device\Harddisk0\DR0:
15:46:23.0398 2116  MBR partitions:
15:46:23.0398 2116  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xFA0E000
15:46:23.0398 2116  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x12C0E800, BlocksNum 0x1281F800
15:46:23.0398 2116  ============================================================
15:46:23.0448 2116  C: <-> \Device\Harddisk0\DR0\Partition1
15:46:23.0489 2116  D: <-> \Device\Harddisk0\DR0\Partition2
15:46:23.0489 2116  ============================================================
15:46:23.0489 2116  Initialize success
15:46:23.0489 2116  ============================================================
15:46:50.0352 12616  ============================================================
15:46:50.0352 12616  Scan started
15:46:50.0352 12616  Mode: Manual; SigCheck; TDLFS; 
15:46:50.0352 12616  ============================================================
15:46:50.0683 12616  ================ Scan system memory ========================
15:46:50.0683 12616  System memory - ok
15:46:50.0683 12616  ================ Scan services =============================
15:46:50.0840 12616  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:46:50.0936 12616  1394ohci - ok
15:46:50.0965 12616  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:46:50.0984 12616  ACPI - ok
15:46:51.0009 12616  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:46:51.0096 12616  AcpiPmi - ok
15:46:51.0189 12616  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:46:51.0200 12616  AdobeARMservice - ok
15:46:51.0347 12616  [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:46:51.0359 12616  AdobeFlashPlayerUpdateSvc - ok
15:46:51.0405 12616  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:46:51.0431 12616  adp94xx - ok
15:46:51.0487 12616  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:46:51.0506 12616  adpahci - ok
15:46:51.0528 12616  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:46:51.0542 12616  adpu320 - ok
15:46:51.0565 12616  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:46:51.0680 12616  AeLookupSvc - ok
15:46:51.0730 12616  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:46:51.0765 12616  AFBAgent - ok
15:46:51.0822 12616  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:46:51.0863 12616  AFD - ok
15:46:51.0899 12616  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:46:51.0910 12616  agp440 - ok
15:46:51.0927 12616  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:46:52.0074 12616  ALG - ok
15:46:52.0111 12616  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:46:52.0121 12616  aliide - ok
15:46:52.0125 12616  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:46:52.0135 12616  amdide - ok
15:46:52.0163 12616  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:46:52.0209 12616  AmdK8 - ok
15:46:52.0226 12616  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:46:52.0254 12616  AmdPPM - ok
15:46:52.0285 12616  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:46:52.0300 12616  amdsata - ok
15:46:52.0330 12616  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:46:52.0345 12616  amdsbs - ok
15:46:52.0356 12616  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:46:52.0368 12616  amdxata - ok
15:46:52.0411 12616  [ 92A848F962DA91C631147D566414BB7E ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
15:46:52.0421 12616  AmUStor - ok
15:46:52.0456 12616  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys
15:46:52.0496 12616  androidusb - ok
15:46:52.0598 12616  [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:46:52.0623 12616  AntiVirSchedulerService - ok
15:46:52.0659 12616  [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:46:52.0669 12616  AntiVirService - ok
15:46:52.0709 12616  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:46:52.0883 12616  AppID - ok
15:46:52.0913 12616  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:46:52.0976 12616  AppIDSvc - ok
15:46:53.0022 12616  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
15:46:53.0077 12616  Appinfo - ok
15:46:53.0170 12616  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:46:53.0178 12616  Apple Mobile Device - ok
15:46:53.0198 12616  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:46:53.0210 12616  arc - ok
15:46:53.0235 12616  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:46:53.0247 12616  arcsas - ok
15:46:53.0335 12616  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:46:53.0344 12616  ASLDRService - ok
15:46:53.0396 12616  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:46:53.0404 12616  ASMMAP64 - ok
15:46:53.0440 12616  [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
15:46:53.0487 12616  asmthub3 - ok
15:46:53.0532 12616  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
15:46:53.0590 12616  asmtxhci - ok
15:46:53.0639 12616  [ 9836DDA9A33DACC7F40A672C47AD70D0 ] ASUS InstantOn  C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
15:46:53.0647 12616  ASUS InstantOn - ok
15:46:53.0673 12616  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:46:53.0723 12616  AsyncMac - ok
15:46:53.0766 12616  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:46:53.0777 12616  atapi - ok
15:46:53.0857 12616  [ DE9FB3DADE8FD39AE2C587DF22D36B8E ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:46:53.0981 12616  athr - ok
15:46:54.0003 12616  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:46:54.0012 12616  ATKGFNEXSrv - ok
15:46:54.0063 12616  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:46:54.0070 12616  ATKWMIACPIIO - ok
15:46:54.0110 12616  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:46:54.0184 12616  AudioEndpointBuilder - ok
15:46:54.0209 12616  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:46:54.0250 12616  AudioSrv - ok
15:46:54.0282 12616  [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:46:54.0293 12616  avgntflt - ok
15:46:54.0348 12616  [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:46:54.0360 12616  avipbb - ok
15:46:54.0385 12616  [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:46:54.0393 12616  avkmgr - ok
15:46:54.0462 12616  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:46:54.0548 12616  AxInstSV - ok
15:46:54.0587 12616  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:46:54.0640 12616  b06bdrv - ok
15:46:54.0669 12616  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:46:54.0704 12616  b57nd60a - ok
15:46:54.0778 12616  [ 93EE7D9C35AE7E9FFDA148D7805F1421 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
15:46:54.0792 12616  BBSvc - ok
15:46:54.0812 12616  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:46:54.0853 12616  BDESVC - ok
15:46:54.0895 12616  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:46:54.0951 12616  Beep - ok
15:46:55.0022 12616  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:46:55.0103 12616  BFE - ok
15:46:55.0142 12616  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
15:46:55.0228 12616  BITS - ok
15:46:55.0268 12616  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:46:55.0301 12616  blbdrive - ok
15:46:55.0361 12616  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:46:55.0378 12616  Bonjour Service - ok
15:46:55.0413 12616  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:46:55.0450 12616  bowser - ok
