Ordner auf Wechselmedien werden als Verknüpfung angezeigt

Bursa · 13.01.2013, 22:47

Hallo Trojaner Board Team,

Auch ich habe das Problem/Virus das meine Ordner auf den externen Festplatten nur noch als Verknüpfung angezeigt werden. Außerdem wird auch ein Ordner mit dem Namen ''$RECYCLE.BIN'' angezeigt. Zur Zeit kann ich noch auf die Daten zugreifen.

Das Problem ist, das Virus habe ich von einem bekannten abbekommen. also nicht selbst Irgendwie was drauf gemacht habe.

Habe bei Google andere Threats mit diesen Thema gefunden und habe auch schon ein par schritte unternommen bis der schritt kahm wo stand.
"Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren."
Ich hab bei diesen Thread die Lösungsvorschläge angefangen

http://www.trojaner-board.de/106995-...angezeigt.html

Bis zur Nachricht 11 (zweite seite das erste)

danach habe ich aufgehört da ab dann standt "Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!"

Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.13.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
*** :: *** [Administrator]

Schutz: Aktiviert

13.01.2013 19:53:52
MBAM-log-2013-01-13 (21-04-04).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|G:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 619038
Laufzeit: 1 Stunde(n), 8 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

ich hatte zuerst Kaspersky verwendet und suchen lassen daher hat der nix gefunden

Kaspersky die er Gefunden hat Log Datei habe ich nicht hinbekommen

Code:

ATTFilter

jwgkvsq.vmx	Nicht desinfizierte Objekte: Net-Worm.Win32.Kido.ih	12.01.2013 10:59:46	G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\	Desinfektion ist nicht möglich	Untersuchung des Computers	
jwgkvsq.vmx	Nicht desinfizierte Objekte: Net-Worm.Win32.Kido.ih	12.01.2013 09:41:40	G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\	Zurückgestellt	Untersuchung des Computers	
894133bf.exe	Nicht desinfizierte Objekte: Trojan.Win32.VBKrypt.eztd	12.01.2013 09:41:40	G:\RECYCLER\	Zurückgestellt	Untersuchung des Computers	
Total.Recall.2012.BDRiP.LD.German.iNTERNAL.XViD-Pleaders.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:38	G:\	Zurückgestellt	Untersuchung des Computers	
ZAMAN Gazetesi.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:38	G:\	Zurückgestellt	Untersuchung des Computers	
System Volume Information.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Spiele.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Programme.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Pictures.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Musik.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Deskop.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
dOKUMENT.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Eigene Bilder.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
$RECYCLE.BIN.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Documents.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers	
Prison Break.lnk	Nicht desinfizierte Objekte: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\	Zurückgestellt	Untersuchung des Computers

Eset

Code:

ATTFilter

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK

OTL

Code:

ATTFilter

OTL logfile created on: 13.01.2013 18:41:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\MAY\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16453)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 6,73 Gb Available Physical Memory | 84,25% Memory free
16,97 Gb Paging File | 15,62 Gb Available in Paging File | 92,01% Paging File free
Paging file location(s): c:\pagefile.sys 4603 4603d:\pagef [Binary data over 200 bytes]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 275,10 Gb Total Space | 129,85 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Drive D: | 183,40 Gb Total Space | 3,63 Gb Free Space | 1,98% Space Free | Partition Type: NTFS
Drive G: | 596,17 Gb Total Space | 68,23 Gb Free Space | 11,45% Space Free | Partition Type: NTFS
 
Computer Name: MSI | User Name: MAY | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\MAY\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe (Microsoft Corporation.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\dblite.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BBSvc.exe (Microsoft Corporation.)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (ZuneWlanCfgSvc) -- C:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programme\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (klwfp) -- C:\Windows\SysNative\Drivers\klwfp.sys (Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\Drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\Drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\Drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\Drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\Drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\Drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (klelam) -- C:\Windows\SysNative\Drivers\klelam.sys (Kaspersky Lab)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (xusb22) -- C:\Windows\SysNative\Drivers\xusb22.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\Drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\Drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\Drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\Drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (johci) -- C:\Windows\SysNative\Drivers\johci.sys (JMicron )
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\Drivers\PxHlpa64.sys (Sonic Solutions)
DRV - (NTIOLib_1_0_4) -- C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys (MSI)
DRV - (MSI_MSIBIOS_010507) -- C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys (Your Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}: "URL" = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10025&barid={8ED85C9F-43AD-11E2-BE67-002421F5267C}
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B5 8A 75 D6 B5 D7 CD 01  [binary data]
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-116789097-1075489374-2002913999-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}: C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2012.12.13 22:48:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013.01.13 12:17:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013.01.13 12:17:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\content_blocker@kaspersky.com [2013.01.13 12:17:21 | 000,000,000 | ---D | M]
 
 
O1 HOSTS File: ([2012.04.30 17:45:32 | 000,000,854 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 activate.adobe.com
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (SweetPacks Browser Helper) - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (SweetPacks Toolbar for Internet Explorer) - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AdobeCS5ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\runner_avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (SweetIM Technologies Ltd.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKU\S-1-5-21-116789097-1075489374-2002913999-1001..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AB9394BB-1FB9-454B-9419-797956DD7DB6}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BC5E0BB9-5131-4A1D-8EF2-CD8B3637BBE1}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootMin:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootMin:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootMin:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootMin:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: TBS - Service
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: TBS - Service
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootMin: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: BasicDisplay.sys - C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
SafeBootNet:64bit: BasicRender.sys - C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: BrokerInfrastructure - C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SafeBootNet:64bit: EFS - C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: KeyIso - C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SafeBootNet:64bit: LSM - C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Netlogon - C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SafeBootNet:64bit: netprofm - C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdpencdd.sys - Driver
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: SmartcardSimulator - Driver
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TBS - Service
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: VaultSvc - C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: VirtualSmartcardReader - Driver
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: Wcmsvc - C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet:64bit: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdpencdd.sys - Driver
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: SmartcardSimulator - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TBS - Service
SafeBootNet: TDI - Driver Group
SafeBootNet: VirtualSmartcardReader - Driver
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {9DA2B80F-F89F-4A49-A5C2-511B085B9E8A} - Enhanced Storage Devices
SafeBootNet: {A0A588A4-C46F-4B37-B7EA-C82FE89870C6} - SDA Standard Compliant SD Host Controller
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {74166507-F39E-305E-A972-2C3478E47350} - .NET Framework
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U %SystemRoot%\System32\shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {3A8403F3-90B5-35DC-8926-EB9B907209F9} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - 
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.13 13:18:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.01.12 21:14:44 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.01.12 20:48:34 | 000,000,000 | ---D | C] -- C:\Users\MAY\Desktop\Filme
[2013.01.11 23:50:45 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013.01.11 23:50:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.01.11 23:50:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.01.11 23:49:58 | 000,612,696 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.01.11 23:49:58 | 000,089,944 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys
[2013.01.11 23:37:35 | 000,000,000 | ---D | C] -- C:\ProgramData\WEBREG
[2013.01.11 23:35:27 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\HP
[2013.01.11 23:35:26 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Local\HP
[2013.01.11 23:24:02 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\spool
[2013.01.11 23:22:06 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\HpUpdate
[2013.01.11 23:20:29 | 000,000,000 | ---D | C] -- C:\ProgramData\HP Product Assistant
[2013.01.11 23:19:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2013.01.11 23:17:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\HP
[2013.01.11 23:16:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Hewlett-Packard
[2013.01.11 23:14:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HP
[2013.01.11 23:14:48 | 000,000,000 | -H-D | C] -- C:\Config.Msi
[2013.01.11 23:12:08 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2013.01.11 23:11:46 | 002,398,112 | ---- | C] (Hewlett Packard) -- C:\Windows\SysNative\hppldcoi.dll
[2013.01.11 14:29:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Live Add-in
[2013.01.11 14:29:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft
[2013.01.11 14:15:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JMicron
[2013.01.10 22:29:23 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Local\Apps
[2013.01.10 10:58:49 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\dvdcss
[2013.01.03 21:29:14 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Local\Apple Computer
[2013.01.03 21:29:13 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\Apple Computer
[2013.01.03 21:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.03 21:28:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2013.01.03 21:27:58 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.03 21:27:57 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.03 21:27:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.01.03 21:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.01.03 21:27:57 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.01.03 21:27:02 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Local\Apple
[2013.01.03 21:27:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.01.03 21:26:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2013.01.03 21:26:32 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2013.01.03 21:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2013.01.03 21:26:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.01.03 21:26:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2012.12.26 19:43:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
[2012.12.26 19:43:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSI
[2012.12.26 19:27:02 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2012.12.26 19:26:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2012.12.26 19:26:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2012.12.26 19:15:17 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
[2012.12.26 12:29:54 | 000,000,000 | ---D | C] -- C:\Users\MAY\Desktop\yolculuk
[2012.12.20 22:43:22 | 000,000,000 | ---D | C] -- C:\Users\MAY\Application Data
[2012.12.18 18:55:07 | 000,283,200 | ---- | C] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.12.18 18:55:02 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\DAEMON Tools Lite
[2012.12.18 18:54:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2012.12.18 18:54:21 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2012.12.18 17:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2012.12.18 17:24:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2012.12.18 17:24:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2012.12.18 17:24:21 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Local\Google
[2012.12.18 17:17:20 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.12.18 17:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2012.12.18 17:14:57 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2012.12.18 17:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2012.12.18 17:11:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\XPSViewer
[2012.12.18 17:11:44 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2012.12.18 17:11:43 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2012.12.18 16:39:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2012.12.16 00:52:42 | 000,000,000 | ---D | C] -- C:\Users\MAY\AppData\Roaming\vlc
[2012.12.15 22:26:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2012.12.15 22:26:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2012.12.15 19:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1986-12.com.adobe
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.13 18:44:05 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.13 18:44:05 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.13 18:44:05 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.13 18:44:05 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.13 18:44:05 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.13 18:38:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.13 18:37:11 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.13 18:36:35 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.01.13 18:36:31 | 2561,933,311 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.13 18:29:02 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.13 12:17:18 | 000,048,472 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klwfp.sys
[2013.01.13 12:17:18 | 000,029,528 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klmouflt.sys
[2013.01.13 12:17:18 | 000,029,016 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klkbdflt.sys
[2013.01.13 12:17:17 | 000,612,696 | ---- | M] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.01.12 21:14:34 | 630,474,799 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.12 00:37:56 | 000,007,614 | ---- | M] () -- C:\Users\MAY\AppData\Local\Resmon.ResmonCfg
[2013.01.11 23:50:45 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk
[2013.01.11 23:46:48 | 004,984,432 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.11 23:37:27 | 000,218,134 | ---- | M] () -- C:\Windows\hpoins19.dat
[2013.01.11 23:22:41 | 000,002,109 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.01.05 10:45:01 | 000,001,049 | ---- | M] () -- C:\Users\MAY\Desktop\Prison Break - Verknüpfung.lnk
[2012.12.30 22:53:15 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2012.12.29 11:34:47 | 000,017,266 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2012.12.18 18:55:07 | 000,283,200 | ---- | M] (DT Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2012.12.15 18:47:30 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012.12.15 18:47:21 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf
 