15:46:55.0480 12616  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:46:55.0550 12616  BrFiltLo - ok
15:46:55.0570 12616  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:46:55.0595 12616  BrFiltUp - ok
15:46:55.0641 12616  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:46:55.0677 12616  Browser - ok
15:46:55.0694 12616  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:46:55.0737 12616  Brserid - ok
15:46:55.0747 12616  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:46:55.0779 12616  BrSerWdm - ok
15:46:55.0791 12616  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:46:55.0820 12616  BrUsbMdm - ok
15:46:55.0824 12616  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:46:55.0861 12616  BrUsbSer - ok
15:46:55.0917 12616  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:46:55.0997 12616  BthEnum - ok
15:46:56.0039 12616  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:46:56.0069 12616  BTHMODEM - ok
15:46:56.0105 12616  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:46:56.0148 12616  BthPan - ok
15:46:56.0191 12616  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:46:56.0255 12616  BTHPORT - ok
15:46:56.0292 12616  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:46:56.0350 12616  bthserv - ok
15:46:56.0393 12616  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:46:56.0421 12616  BTHUSB - ok
15:46:56.0470 12616  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:46:56.0527 12616  cdfs - ok
15:46:56.0571 12616  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:46:56.0601 12616  cdrom - ok
15:46:56.0638 12616  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:46:56.0694 12616  CertPropSvc - ok
15:46:56.0731 12616  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:46:56.0760 12616  circlass - ok
15:46:56.0783 12616  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:46:56.0801 12616  CLFS - ok
15:46:56.0870 12616  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:46:56.0881 12616  clr_optimization_v2.0.50727_32 - ok
15:46:56.0936 12616  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:46:56.0947 12616  clr_optimization_v2.0.50727_64 - ok
15:46:57.0018 12616  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:46:57.0029 12616  clr_optimization_v4.0.30319_32 - ok
15:46:57.0067 12616  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:46:57.0078 12616  clr_optimization_v4.0.30319_64 - ok
15:46:57.0100 12616  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:46:57.0130 12616  CmBatt - ok
15:46:57.0160 12616  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:46:57.0171 12616  cmdide - ok
15:46:57.0204 12616  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
15:46:57.0237 12616  CNG - ok
15:46:57.0268 12616  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:46:57.0279 12616  Compbatt - ok
15:46:57.0290 12616  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:46:57.0329 12616  CompositeBus - ok
15:46:57.0343 12616  COMSysApp - ok
15:46:57.0360 12616  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:46:57.0371 12616  crcdisk - ok
15:46:57.0409 12616  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:46:57.0456 12616  CryptSvc - ok
15:46:57.0547 12616  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:46:57.0586 12616  cvhsvc - ok
15:46:57.0624 12616  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:46:57.0696 12616  DcomLaunch - ok
15:46:57.0736 12616  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:46:57.0799 12616  defragsvc - ok
15:46:57.0830 12616  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:46:57.0882 12616  DfsC - ok
15:46:57.0920 12616  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
15:46:57.0931 12616  dg_ssudbus - ok
15:46:57.0973 12616  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:46:58.0017 12616  Dhcp - ok
15:46:58.0037 12616  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:46:58.0094 12616  discache - ok
15:46:58.0138 12616  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:46:58.0150 12616  Disk - ok
15:46:58.0185 12616  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:46:58.0233 12616  Dnscache - ok
15:46:58.0269 12616  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:46:58.0326 12616  dot3svc - ok
15:46:58.0370 12616  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:46:58.0407 12616  Dot4 - ok
15:46:58.0433 12616  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:46:58.0464 12616  Dot4Print - ok
15:46:58.0468 12616  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:46:58.0495 12616  dot4usb - ok
15:46:58.0525 12616  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:46:58.0585 12616  DPS - ok
15:46:58.0629 12616  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:46:58.0651 12616  drmkaud - ok
15:46:58.0687 12616  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:46:58.0729 12616  DXGKrnl - ok
15:46:58.0753 12616  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:46:58.0803 12616  EapHost - ok
15:46:58.0913 12616  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:46:59.0065 12616  ebdrv - ok
15:46:59.0098 12616  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:46:59.0136 12616  EFS - ok
15:46:59.0195 12616  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:46:59.0267 12616  ehRecvr - ok
15:46:59.0277 12616  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:46:59.0340 12616  ehSched - ok
15:46:59.0389 12616  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:46:59.0411 12616  elxstor - ok
15:46:59.0429 12616  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:46:59.0455 12616  ErrDev - ok
15:46:59.0496 12616  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:46:59.0551 12616  EventSystem - ok
15:46:59.0583 12616  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:46:59.0631 12616  exfat - ok
15:46:59.0656 12616  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:46:59.0724 12616  fastfat - ok
15:46:59.0768 12616  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:46:59.0834 12616  Fax - ok
15:46:59.0856 12616  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:46:59.0882 12616  fdc - ok
15:46:59.0917 12616  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:46:59.0970 12616  fdPHost - ok
15:46:59.0991 12616  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:47:00.0043 12616  FDResPub - ok
15:47:00.0069 12616  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:47:00.0079 12616  FileInfo - ok
15:47:00.0102 12616  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:47:00.0168 12616  Filetrace - ok
15:47:00.0199 12616  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:47:00.0217 12616  flpydisk - ok
15:47:00.0244 12616  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:47:00.0260 12616  FltMgr - ok
15:47:00.0303 12616  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
15:47:00.0397 12616  FontCache - ok
15:47:00.0453 12616  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:47:00.0462 12616  FontCache3.0.0.0 - ok
15:47:00.0478 12616  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:47:00.0489 12616  FsDepends - ok
15:47:00.0519 12616  [ 07DA62C960DDCCC2D35836AEAB4FC578 ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:47:00.0530 12616  fssfltr - ok