========== Files Created - No Company Name ==========
 
[2013.01.12 21:14:34 | 630,474,799 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.01.11 23:51:56 | 000,001,298 | ---- | C] () -- C:\Users\MAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2013.lnk
[2013.01.11 23:50:54 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Anti-Virus 2013.lnk
[2013.01.11 23:46:21 | 004,984,432 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.11 23:22:41 | 000,002,109 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.01.11 23:21:54 | 000,001,060 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\I.R.I.S. OCR-Registrierung.lnk
[2013.01.11 23:13:30 | 000,218,134 | ---- | C] () -- C:\Windows\hpoins19.dat
[2013.01.11 23:13:30 | 000,015,561 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2013.01.11 23:12:05 | 003,867,040 | ---- | C] () -- C:\Windows\SysNative\PortChanger.exe
[2013.01.10 14:13:30 | 000,110,592 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2013.01.10 14:13:30 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.01.05 10:45:01 | 000,001,049 | ---- | C] () -- C:\Users\MAY\Desktop\Prison Break - Verknüpfung.lnk
[2013.01.03 21:27:01 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2012.12.30 22:53:15 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2012.12.28 01:20:28 | 000,000,824 | ---- | C] () -- C:\Users\MAY\Desktop\hosts
[2012.12.28 00:28:44 | 000,007,614 | ---- | C] () -- C:\Users\MAY\AppData\Local\Resmon.ResmonCfg
[2012.12.18 17:24:28 | 000,001,112 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.18 17:24:23 | 000,001,108 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.18 16:58:48 | 000,385,604 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2012.12.15 18:47:30 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012.12.15 18:47:21 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_winusb_01009.Wdf
[2012.08.10 09:55:05 | 000,000,600 | ---- | C] () -- C:\Users\MAY\PUTTY.RND
[2012.07.26 09:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 09:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 08:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 02:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 21:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 21:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 15:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.11.06 05:19:27 | 019,789,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.11.06 05:20:00 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 04:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 04:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 04:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.18 18:55:02 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\DAEMON Tools Lite
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.12.13 23:07:26 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\Adobe
[2013.01.03 21:29:31 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\Apple Computer
[2012.12.18 18:55:02 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\DAEMON Tools Lite
[2013.01.10 10:58:49 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\dvdcss
[2013.01.11 23:37:35 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\HP
[2013.01.11 23:22:06 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\HpUpdate
[2012.12.11 16:41:08 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\Macromedia
[2013.01.03 21:12:28 | 000,000,000 | --SD | M] -- C:\Users\MAY\AppData\Roaming\Microsoft
[2013.01.10 22:39:44 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\vlc
[2012.12.13 22:15:51 | 000,000,000 | ---D | M] -- C:\Users\MAY\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012.12.13 22:33:44 | 000,038,784 | ---- | M] () -- C:\Users\MAY\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
[2012.12.13 22:41:27 | 000,010,134 | R--- | M] () -- C:\Users\MAY\AppData\Roaming\Microsoft\Installer\{024521CF-C07E-4F8E-8481-0D75695E03AF}\ARPPRODUCTICON.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 07:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2012.07.26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\drivers\AGP440.sys
[2012.07.26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_81a4c6c9cc9d86a0\AGP440.sys
[2012.07.26 06:00:49 | 000,063,216 | ---- | M] (Microsoft Corporation) MD5=01590377A5AB19E792528C628A2A68F9 -- C:\Windows\WinSxS\amd64_machine.inf_31bf3856ad364e35_6.2.9200.16384_none_12dc94a048750f71\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2012.07.26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\drivers\atapi.sys
[2012.07.26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_69660e2be041f47b\atapi.sys
[2012.07.26 06:00:48 | 000,025,840 | ---- | M] (Microsoft Corporation) MD5=A721FF570C2387E383BDDEA9632863C9 -- C:\Windows\WinSxS\amd64_mshdc.inf_31bf3856ad364e35_6.2.9200.16384_none_3601cf7eab4e0493\atapi.sys
 
< MD5 for: IASTORV.SYS  >
[2012.07.26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2012.07.26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_819876bbe5c3b25f\iaStorV.sys
[2012.07.26 06:00:52 | 000,411,888 | ---- | M] (Intel Corporation) MD5=5E394EBD26FD68AA9300332C46BEDD62 -- C:\Windows\WinSxS\amd64_iastorv.inf_31bf3856ad364e35_6.2.9200.16384_none_07daf9dd118c3086\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2012.07.26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\SysWOW64\netlogon.dll
[2012.07.26 04:19:22 | 000,634,368 | ---- | M] (Microsoft Corporation) MD5=EEF9DA64D7B1DD51FB8AB9EFCC560E3E -- C:\Windows\WinSxS\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_60d608f9f61ee049\netlogon.dll
[2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\SysNative\netlogon.dll
[2012.07.26 04:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) MD5=FDC70965F0FC9DFEBC919627DED5DDFF -- C:\Windows\WinSxS\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.2.9200.16384_none_56815ea7c1be1e4e\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2012.07.26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2012.07.26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_7ba65ba4b222e751\nvstor.sys
[2012.07.26 06:00:55 | 000,168,176 | ---- | M] (NVIDIA Corporation) MD5=27AFC428D1D32ABD04A86763A4EDDEA9 -- C:\Windows\WinSxS\amd64_nvraid.inf_31bf3856ad364e35_6.2.9200.16384_none_92a46a8c48c2da5e\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2012.07.26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\SysNative\scecli.dll
[2012.07.26 04:07:07 | 000,224,768 | ---- | M] (Microsoft Corporation) MD5=4F6E1CA672370A9BCAC049CE3AB7F666 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_90d789c062dfa509\scecli.dll
[2012.07.26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\SysWOW64\scecli.dll
[2012.07.26 04:19:52 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=B95DC83FF580DD92F487C2F4D0854B6A -- C:\Windows\WinSxS\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.2.9200.16384_none_9b2c341297406704\scecli.dll
 
< MD5 for: USER32.DLL  >
[2012.07.26 04:07:39 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=1D08594400EE1B500B93256795FE30AE -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_260213a5f720b529\user32.dll
[2012.09.20 05:09:35 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=7A4FD11444ABFA9C5D3E17123ABBD8A4 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_311e3b534471206a\user32.dll
[2012.07.26 01:02:48 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=8A93F57772FD24959F76A65FF79D282D -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16384_none_3056bdf82b817724\user32.dll
[2012.09.20 07:33:05 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=A99AD14F26BDA7D7F27F76BC91B7EED7 -- C:\Windows\SysNative\user32.dll
[2012.09.20 07:33:05 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=A99AD14F26BDA7D7F27F76BC91B7EED7 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_263ef3ebf6f3a54e\user32.dll
[2012.09.20 07:32:34 | 001,342,464 | ---- | M] (Microsoft Corporation) MD5=AC192A41414561DA0CABD0D36F54FB22 -- C:\Windows\WinSxS\amd64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.20521_none_26c9910110105e6f\user32.dll
[2012.09.20 05:10:09 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=BA1C3ACD929A71E88B49C2B6E38F92B3 -- C:\Windows\SysWOW64\user32.dll
[2012.09.20 05:10:09 | 001,126,912 | ---- | M] (Microsoft Corporation) MD5=BA1C3ACD929A71E88B49C2B6E38F92B3 -- C:\Windows\WinSxS\wow64_microsoft-windows-user32_31bf3856ad364e35_6.2.9200.16420_none_30939e3e2b546749\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2012.07.26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\SysNative\userinit.exe
[2012.07.26 04:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
[2012.07.26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
[2012.07.26 04:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2012.07.26 04:08:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\Windows\SysNative\wininit.exe
[2012.07.26 04:08:50 | 000,132,608 | ---- | M] (Microsoft Corporation) MD5=FE9AB232B56A12224E8A3F3F9878C9A3 -- C:\Windows\WinSxS\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.2.9200.16384_none_89bc60338e14dc99\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.09.20 07:33:55 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=1F84B5F8DBDFFD36DF143C61CE25F12A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2012.09.20 07:33:17 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=6522E98C94A2A81AE11EB66D2AF5743A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2012.07.26 04:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2012.10.11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\SysNative\winlogon.exe
[2012.10.11 06:46:58 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=BCF2036A0DD579E47C008C133550283E -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
[2012.10.11 06:45:27 | 000,517,120 | ---- | M] (Microsoft Corporation) MD5=CBFD56B4EC07CB056A6ABD55DD33671F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2012.07.26 03:29:29 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=58D492F986EC519ECDD54D93618758F8 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.2.9200.16384_none_a85048395191dc38\ws2ifsl.sys
[2012.09.20 07:09:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=BC8B5CB336E63BB25EAD1CE8EDD34B81 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2012.09.20 07:09:50 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=BC8B5CB336E63BB25EAD1CE8EDD34B81 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.2.9200.16420_none_a88d287f5164cc5d\ws2ifsl.sys
[2012.09.20 07:08:25 | 000,022,528 | ---- | M] (Microsoft Corporation) MD5=FC56FEC8FB233ABC32D110D031CBC8B0 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.2.9200.20521_none_a917c5946a81857e\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
[2012.07.26 04:18:23 | 000,358,400 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtmsft.dll
[2012.07.26 04:18:24 | 000,226,816 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\dxtrans.dll

< End of report >

Bitte um eure Mithilfe da ich anstehe und die Daten dringend benötige!!
Bis zum 11 schritt habe ich alles gemacht wie es in dem anderen Thread steht

Status ist auch so das die Ordner jetzt auch wieder angezeigt werden zwar versteckt aber wieder angezeigt
Ich hoffe hab keinen Fehler gemacht das die Sache erschwert

Vielen Dank im Voraus
Bursa

cosinus · 14.01.2013, 10:59

Zitat:

64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation

Warum bitte eine Professional Edition für Windows? Wer braucht das als Heimanwender?
Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?

Bursa · 14.01.2013, 11:08

also da gabs ja das angebot von microsoft für 30 euro win. 8
sonst hatte ich davor win 7, Standard vom hersteller drauf gewesen

cosinus · 14.01.2013, 11:16

ESET hast du wahrscheinlich falsch ausgeführt....das Log ist unbrauchbar
Hatte es was gefunden?

Bursa · 14.01.2013, 11:20

Nein hatte es nicht,
Hatte aber ja wie ich erwähnt hatte zuerst kaspersky laufen lassen der hatte einiges gefunden gehabt speziel jetzt auf der externen

cosinus · 14.01.2013, 11:44

Waren das die einzigen Funde von Kaspersky?

Code:

ATTFilter

Total.Recall.2012.BDRiP.LD.German.iNTERNAL.XViD-Pleaders.lnk

Normalweise sag ich ja nichts wenn ich Filme oder Musik in den Logs sehe, aber dir ist bewusst, dass du massiv Ärger bekommen kannst wenn du Filme aus illegalen Quellen ziehst zb via torrent?

Bursa · 14.01.2013, 12:09

Code:

ATTFilter

jwgkvsq.vmx	Gefunden: Net-Worm.Win32.Kido.ih	12.01.2013 10:59:46	G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\		Untersuchung des Computers	
jwgkvsq.vmx	Gefunden: Net-Worm.Win32.Kido.ih	12.01.2013 09:41:40	G:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\		Untersuchung des Computers	
894133bf.exe	Gefunden: Trojan.Win32.VBKrypt.eztd	12.01.2013 10:59:42	G:\RECYCLER\		Untersuchung des Computers	
894133bf.exe	Gefunden: Trojan.Win32.VBKrypt.eztd	12.01.2013 09:41:39	G:\RECYCLER\		Untersuchung des Computers	
ZAMAN Gazetesi.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Total.Recall.2012.BDRiP.LD.German.iNTERNAL.XViD-Pleaders.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
System Volume Information.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Spiele.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Programme.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Prison Break.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Pictures.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Musik.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
dOKUMENT.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Eigene Bilder.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
$RECYCLE.BIN.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:37	G:\		Untersuchung des Computers	
Deskop.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:36	G:\		Untersuchung des Computers	
Documents.lnk	Gefunden: Worm.Win32.AutoRun.hxw	12.01.2013 08:48:36	G:\		Untersuchung des Computers

hab anscheinend zwei übersehen jetzt müsten es alle sein kaspersky komme ich nicht so gut klar hab es seit zwei tagen quasi hab davor avira benutzt hab aber bemerkt das der nix bringt :-( leider

die andere Sache ich mach nix selber nimm nur wenn kolegen was haben

cosinus · 14.01.2013, 12:40

Bevor wir uns an die weitere Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Entpacke das Archiv auf deinem Desktop.
Im neu erstellten Ordner starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Bursa · 14.01.2013, 15:57

hab zweimal veruscht kein ergebniss nix gefunden haba uch wie Anleitung aktualisiert

Versuch 1

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.14.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
*** :: *** [administrator]