15:47:00.0589 12616  [ 28DDEEEC44E988657B732CF404D504CB ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:47:00.0644 12616  fsssvc - ok
15:47:00.0676 12616  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:47:00.0687 12616  Fs_Rec - ok
15:47:00.0724 12616  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:47:00.0742 12616  fvevol - ok
15:47:00.0753 12616  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:47:00.0765 12616  gagp30kx - ok
15:47:00.0799 12616  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:47:00.0808 12616  GEARAspiWDM - ok
15:47:00.0843 12616  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:47:00.0911 12616  gpsvc - ok
15:47:00.0944 12616  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:47:00.0987 12616  hcw85cir - ok
15:47:01.0019 12616  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:47:01.0052 12616  HdAudAddService - ok
15:47:01.0077 12616  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:47:01.0104 12616  HDAudBus - ok
15:47:01.0119 12616  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:47:01.0142 12616  HidBatt - ok
15:47:01.0161 12616  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:47:01.0191 12616  HidBth - ok
15:47:01.0212 12616  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:47:01.0227 12616  HidIr - ok
15:47:01.0240 12616  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
15:47:01.0284 12616  hidserv - ok
15:47:01.0319 12616  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:47:01.0343 12616  HidUsb - ok
15:47:01.0377 12616  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:47:01.0439 12616  hkmsvc - ok
15:47:01.0459 12616  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:47:01.0505 12616  HomeGroupListener - ok
15:47:01.0526 12616  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:47:01.0568 12616  HomeGroupProvider - ok
15:47:01.0663 12616  [ 97AAC45A375168C6A2297BEEB9692E31 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:47:01.0676 12616  hpqcxs08 - ok
15:47:01.0711 12616  [ 19A4FB67B1C97EA18EDFF44340973CD9 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:47:01.0720 12616  hpqddsvc - ok
15:47:01.0748 12616  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:47:01.0759 12616  HpSAMD - ok
15:47:01.0813 12616  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
15:47:01.0866 12616  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
15:47:01.0866 12616  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
15:47:01.0905 12616  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:47:01.0989 12616  HTTP - ok
15:47:02.0013 12616  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:47:02.0023 12616  hwpolicy - ok
15:47:02.0067 12616  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:47:02.0080 12616  i8042prt - ok
15:47:02.0136 12616  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:47:02.0149 12616  iaStor - ok
15:47:02.0190 12616  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:47:02.0208 12616  iaStorV - ok
15:47:02.0267 12616  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:47:02.0305 12616  idsvc - ok
15:47:02.0574 12616  [ 10BB0DC3361C9420CC1B0B2128BB89DB ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:47:02.0927 12616  igfx - ok
15:47:02.0954 12616  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:47:02.0964 12616  iirsp - ok
15:47:02.0999 12616  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:47:03.0060 12616  IKEEXT - ok
15:47:03.0158 12616  [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:47:03.0261 12616  IntcAzAudAddService - ok
15:47:03.0331 12616  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:47:03.0371 12616  IntcDAud - ok
15:47:03.0398 12616  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:47:03.0409 12616  intelide - ok
15:47:03.0436 12616  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:47:03.0464 12616  intelppm - ok
15:47:03.0493 12616  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:47:03.0544 12616  IPBusEnum - ok
15:47:03.0577 12616  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:47:03.0622 12616  IpFilterDriver - ok
15:47:03.0681 12616  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:47:03.0730 12616  iphlpsvc - ok
15:47:03.0759 12616  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:47:03.0787 12616  IPMIDRV - ok
15:47:03.0809 12616  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:47:03.0858 12616  IPNAT - ok
15:47:03.0927 12616  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:47:03.0961 12616  iPod Service - ok
15:47:03.0989 12616  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:47:04.0065 12616  IRENUM - ok
15:47:04.0092 12616  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:47:04.0102 12616  isapnp - ok
15:47:04.0127 12616  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:47:04.0143 12616  iScsiPrt - ok
15:47:04.0169 12616  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:47:04.0180 12616  kbdclass - ok
15:47:04.0187 12616  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:47:04.0221 12616  kbdhid - ok
15:47:04.0264 12616  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:47:04.0272 12616  kbfiltr - ok
15:47:04.0281 12616  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:47:04.0293 12616  KeyIso - ok
15:47:04.0308 12616  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:47:04.0319 12616  KSecDD - ok
15:47:04.0350 12616  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:47:04.0364 12616  KSecPkg - ok
15:47:04.0391 12616  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:47:04.0426 12616  ksthunk - ok
15:47:04.0481 12616  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:47:04.0544 12616  KtmRm - ok
15:47:04.0579 12616  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:47:04.0588 12616  L1C - ok
15:47:04.0613 12616  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:47:04.0668 12616  LanmanServer - ok
15:47:04.0705 12616  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:47:04.0757 12616  LanmanWorkstation - ok
15:47:04.0810 12616  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:47:04.0862 12616  lltdio - ok
15:47:04.0901 12616  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:47:04.0966 12616  lltdsvc - ok
15:47:04.0993 12616  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:47:05.0030 12616  lmhosts - ok
15:47:05.0109 12616  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:47:05.0124 12616  LMS - ok
15:47:05.0154 12616  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:47:05.0166 12616  LSI_FC - ok
15:47:05.0199 12616  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:47:05.0211 12616  LSI_SAS - ok
15:47:05.0219 12616  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:47:05.0231 12616  LSI_SAS2 - ok
15:47:05.0252 12616  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:47:05.0265 12616  LSI_SCSI - ok
15:47:05.0287 12616  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:47:05.0337 12616  luafv - ok
15:47:05.0369 12616  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:47:05.0387 12616  Mcx2Svc - ok
15:47:05.0401 12616  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:47:05.0412 12616  megasas - ok
15:47:05.0437 12616  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:47:05.0453 12616  MegaSR - ok