14.01.2013 15:45:18
mbar-log-2013-01-14 (15-45-18).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30912
Time elapsed: 11 minute(s), 17 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org

Database version: v2013.01.14.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16466
*** :: *** [administrator]

14.01.2013 14:23:47
mbar-log-2013-01-14 (14-23-47).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 30939
Time elapsed: 13 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
(No malicious items detected)
(end)

was nun hab ich ein Fehler gemacht

ich lass jetzt mal vorsichtshalber das 3. mal Durchgucken aber mache mir keine Hoffnung

cosinus · 14.01.2013, 15:59

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Bursa · 14.01.2013, 21:22

Hab ein Problem der aswmbr funktioniert nicht bei mir
da steht was nach dem Motto das ich mich an den Software Hersteller wenden soll für ne geeignete Version für mein PC
zu erst hat er es als schadsoftware auch erkannt ich habe trotzdem ausführen gesagt hat danach diese Fehlermeldung gemacht

cosinus · 14.01.2013, 22:22

Anleitungen bitte komplett lesen
Ich hab extra einen Hinweis deswegen zu aswMBR gepostet

Bursa · 15.01.2013, 12:08

habs nochmal versucht auch neu runtergeladen leider klappt es nicht bricht immer wieder ab gibs ne Möglichkeit es neu zu installieren so das er auch neu runterlädt die benötigten Dateien den er übernimmt immer alles von dem Download vorher kann sein das da ein Fehler ist

ich hab auch bei diese Einstellung verändert wie es im Hinweis steht macht auch da Probleme

cosinus · 15.01.2013, 12:24

Dann bitte nur den TDSS-Killer ausführen

Bursa · 15.01.2013, 16:06

Ich hoffe ich hab kein fehler gemacht, und ist der richtige Bericht den du haben wolltest

Code:

ATTFilter

14:23:40.0238 5464  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
14:23:40.0363 5464  ============================================================
14:23:40.0363 5464  Current date / time: 2013/01/15 14:23:40.0363
14:23:40.0363 5464  SystemInfo:
14:23:40.0363 5464  
14:23:40.0363 5464  OS Version: 6.2.9200 ServicePack: 0.0
14:23:40.0363 5464  Product type: Workstation
14:23:40.0363 5464  ComputerName: ***	
14:23:40.0363 5464  UserName: ***
14:23:40.0363 5464  Windows directory: C:\Windows
14:23:40.0363 5464  System windows directory: C:\Windows
14:23:40.0363 5464  Running under WOW64
14:23:40.0363 5464  Processor architecture: Intel x64
14:23:40.0363 5464  Number of processors: 8
14:23:40.0363 5464  Page size: 0x1000
14:23:40.0363 5464  Boot type: Normal boot
14:23:40.0363 5464  ============================================================
14:23:41.0345 5464  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:23:41.0361 5464  Drive \Device\Harddisk1\DR2 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:23:44.0497 5464  ============================================================
14:23:44.0497 5464  \Device\Harddisk0\DR0:
14:23:44.0497 5464  MBR partitions:
14:23:44.0497 5464  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xE84800, BlocksNum 0x22634000
14:23:44.0497 5464  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x234B8800, BlocksNum 0x16ECD000
14:23:44.0497 5464  \Device\Harddisk1\DR2:
14:23:44.0497 5464  MBR partitions:
14:23:44.0497 5464  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x4A857000
14:23:44.0497 5464  ============================================================
14:23:44.0543 5464  C: <-> \Device\Harddisk0\DR0\Partition1
14:23:44.0575 5464  D: <-> \Device\Harddisk0\DR0\Partition2
14:23:44.0621 5464  G: <-> \Device\Harddisk1\DR2\Partition1
14:23:44.0621 5464  ============================================================
14:23:44.0621 5464  Initialize success
14:23:44.0621 5464  ============================================================
14:24:49.0206 5580  ============================================================
14:24:49.0206 5580  Scan started
14:24:49.0206 5580  Mode: Manual; SigCheck; TDLFS; 
14:24:49.0206 5580  ============================================================
14:24:51.0094 5580  ================ Scan system memory ========================
14:24:51.0094 5580  System memory - ok
14:24:51.0094 5580  ================ Scan services =============================
14:24:51.0312 5580  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
14:24:51.0390 5580  1394ohci - ok
14:24:51.0437 5580  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
14:24:51.0452 5580  3ware - ok
14:24:51.0530 5580  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:24:51.0546 5580  ACPI - ok
14:24:51.0608 5580  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
14:24:51.0624 5580  acpiex - ok
14:24:51.0655 5580  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
14:24:51.0686 5580  acpipagr - ok
14:24:51.0686 5580  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
14:24:51.0718 5580  AcpiPmi - ok
14:24:51.0733 5580  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
14:24:51.0749 5580  acpitime - ok
14:24:51.0780 5580  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:24:51.0796 5580  adp94xx - ok
14:24:51.0811 5580  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:24:51.0842 5580  adpahci - ok
14:24:51.0858 5580  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:24:51.0874 5580  adpu320 - ok
14:24:51.0936 5580  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:24:51.0967 5580  AeLookupSvc - ok
14:24:52.0014 5580  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
14:24:52.0045 5580  AFD - ok
14:24:52.0092 5580  [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
14:24:52.0154 5580  AgereSoftModem - ok
14:24:52.0186 5580  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:24:52.0186 5580  agp440 - ok
14:24:52.0232 5580  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
14:24:52.0264 5580  ALG - ok
14:24:52.0295 5580  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
14:24:52.0326 5580  AllUserInstallAgent - ok
14:24:52.0373 5580  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
14:24:52.0404 5580  AmdK8 - ok
14:24:52.0420 5580  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
14:24:52.0466 5580  AmdPPM - ok
14:24:52.0498 5580  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:24:52.0498 5580  amdsata - ok
14:24:52.0529 5580  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:24:52.0544 5580  amdsbs - ok
14:24:52.0560 5580  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:24:52.0576 5580  amdxata - ok
14:24:52.0591 5580  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
14:24:52.0622 5580  AppID - ok
14:24:52.0638 5580  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:24:52.0669 5580  AppIDSvc - ok
14:24:52.0685 5580  [ D64C4AFEE8277F35EF729A2B924666B0 ] Appinfo         C:\Windows\System32\appinfo.dll
14:24:52.0700 5580  Appinfo - ok
14:24:52.0810 5580  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:24:52.0825 5580  Apple Mobile Device - ok
14:24:52.0856 5580  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:24:52.0919 5580  AppMgmt - ok
14:24:52.0919 5580  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
14:24:52.0934 5580  arc - ok
14:24:52.0966 5580  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:24:52.0981 5580  arcsas - ok
14:24:52.0981 5580  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:24:53.0012 5580  AsyncMac - ok
14:24:53.0028 5580  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
14:24:53.0028 5580  atapi - ok
14:24:53.0075 5580  [ 810ED88782952228AF9C0985FB7D259E ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
14:24:53.0106 5580  AudioEndpointBuilder - ok
14:24:53.0168 5580  [ 25CA8B87479A374919563B3EE7136F32 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
14:24:53.0215 5580  Audiosrv - ok
14:24:53.0278 5580  [ 587EFD6A3A30A35A27904D21AE1FB882 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
14:24:53.0293 5580  AVP - ok
14:24:53.0371 5580  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:24:53.0434 5580  AxInstSV - ok
14:24:53.0480 5580  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:24:53.0496 5580  b06bdrv - ok
14:24:53.0527 5580  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
14:24:53.0543 5580  BasicDisplay - ok
14:24:53.0574 5580  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
14:24:53.0590 5580  BasicRender - ok
14:24:53.0668 5580  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
14:24:53.0683 5580  BBSvc - ok
14:24:53.0683 5580  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
14:24:53.0699 5580  BBUpdate - ok
14:24:53.0730 5580  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:24:53.0777 5580  BDESVC - ok
14:24:53.0777 5580  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:24:53.0808 5580  Beep - ok
14:24:53.0839 5580  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
14:24:53.0886 5580  BFE - ok
14:24:53.0948 5580  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
14:24:53.0980 5580  BITS - ok
14:24:54.0058 5580  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:24:54.0073 5580  Bonjour Service - ok
14:24:54.0104 5580  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:24:54.0136 5580  bowser - ok
14:24:54.0167 5580  [ 975398A3D2C1FEA73FC93931978DF354 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
14:24:54.0182 5580  BrokerInfrastructure - ok
14:24:54.0214 5580  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
14:24:54.0245 5580  Browser - ok
14:24:54.0276 5580  [ 3AA4309EBD9491E516F13FE3DC752FEE ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
14:24:54.0307 5580  BthAvrcpTg - ok
14:24:54.0354 5580  [ 6AB44FF15F12E2CADABA3B8E9B2FBEB8 ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
14:24:54.0385 5580  BthEnum - ok
14:24:54.0416 5580  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
14:24:54.0448 5580  BthHFEnum - ok
14:24:54.0479 5580  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
14:24:54.0494 5580  bthhfhid - ok
14:24:54.0526 5580  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
14:24:54.0541 5580  BTHMODEM - ok
14:24:54.0572 5580  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
14:24:54.0604 5580  BthPan - ok
14:24:54.0635 5580  [ CFD630EA8B3F593FFA0030FD53BA7908 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
14:24:54.0666 5580  BTHPORT - ok
14:24:54.0697 5580  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
14:24:54.0713 5580  bthserv - ok
14:24:54.0728 5580  [ 69C903C026CB675E234F4A7C951FD722 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
14:24:54.0744 5580  BTHUSB - ok
14:24:54.0760 5580  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:24:54.0775 5580  cdfs - ok
14:24:54.0806 5580  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
14:24:54.0822 5580  cdrom - ok
14:24:54.0838 5580  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
14:24:54.0869 5580  CertPropSvc - ok
14:24:54.0884 5580  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
14:24:54.0916 5580  circlass - ok
14:24:54.0931 5580  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
14:24:54.0947 5580  CLFS - ok
14:24:54.0962 5580  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
14:24:54.0994 5580  CmBatt - ok
14:24:55.0025 5580  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
14:24:55.0056 5580  CNG - ok
14:24:55.0072 5580  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
14:24:55.0150 5580  CompositeBus - ok
14:24:55.0150 5580  COMSysApp - ok
14:24:55.0165 5580  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
14:24:55.0181 5580  condrv - ok
14:24:55.0212 5580  [ F0E78B119D12BA81F163D48C0FF30B9A ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:24:55.0243 5580  CryptSvc - ok
14:24:55.0274 5580  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\Windows\system32\drivers\csc.sys
14:24:55.0306 5580  CSC - ok
14:24:55.0352 5580  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\Windows\System32\cscsvc.dll
14:24:55.0415 5580  CscService - ok
14:24:55.0446 5580  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
14:24:55.0462 5580  dam - ok
14:24:55.0493 5580  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:24:55.0524 5580  DcomLaunch - ok
14:24:55.0571 5580  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
14:24:55.0602 5580  defragsvc - ok
14:24:55.0649 5580  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
14:24:55.0680 5580  DeviceAssociationService - ok
14:24:55.0711 5580  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
14:24:55.0758 5580  DeviceInstall - ok
14:24:55.0789 5580  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
14:24:55.0820 5580  Dfsc - ok
14:24:55.0852 5580  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:24:55.0867 5580  Dhcp - ok
14:24:55.0914 5580  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
14:24:55.0945 5580  discache - ok
14:24:55.0945 5580  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
14:24:55.0961 5580  disk - ok
14:24:55.0992 5580  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
14:24:56.0023 5580  dmvsc - ok
14:24:56.0055 5580  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:24:56.0070 5580  Dnscache - ok
14:24:56.0117 5580  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
14:24:56.0132 5580  dot3svc - ok
14:24:56.0164 5580  [ 27069CFFF29B7F04F4B1BB10154BE52B ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:24:56.0179 5580  dot4 - ok
14:24:56.0226 5580  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
14:24:56.0226 5580  Dot4Print - ok
14:24:56.0257 5580  [ B7D595F2F464F7B628AD53F06547792C ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
14:24:56.0257 5580  dot4usb - ok
14:24:56.0288 5580  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
14:24:56.0304 5580  DPS - ok
14:24:56.0335 5580  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:24:56.0335 5580  drmkaud - ok
14:24:56.0382 5580  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
14:24:56.0413 5580  DsmSvc - ok
14:24:56.0445 5580  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\System32\drivers\dtsoftbus01.sys
14:24:56.0460 5580  dtsoftbus01 - ok
14:24:56.0522 5580  [ 898BF1647BBF012B38EF45C7F9F7A67E ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:24:56.0585 5580  DXGKrnl - ok
14:24:56.0632 5580  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
14:24:56.0647 5580  Eaphost - ok
14:24:56.0725 5580  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:24:56.0850 5580  ebdrv - ok
14:24:56.0866 5580  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
14:24:56.0881 5580  EFS - ok
14:24:56.0897 5580  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
14:24:57.0084 5580  EhStorClass - ok
14:24:57.0146 5580  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
14:24:57.0146 5580  EhStorTcgDrv - ok
14:24:57.0162 5580  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
14:24:57.0193 5580  ErrDev - ok
14:24:57.0240 5580  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
14:24:57.0256 5580  EventSystem - ok
14:24:57.0271 5580  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
14:24:57.0302 5580  exfat - ok
14:24:57.0318 5580  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:24:57.0334 5580  fastfat - ok
14:24:57.0381 5580  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
14:24:57.0427 5580  Fax - ok
14:24:57.0427 5580  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
14:24:57.0458 5580  fdc - ok
14:24:57.0490 5580  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
14:24:57.0505 5580  fdPHost - ok
14:24:57.0521 5580  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
14:24:57.0552 5580  FDResPub - ok
14:24:57.0599 5580  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
14:24:57.0630 5580  fhsvc - ok
14:24:57.0646 5580  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:24:57.0661 5580  FileInfo - ok
14:24:57.0693 5580  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:24:57.0724 5580  Filetrace - ok
14:24:57.0739 5580  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
14:24:57.0770 5580  flpydisk - ok
14:24:57.0802 5580  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:24:57.0817 5580  FltMgr - ok
14:24:57.0864 5580  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
14:24:57.0942 5580  FontCache - ok
14:24:58.0051 5580  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:24:58.0067 5580  FontCache3.0.0.0 - ok
14:24:58.0067 5580  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:24:58.0082 5580  FsDepends - ok
14:24:58.0098 5580  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:24:58.0098 5580  Fs_Rec - ok
14:24:58.0129 5580  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:24:58.0145 5580  fvevol - ok
14:24:58.0176 5580  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
14:24:58.0176 5580  FxPPM - ok
14:24:58.0207 5580  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:24:58.0223 5580  gagp30kx - ok
14:24:58.0238 5580  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:24:58.0238 5580  GEARAspiWDM - ok
14:24:58.0285 5580  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
14:24:58.0301 5580  gencounter - ok
14:24:58.0332 5580  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
14:24:58.0332 5580  GPIOClx0101 - ok
14:24:58.0394 5580  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
14:24:58.0441 5580  gpsvc - ok
14:24:58.0519 5580  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:58.0519 5580  gupdate - ok
14:24:58.0535 5580  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:24:58.0535 5580  gupdatem - ok
14:24:58.0550 5580  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:24:58.0566 5580  gusvc - ok
14:24:58.0613 5580  [ 9FC1F11D4D19F61DFE5CC878B4557D3A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:24:58.0628 5580  HdAudAddService - ok
14:24:58.0660 5580  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
14:24:58.0675 5580  HDAudBus - ok
14:24:58.0706 5580  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
14:24:58.0722 5580  HidBatt - ok
14:24:58.0738 5580  [ A25BAE8C1F2830C8E5625EC7E4E968BE ] HidBth          C:\Windows\System32\drivers\hidbth.sys
14:24:58.0769 5580  HidBth - ok
14:24:58.0784 5580  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
14:24:58.0816 5580  hidi2c - ok
14:24:58.0831 5580  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
14:24:58.0862 5580  HidIr - ok
14:24:58.0894 5580  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
14:24:58.0909 5580  hidserv - ok
14:24:58.0925 5580  [ 590B6F71BCDA4368B4BF7D8DF22B60F7 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
14:24:58.0940 5580  HidUsb - ok
14:24:58.0972 5580  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:24:58.0987 5580  hkmsvc - ok