15:47:05.0492 12616  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:47:05.0501 12616  MEIx64 - ok
15:47:05.0515 12616  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:47:05.0570 12616  MMCSS - ok
15:47:05.0584 12616  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:47:05.0642 12616  Modem - ok
15:47:05.0679 12616  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:47:05.0706 12616  monitor - ok
15:47:05.0733 12616  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:47:05.0744 12616  mouclass - ok
15:47:05.0765 12616  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\drivers\mouhid.sys
15:47:05.0787 12616  mouhid - ok
15:47:05.0806 12616  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:47:05.0818 12616  mountmgr - ok
15:47:05.0888 12616  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:47:05.0899 12616  MozillaMaintenance - ok
15:47:05.0917 12616  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:47:05.0930 12616  mpio - ok
15:47:05.0944 12616  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:47:05.0996 12616  mpsdrv - ok
15:47:06.0036 12616  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:47:06.0113 12616  MpsSvc - ok
15:47:06.0137 12616  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:47:06.0167 12616  MRxDAV - ok
15:47:06.0208 12616  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:47:06.0247 12616  mrxsmb - ok
15:47:06.0263 12616  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:47:06.0287 12616  mrxsmb10 - ok
15:47:06.0304 12616  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:47:06.0345 12616  mrxsmb20 - ok
15:47:06.0374 12616  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:47:06.0386 12616  msahci - ok
15:47:06.0405 12616  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:47:06.0418 12616  msdsm - ok
15:47:06.0438 12616  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:47:06.0477 12616  MSDTC - ok
15:47:06.0496 12616  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:47:06.0544 12616  Msfs - ok
15:47:06.0571 12616  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:47:06.0614 12616  mshidkmdf - ok
15:47:06.0632 12616  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:47:06.0642 12616  msisadrv - ok
15:47:06.0673 12616  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:47:06.0732 12616  MSiSCSI - ok
15:47:06.0736 12616  msiserver - ok
15:47:06.0767 12616  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:47:06.0811 12616  MSKSSRV - ok
15:47:06.0829 12616  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:47:06.0880 12616  MSPCLOCK - ok
15:47:06.0899 12616  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:47:06.0950 12616  MSPQM - ok
15:47:06.0973 12616  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:47:06.0992 12616  MsRPC - ok
15:47:07.0012 12616  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:47:07.0023 12616  mssmbios - ok
15:47:07.0043 12616  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:47:07.0097 12616  MSTEE - ok
15:47:07.0101 12616  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:47:07.0133 12616  MTConfig - ok
15:47:07.0147 12616  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:47:07.0159 12616  Mup - ok
15:47:07.0189 12616  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:47:07.0244 12616  napagent - ok
15:47:07.0299 12616  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:47:07.0343 12616  NativeWifiP - ok
15:47:07.0398 12616  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:47:07.0440 12616  NDIS - ok
15:47:07.0482 12616  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:47:07.0533 12616  NdisCap - ok
15:47:07.0551 12616  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:47:07.0587 12616  NdisTapi - ok
15:47:07.0602 12616  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:47:07.0647 12616  Ndisuio - ok
15:47:07.0665 12616  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:47:07.0713 12616  NdisWan - ok
15:47:07.0729 12616  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:47:07.0780 12616  NDProxy - ok
15:47:07.0860 12616  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:47:07.0879 12616  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:47:07.0879 12616  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:47:07.0912 12616  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:47:07.0975 12616  NetBIOS - ok
15:47:08.0000 12616  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:47:08.0049 12616  NetBT - ok
15:47:08.0066 12616  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:47:08.0078 12616  Netlogon - ok
15:47:08.0113 12616  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:47:08.0183 12616  Netman - ok
15:47:08.0212 12616  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:47:08.0267 12616  netprofm - ok
15:47:08.0306 12616  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:47:08.0317 12616  NetTcpPortSharing - ok
15:47:08.0339 12616  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:47:08.0350 12616  nfrd960 - ok
15:47:08.0385 12616  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:47:08.0415 12616  NlaSvc - ok
15:47:08.0429 12616  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:47:08.0465 12616  Npfs - ok
15:47:08.0486 12616  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:47:08.0533 12616  nsi - ok
15:47:08.0553 12616  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:47:08.0605 12616  nsiproxy - ok
15:47:08.0673 12616  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:47:08.0744 12616  Ntfs - ok
15:47:08.0773 12616  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:47:08.0828 12616  Null - ok
15:47:08.0861 12616  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:47:08.0874 12616  nvraid - ok
15:47:08.0888 12616  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:47:08.0902 12616  nvstor - ok
15:47:08.0919 12616  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:47:08.0932 12616  nv_agp - ok
15:47:08.0947 12616  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:47:08.0969 12616  ohci1394 - ok
15:47:09.0015 12616  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:47:09.0027 12616  ose - ok
15:47:09.0148 12616  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:47:09.0308 12616  osppsvc - ok
15:47:09.0342 12616  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:47:09.0384 12616  p2pimsvc - ok
15:47:09.0401 12616  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:47:09.0433 12616  p2psvc - ok
15:47:09.0468 12616  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:47:09.0492 12616  Parport - ok
15:47:09.0524 12616  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:47:09.0536 12616  partmgr - ok
15:47:09.0556 12616  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:47:09.0584 12616  PcaSvc - ok
15:47:09.0608 12616  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:47:09.0622 12616  pci - ok
15:47:09.0636 12616  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:47:09.0647 12616  pciide - ok
15:47:09.0665 12616  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:47:09.0679 12616  pcmcia - ok
15:47:09.0696 12616  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:47:09.0708 12616  pcw - ok
15:47:09.0728 12616  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:47:09.0785 12616  PEAUTH - ok
15:47:09.0860 12616  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:47:09.0889 12616  PerfHost - ok
15:47:09.0948 12616  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:47:10.0040 12616  pla - ok
15:47:10.0078 12616  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:47:10.0130 12616  PlugPlay - ok
15:47:10.0195 12616  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:47:10.0213 12616  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:47:10.0213 12616  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:47:10.0242 12616  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:47:10.0273 12616  PNRPAutoReg - ok
15:47:10.0299 12616  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:47:10.0314 12616  PNRPsvc - ok
15:47:10.0341 12616  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:47:10.0393 12616  PolicyAgent - ok
15:47:10.0429 12616  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:47:10.0479 12616  Power - ok
15:47:10.0517 12616  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:47:10.0562 12616  PptpMiniport - ok
15:47:10.0575 12616  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:47:10.0597 12616  Processor - ok
15:47:10.0628 12616  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:47:10.0670 12616  ProfSvc - ok
15:47:10.0685 12616  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:47:10.0697 12616  ProtectedStorage - ok
15:47:10.0730 12616  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:47:10.0783 12616  Psched - ok
15:47:10.0852 12616  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:47:10.0909 12616  ql2300 - ok
15:47:10.0927 12616  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:47:10.0941 12616  ql40xx - ok
15:47:10.0972 12616  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:47:10.0992 12616  QWAVE - ok
15:47:11.0005 12616  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:47:11.0035 12616  QWAVEdrv - ok
15:47:11.0065 12616  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:47:11.0116 12616  RasAcd - ok
15:47:11.0156 12616  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:47:11.0207 12616  RasAgileVpn - ok
15:47:11.0241 12616  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:47:11.0287 12616  RasAuto - ok
15:47:11.0300 12616  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:47:11.0352 12616  Rasl2tp - ok
15:47:11.0383 12616  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:47:11.0427 12616  RasMan - ok
15:47:11.0441 12616  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:47:11.0478 12616  RasPppoe - ok
15:47:11.0508 12616  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:47:11.0569 12616  RasSstp - ok
15:47:11.0596 12616  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:47:11.0644 12616  rdbss - ok
15:47:11.0666 12616  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:47:11.0692 12616  rdpbus - ok
15:47:11.0721 12616  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:47:11.0770 12616  RDPCDD - ok
15:47:11.0790 12616  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:47:11.0836 12616  RDPENCDD - ok
15:47:11.0846 12616  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:47:11.0900 12616  RDPREFMP - ok
15:47:11.0930 12616  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:47:11.0981 12616  RDPWD - ok
15:47:12.0015 12616  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:47:12.0030 12616  rdyboost - ok
15:47:12.0056 12616  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:47:12.0104 12616  RemoteAccess - ok
15:47:12.0143 12616  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:47:12.0192 12616  RemoteRegistry - ok
15:47:12.0236 12616  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:47:12.0262 12616  RFCOMM - ok
15:47:12.0304 12616  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:47:12.0356 12616  RpcEptMapper - ok
15:47:12.0404 12616  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:47:12.0433 12616  RpcLocator - ok
15:47:12.0457 12616  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:47:12.0503 12616  RpcSs - ok
15:47:12.0532 12616  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:47:12.0569 12616  rspndr - ok
15:47:12.0578 12616  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:47:12.0589 12616  SamSs - ok
15:47:12.0612 12616  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:47:12.0624 12616  sbp2port - ok
15:47:12.0647 12616  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:47:12.0687 12616  SCardSvr - ok
15:47:12.0700 12616  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:47:12.0743 12616  scfilter - ok
15:47:12.0781 12616  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:47:12.0860 12616  Schedule - ok
15:47:12.0892 12616  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:47:12.0928 12616  SCPolicySvc - ok
15:47:12.0946 12616  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:47:12.0985 12616  SDRSVC - ok
15:47:13.0056 12616  [ CC781378E7EDA615D2CDCA3B17829FA4 ] SeaPort         C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
15:47:13.0070 12616  SeaPort - ok
15:47:13.0107 12616  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:47:13.0152 12616  secdrv - ok
15:47:13.0184 12616  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:47:13.0236 12616  seclogon - ok
15:47:13.0267 12616  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
15:47:13.0315 12616  SENS - ok
15:47:13.0330 12616  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:47:13.0366 12616  SensrSvc - ok
15:47:13.0398 12616  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:47:13.0416 12616  Serenum - ok
15:47:13.0445 12616  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:47:13.0472 12616  Serial - ok
15:47:13.0502 12616  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:47:13.0528 12616  sermouse - ok
15:47:13.0553 12616  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:47:13.0604 12616  SessionEnv - ok
15:47:13.0621 12616  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:47:13.0643 12616  sffdisk - ok
15:47:13.0647 12616  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:47:13.0669 12616  sffp_mmc - ok
15:47:13.0673 12616  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:47:13.0700 12616  sffp_sd - ok
15:47:13.0710 12616  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:47:13.0729 12616  sfloppy - ok
15:47:13.0781 12616  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:47:13.0817 12616  Sftfs - ok
15:47:13.0886 12616  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:47:13.0904 12616  sftlist - ok
15:47:13.0918 12616  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:47:13.0932 12616  Sftplay - ok
15:47:13.0940 12616  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:47:13.0949 12616  Sftredir - ok
15:47:13.0962 12616  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:47:13.0971 12616  Sftvol - ok
15:47:13.0983 12616  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:47:13.0995 12616  sftvsa - ok
15:47:14.0030 12616  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:47:14.0081 12616  SharedAccess - ok
15:47:14.0117 12616  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:47:14.0173 12616  ShellHWDetection - ok
15:47:14.0218 12616  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
15:47:14.0244 12616  SiSGbeLH - ok
15:47:14.0248 12616  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:47:14.0258 12616  SiSRaid2 - ok
15:47:14.0276 12616  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:47:14.0288 12616  SiSRaid4 - ok
15:47:14.0331 12616  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:47:14.0342 12616  SkypeUpdate - ok
15:47:14.0360 12616  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:47:14.0397 12616  Smb - ok
15:47:14.0440 12616  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:47:14.0471 12616  SNMPTRAP - ok
15:47:14.0488 12616  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:47:14.0498 12616  spldr - ok
15:47:14.0531 12616  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:47:14.0586 12616  Spooler - ok
15:47:14.0668 12616  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:47:14.0807 12616  sppsvc - ok
15:47:14.0825 12616  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:47:14.0876 12616  sppuinotify - ok
15:47:14.0915 12616  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:47:14.0969 12616  srv - ok
15:47:14.0990 12616  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:47:15.0017 12616  srv2 - ok
15:47:15.0039 12616  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:47:15.0065 12616  srvnet - ok
15:47:15.0108 12616  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys
15:47:15.0148 12616  ssadbus - ok
15:47:15.0173 12616  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:47:15.0210 12616  ssadmdfl - ok
15:47:15.0234 12616  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys
15:47:15.0256 12616  ssadmdm - ok
15:47:15.0276 12616  [ D33D1BD3EC0E766211A234F56A12726D ] ssadserd        C:\Windows\system32\DRIVERS\ssadserd.sys
15:47:15.0318 12616  ssadserd - ok
15:47:15.0358 12616  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:47:15.0406 12616  SSDPSRV - ok
15:47:15.0418 12616  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:47:15.0465 12616  SstpSvc - ok
15:47:15.0512 12616  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
15:47:15.0525 12616  ssudmdm - ok
15:47:15.0551 12616  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:47:15.0562 12616  stexstor - ok
15:47:15.0596 12616  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:47:15.0625 12616  StillCam - ok
15:47:15.0673 12616  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:47:15.0711 12616  stisvc - ok
15:47:15.0741 12616  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:47:15.0750 12616  swenum - ok
15:47:15.0774 12616  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:47:15.0835 12616  swprv - ok
15:47:15.0921 12616  [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:47:15.0976 12616  SynTP - ok
15:47:16.0036 12616  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:47:16.0118 12616  SysMain - ok
15:47:16.0132 12616  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:47:16.0165 12616  TabletInputService - ok
15:47:16.0189 12616  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:47:16.0246 12616  TapiSrv - ok
15:47:16.0265 12616  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:47:16.0316 12616  TBS - ok
15:47:16.0383 12616  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:47:16.0455 12616  Tcpip - ok
15:47:16.0515 12616  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:47:16.0554 12616  TCPIP6 - ok
15:47:16.0577 12616  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:47:16.0605 12616  tcpipreg - ok
15:47:16.0639 12616  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:47:16.0665 12616  TDPIPE - ok
15:47:16.0692 12616  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:47:16.0703 12616  TDTCP - ok
15:47:16.0717 12616  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:47:16.0763 12616  tdx - ok
15:47:16.0793 12616  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:47:16.0805 12616  TermDD - ok
15:47:16.0844 12616  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:47:16.0902 12616  TermService - ok
15:47:16.0915 12616  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:47:16.0944 12616  Themes - ok
15:47:16.0960 12616  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:47:16.0996 12616  THREADORDER - ok
15:47:17.0014 12616  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:47:17.0065 12616  TrkWks - ok
15:47:17.0118 12616  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:47:17.0179 12616  TrustedInstaller - ok
15:47:17.0197 12616  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:47:17.0232 12616  tssecsrv - ok
15:47:17.0269 12616  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:47:17.0314 12616  TsUsbFlt - ok
15:47:17.0334 12616  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:47:17.0359 12616  TsUsbGD - ok
15:47:17.0385 12616  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:47:17.0435 12616  tunnel - ok
15:47:17.0455 12616  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:47:17.0467 12616  uagp35 - ok
15:47:17.0486 12616  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:47:17.0543 12616  udfs - ok
15:47:17.0574 12616  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:47:17.0609 12616  UI0Detect - ok
15:47:17.0629 12616  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:47:17.0641 12616  uliagpkx - ok
15:47:17.0676 12616  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:47:17.0704 12616  umbus - ok
15:47:17.0731 12616  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:47:17.0759 12616  UmPass - ok
15:47:17.0865 12616  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:47:17.0956 12616  UNS - ok
15:47:17.0995 12616  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:47:18.0055 12616  upnphost - ok
15:47:18.0102 12616  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:47:18.0130 12616  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
15:47:18.0130 12616  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
15:47:18.0157 12616  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:47:18.0192 12616  usbccgp - ok
15:47:18.0216 12616  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:47:18.0249 12616  usbcir - ok
15:47:18.0264 12616  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:47:18.0293 12616  usbehci - ok
15:47:18.0317 12616  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:47:18.0343 12616  usbhub - ok
15:47:18.0374 12616  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:47:18.0385 12616  usbohci - ok
15:47:18.0428 12616  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:47:18.0450 12616  usbprint - ok
15:47:18.0476 12616  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:47:18.0506 12616  usbscan - ok
15:47:18.0539 12616  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:47:18.0577 12616  USBSTOR - ok
15:47:18.0608 12616  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:47:18.0631 12616  usbuhci - ok
15:47:18.0679 12616  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:47:18.0709 12616  usbvideo - ok
15:47:18.0731 12616  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:47:18.0769 12616  UxSms - ok
15:47:18.0798 12616  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:47:18.0809 12616  VaultSvc - ok
15:47:18.0828 12616  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:47:18.0839 12616  vdrvroot - ok
15:47:18.0867 12616  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:47:18.0929 12616  vds - ok
15:47:18.0956 12616  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:47:18.0971 12616  vga - ok
15:47:18.0982 12616  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:47:19.0018 12616  VgaSave - ok
15:47:19.0036 12616  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:47:19.0051 12616  vhdmp - ok
15:47:19.0066 12616  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:47:19.0077 12616  viaide - ok
15:47:19.0089 12616  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:47:19.0101 12616  volmgr - ok
15:47:19.0123 12616  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:47:19.0140 12616  volmgrx - ok
15:47:19.0179 12616  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:47:19.0195 12616  volsnap - ok
15:47:19.0213 12616  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:47:19.0226 12616  vsmraid - ok
15:47:19.0274 12616  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:47:19.0374 12616  VSS - ok
15:47:19.0385 12616  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:47:19.0414 12616  vwifibus - ok
15:47:19.0427 12616  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:47:19.0458 12616  vwififlt - ok
15:47:19.0479 12616  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:47:19.0533 12616  W32Time - ok
15:47:19.0561 12616  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:47:19.0586 12616  WacomPen - ok
15:47:19.0616 12616  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:47:19.0663 12616  WANARP - ok
15:47:19.0678 12616  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:47:19.0713 12616  Wanarpv6 - ok
15:47:19.0756 12616  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:47:19.0834 12616  wbengine - ok
15:47:19.0846 12616  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:47:19.0878 12616  WbioSrvc - ok
15:47:19.0899 12616  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:47:19.0949 12616  wcncsvc - ok
15:47:19.0970 12616  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:47:20.0013 12616  WcsPlugInService - ok
15:47:20.0036 12616  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:47:20.0047 12616  Wd - ok
15:47:20.0088 12616  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:47:20.0128 12616  Wdf01000 - ok
15:47:20.0145 12616  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:47:20.0234 12616  WdiServiceHost - ok
15:47:20.0237 12616  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:47:20.0255 12616  WdiSystemHost - ok
15:47:20.0288 12616  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:47:20.0326 12616  WebClient - ok
15:47:20.0348 12616  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:47:20.0401 12616  Wecsvc - ok
15:47:20.0419 12616  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:47:20.0471 12616  wercplsupport - ok
15:47:20.0490 12616  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:47:20.0537 12616  WerSvc - ok
15:47:20.0577 12616  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:47:20.0629 12616  WfpLwf - ok
15:47:20.0691 12616  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:47:20.0705 12616  WimFltr - ok
15:47:20.0715 12616  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:47:20.0725 12616  WIMMount - ok
15:47:20.0756 12616  WinDefend - ok
15:47:20.0760 12616  WinHttpAutoProxySvc - ok
15:47:20.0824 12616  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:47:20.0874 12616  Winmgmt - ok
15:47:20.0947 12616  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:47:21.0052 12616  WinRM - ok
15:47:21.0112 12616  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:47:21.0127 12616  WinUsb - ok
15:47:21.0177 12616  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:47:21.0237 12616  Wlansvc - ok
15:47:21.0299 12616  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:47:21.0309 12616  wlcrasvc - ok
15:47:21.0403 12616  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:47:21.0488 12616  wlidsvc - ok
15:47:21.0525 12616  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:47:21.0554 12616  WmiAcpi - ok
15:47:21.0595 12616  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:47:21.0618 12616  wmiApSrv - ok
15:47:21.0648 12616  WMPNetworkSvc - ok
15:47:21.0667 12616  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:47:21.0691 12616  WPCSvc - ok
15:47:21.0708 12616  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:47:21.0724 12616  WPDBusEnum - ok
15:47:21.0751 12616  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:47:21.0796 12616  ws2ifsl - ok
15:47:21.0815 12616  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
15:47:21.0848 12616  wscsvc - ok
15:47:21.0851 12616  WSearch - ok
15:47:21.0932 12616  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:47:22.0020 12616  wuauserv - ok
15:47:22.0037 12616  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:47:22.0079 12616  WudfPf - ok
15:47:22.0111 12616  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:47:22.0142 12616  WUDFRd - ok
15:47:22.0171 12616  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:47:22.0203 12616  wudfsvc - ok
15:47:22.0225 12616  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:47:22.0247 12616  WwanSvc - ok
15:47:22.0267 12616  ================ Scan global ===============================
15:47:22.0298 12616  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:47:22.0329 12616  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:47:22.0339 12616  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
15:47:22.0356 12616  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:47:22.0382 12616  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:47:22.0387 12616  [Global] - ok
15:47:22.0388 12616  ================ Scan MBR ==================================
15:47:22.0406 12616  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:47:22.0805 12616  \Device\Harddisk0\DR0 - ok
15:47:22.0805 12616  ================ Scan VBR ==================================
15:47:22.0808 12616  [ 136C634DCD8797923B6CFE1E927A91A8 ] \Device\Harddisk0\DR0\Partition1
15:47:22.0810 12616  \Device\Harddisk0\DR0\Partition1 - ok
15:47:22.0837 12616  [ A760E7F7DC2D7282072779BD8FFC0AD5 ] \Device\Harddisk0\DR0\Partition2
15:47:22.0840 12616  \Device\Harddisk0\DR0\Partition2 - ok
15:47:22.0841 12616  ============================================================
15:47:22.0841 12616  Scan finished
15:47:22.0841 12616  ============================================================
15:47:22.0849 12188  Detected object count: 4
15:47:22.0849 12188  Actual detected object count: 4
15:48:08.0307 12188  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0307 12188  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:48:08.0307 12188  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0307 12188  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:48:08.0309 12188  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0309 12188  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:48:08.0312 12188  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
15:48:08.0312 12188  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 11.12.2012, 16:00

Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix

Lade dir ComboFix hier herunter auf deinen Desktop.

Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.

Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.

Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.

Wichtiger Hinweis:

Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

_Radieschen · 11.12.2012, 17:37

Das hat gedauert und er hat wohl gelöscht:

Code:

ATTFilter

Combofix Logfile:

	Code: 

 ATTFilter

  
	ComboFix 12-12-10.01 - Anneli 11.12.2012  16:52:59.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4000.1846 [GMT 1:00]
ausgeführt von:: c:\users\Anneli\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
c:\windows\SysWow64\muzapp.exe
D:\install.exe
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-11-11 bis 2012-12-11  ))))))))))))))))))))))))))))))
.
.
2012-12-11 16:06 . 2012-12-11 16:06	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-12-11 11:34 . 2012-12-11 11:34	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0462E329-C79D-4BC8-AFCF-540567003221}\offreg.dll
2012-12-11 11:00 . 2012-11-08 17:24	9125352	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{0462E329-C79D-4BC8-AFCF-540567003221}\mpengine.dll
2012-11-19 15:13 . 2012-07-26 07:46	2560	----a-w-	c:\windows\system32\drivers\de-DE\wdf01000.sys.mui
2012-11-19 15:13 . 2012-07-26 04:55	785512	----a-w-	c:\windows\system32\drivers\Wdf01000.sys
2012-11-19 15:13 . 2012-07-26 04:55	54376	----a-w-	c:\windows\system32\drivers\WdfLdr.sys
2012-11-19 15:13 . 2012-07-26 02:36	9728	----a-w-	c:\windows\system32\Wdfres.dll
2012-11-19 15:04 . 2012-07-26 03:08	84992	----a-w-	c:\windows\system32\WUDFSvc.dll
2012-11-19 15:04 . 2012-07-26 03:08	194048	----a-w-	c:\windows\system32\WUDFPlatform.dll
2012-11-19 15:04 . 2012-07-26 02:26	87040	----a-w-	c:\windows\system32\drivers\WUDFPf.sys
2012-11-19 15:04 . 2012-07-26 02:26	198656	----a-w-	c:\windows\system32\drivers\WUDFRd.sys
2012-11-19 15:04 . 2012-07-26 03:08	229888	----a-w-	c:\windows\system32\WUDFHost.exe
2012-11-19 15:04 . 2012-07-26 03:08	744448	----a-w-	c:\windows\system32\WUDFx.dll
2012-11-19 15:04 . 2012-07-26 03:08	45056	----a-w-	c:\windows\system32\WUDFCoinstaller.dll
2012-11-16 14:43 . 2012-10-09 18:17	55296	----a-w-	c:\windows\system32\dhcpcsvc6.dll
2012-11-16 14:43 . 2012-10-09 18:17	226816	----a-w-	c:\windows\system32\dhcpcore6.dll
2012-11-16 14:43 . 2012-10-09 17:40	44032	----a-w-	c:\windows\SysWow64\dhcpcsvc6.dll
2012-11-16 14:43 . 2012-10-09 17:40	193536	----a-w-	c:\windows\SysWow64\dhcpcore6.dll
2012-11-15 10:39 . 2012-11-15 10:39	--------	d-----w-	c:\program files (x86)\MyFree Codec
2012-11-14 16:28 . 2012-09-20 04:35	203104	----a-w-	c:\windows\system32\drivers\ssudmdm.sys
2012-11-14 16:28 . 2012-09-20 04:35	102368	----a-w-	c:\windows\system32\drivers\ssudbus.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-11 09:12 . 2012-04-13 14:32	697272	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-11 09:12 . 2012-01-12 16:22	73656	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-11-27 18:09 . 2012-01-11 19:29	45056	----a-w-	c:\windows\SysWow64\acovcnt.exe
2012-11-19 15:04 . 2012-01-12 16:36	66395536	----a-w-	c:\windows\system32\MRT.exe
2012-10-16 08:38 . 2012-11-28 14:58	135168	----a-w-	c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-11-28 14:58	350208	----a-w-	c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-11-28 14:58	561664	----a-w-	c:\windows\apppatch\AcLayers.dll
2012-09-14 19:19 . 2012-10-10 17:23	2048	----a-w-	c:\windows\system32\tzres.dll
2012-09-14 18:28 . 2012-10-10 17:23	2048	----a-w-	c:\windows\SysWow64\tzres.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	94208	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-07-13 17418928]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-11-12 968120]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-11-01 577536]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-11-12 1104824]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" [2008-11-03 328992]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 5716608]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-09 2317312]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-08-08 348664]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-11-12 309688]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]
.
c:\users\Anneli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Anneli\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-3 26868192]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 548528]
FancyStart daemon.lnk - c:\windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe [2012-1-12 12862]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2010-5-28 276328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-03-02 183560]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-20 102368]
R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]
R3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM);c:\windows\system32\DRIVERS\ssadserd.sys [2011-06-02 146920]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-20 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2011-08-02 51712]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-09-07 17536]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-08-24 92800]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-12-21 2656280]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-06-02 128488]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-06-02 401896]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 55765195
*NewlyCreated* - ASWMBR
*Deregistered* - 55765195
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2012-12-11 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-13 09:12]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-06-30 04:19	97792	----a-w-	c:\users\Anneli\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-07-28 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-07-28 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-07-28 416024]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 2277480]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\
FF - prefs.js: browser.startup.homepage - www.google.de
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2012-01-12 17:54; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-ASUS_Screensaver - c:\windows\system32\ASUS_Screensaver.scr
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_287.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-12-11  17:35:21
ComboFix-quarantined-files.txt  2012-12-11 16:35
.
Vor Suchlauf: 11 Verzeichnis(se), 78.998.728.704 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 79.566.807.040 Bytes frei
.
- - End Of File - - B73493AF4584A12EFF57A3B2D23B6E53
         
 --- --- ---

cosinus · 11.12.2012, 21:59

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Suche.
Nach Ende des Suchlaufs öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

_Radieschen · 11.12.2012, 22:04

Du bist ja spät noch für andere unterwegs, wahnsinn!

# AdwCleaner v2.100 - Datei am 11/12/2012 um 22:03:33 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Anneli - ANNELI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Anneli\Downloads\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Anneli\Software

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default
Datei : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1359 octets] - [11/12/2012 22:03:33]

########## EOF - C:\AdwCleaner[R1].txt - [1419 octets] ##########

Ah falsch, nochmal

[CODE]

# AdwCleaner v2.100 - Datei am 11/12/2012 um 22:03:33 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Anneli - ANNELI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Anneli\Downloads\adwcleaner.exe
# Option [Suche]

**** [Dienste] ****

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Anneli\Software

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default
Datei : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1359 octets] - [11/12/2012 22:03:33]

########## EOF - C:\AdwCleaner[R1].txt - [1419 octets] ##########

[CODE]

cosinus · 11.12.2012, 22:27

Die CODE-Tags bitte richtig setzen!!

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.

Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].

Setze den Curser zwischen die CODE-Tags und drücke STRG+V.

Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

_Radieschen · 11.12.2012, 22:31

Code:

ATTFilter

# AdwCleaner v2.100 - Datei am 11/12/2012 um 22:03:33 erstellt
# Aktualisiert am 09/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Anneli - ANNELI-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Anneli\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\ProgramData\Partner
Ordner Gefunden : C:\Users\Anneli\Software

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16455

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Profilname : default 
Datei : C:\Users\Anneli\AppData\Roaming\Mozilla\Firefox\Profiles\0l0agoce.default\prefs.js

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1359 octets] - [11/12/2012 22:03:33]

########## EOF - C:\AdwCleaner[R1].txt - [1419 octets] ##########

cosinus · 12.12.2012, 12:20

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Klicke auf Löschen.
Bestätige jeweils mit Ok.
Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
Poste mir den Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

Avira findet TR/Agent.554136

Plagegeister aller Art und deren Bekämpfung: Avira findet TR/Agent.554136