14:24:59.0018 5580  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:24:59.0065 5580  HomeGroupListener - ok
14:24:59.0096 5580  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:24:59.0112 5580  HomeGroupProvider - ok
14:24:59.0190 5580  [ 0D0213498683414DDE29B1686A4C08D5 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:24:59.0206 5580  hpqcxs08 - ok
14:24:59.0221 5580  [ EE281DD6843F3F697C1AD7933EEB1E9B ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:24:59.0284 5580  hpqddsvc - ok
14:24:59.0315 5580  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:24:59.0330 5580  HpSAMD - ok
14:24:59.0362 5580  [ C995EA1C6915D897E06D41AF95B9312C ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:24:59.0393 5580  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:24:59.0393 5580  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:24:59.0440 5580  [ 29CB98187BB5711F7759540976D295FC ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:24:59.0471 5580  HTTP - ok
14:24:59.0486 5580  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:24:59.0486 5580  hwpolicy - ok
14:24:59.0518 5580  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
14:24:59.0533 5580  hyperkbd - ok
14:24:59.0549 5580  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
14:24:59.0580 5580  HyperVideo - ok
14:24:59.0596 5580  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
14:24:59.0596 5580  i8042prt - ok
14:24:59.0627 5580  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:24:59.0642 5580  iaStorV - ok
14:24:59.0658 5580  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:24:59.0674 5580  iirsp - ok
14:24:59.0720 5580  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
14:24:59.0752 5580  IKEEXT - ok
14:24:59.0783 5580  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
14:24:59.0798 5580  intelide - ok
14:24:59.0830 5580  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
14:24:59.0861 5580  intelppm - ok
14:24:59.0876 5580  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:24:59.0908 5580  IpFilterDriver - ok
14:24:59.0939 5580  [ CAC5202757EF68C4849B0DFFA75F6D3C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:25:00.0001 5580  iphlpsvc - ok
14:25:00.0001 5580  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
14:25:00.0032 5580  IPMIDRV - ok
14:25:00.0048 5580  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:25:00.0079 5580  IPNAT - ok
14:25:00.0110 5580  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:25:00.0142 5580  iPod Service - ok
14:25:00.0142 5580  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:25:00.0173 5580  IRENUM - ok
14:25:00.0188 5580  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:25:00.0188 5580  isapnp - ok
14:25:00.0220 5580  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
14:25:00.0251 5580  iScsiPrt - ok
14:25:00.0282 5580  [ E662CB468A1CFF3A57E120A212FADD57 ] johci           C:\Windows\system32\drivers\johci.sys
14:25:00.0376 5580  johci - ok
14:25:00.0407 5580  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
14:25:00.0422 5580  kbdclass - ok
14:25:00.0532 5580  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
14:25:00.0610 5580  kbdhid - ok
14:25:00.0625 5580  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
14:25:00.0657 5580  kdnic - ok
14:25:00.0672 5580  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
14:25:00.0688 5580  KeyIso - ok
14:25:00.0735 5580  [ 8B5219318DF5895ABD230C373F2DF18A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
14:25:00.0750 5580  kl1 - ok
14:25:00.0766 5580  [ F2EB9202FCCC81E0902D3C5A70037A44 ] klelam          C:\Windows\system32\DRIVERS\klelam.sys
14:25:00.0781 5580  klelam - ok
14:25:00.0813 5580  [ 5D0104D068AA740A4CD75158652EA986 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
14:25:00.0828 5580  KLIF - ok
14:25:00.0844 5580  [ 1B5B924D27399F41DECD1CC6D706429F ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
14:25:00.0859 5580  KLIM6 - ok
14:25:00.0859 5580  [ A0B1AE842D7C7F2FDF530A7049CB988D ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
14:25:00.0875 5580  klkbdflt - ok
14:25:00.0875 5580  [ A8FFD74947077D8BD9A80936EC24514D ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
14:25:00.0890 5580  klmouflt - ok
14:25:00.0890 5580  [ 07124B89A614CB25D993B81DE041E595 ] klwfp           C:\Windows\system32\DRIVERS\klwfp.sys
14:25:00.0906 5580  klwfp - ok
14:25:00.0937 5580  [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
14:25:00.0937 5580  kneps - ok
14:25:00.0968 5580  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:25:00.0968 5580  KSecDD - ok
14:25:01.0000 5580  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:25:01.0015 5580  KSecPkg - ok
14:25:01.0015 5580  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:25:01.0046 5580  ksthunk - ok
14:25:01.0078 5580  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:25:01.0124 5580  KtmRm - ok
14:25:01.0171 5580  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:25:01.0187 5580  LanmanServer - ok
14:25:01.0218 5580  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:25:01.0234 5580  LanmanWorkstation - ok
14:25:01.0265 5580  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:25:01.0280 5580  lltdio - ok
14:25:01.0312 5580  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:25:01.0358 5580  lltdsvc - ok
14:25:01.0390 5580  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:25:01.0390 5580  lmhosts - ok
14:25:01.0405 5580  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:25:01.0421 5580  LSI_SAS - ok
14:25:01.0437 5580  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:25:01.0452 5580  LSI_SAS2 - ok
14:25:01.0468 5580  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:25:01.0468 5580  LSI_SCSI - ok
14:25:01.0483 5580  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
14:25:01.0499 5580  LSI_SSS - ok
14:25:01.0530 5580  [ 8FEFDCEE40B75FD23B4BC60DA6576113 ] LSM             C:\Windows\System32\lsm.dll
14:25:01.0561 5580  LSM - ok
14:25:01.0577 5580  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
14:25:01.0608 5580  luafv - ok
14:25:01.0655 5580  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:25:01.0670 5580  MBAMProtector - ok
14:25:01.0717 5580  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:25:01.0764 5580  MBAMScheduler - ok
14:25:01.0827 5580  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:25:01.0842 5580  MBAMService - ok
14:25:01.0858 5580  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
14:25:01.0873 5580  megasas - ok
14:25:01.0905 5580  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:25:01.0920 5580  MegaSR - ok
14:25:02.0045 5580  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:25:02.0060 5580  Microsoft Office Groove Audit Service - ok
14:25:02.0092 5580  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
14:25:02.0138 5580  MMCSS - ok
14:25:02.0170 5580  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
14:25:02.0201 5580  Modem - ok
14:25:02.0217 5580  [ 83EB0BF7E6EBD5B1AAC97F9DBD5EB935 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:25:02.0232 5580  monitor - ok
14:25:02.0248 5580  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
14:25:02.0248 5580  mouclass - ok
14:25:02.0263 5580  [ CB2527B8B87D83E56FBF3944BBB6F606 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
14:25:02.0279 5580  mouhid - ok
14:25:02.0295 5580  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:25:02.0295 5580  mountmgr - ok
14:25:02.0341 5580  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:25:02.0372 5580  mpsdrv - ok
14:25:02.0419 5580  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:25:02.0466 5580  MpsSvc - ok
14:25:02.0482 5580  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:25:02.0497 5580  MRxDAV - ok
14:25:02.0544 5580  [ 877D60D6E4156EC4A2E0B6871D41BED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:25:02.0560 5580  mrxsmb - ok
14:25:02.0575 5580  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:25:02.0591 5580  mrxsmb10 - ok
14:25:02.0622 5580  [ E078446D4B8622AA6030C7B8A1A08962 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:25:02.0638 5580  mrxsmb20 - ok
14:25:02.0669 5580  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
14:25:02.0700 5580  MsBridge - ok
14:25:02.0731 5580  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
14:25:02.0747 5580  MSDTC - ok
14:25:02.0763 5580  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:25:02.0794 5580  Msfs - ok
14:25:02.0809 5580  [ C9BFB0353099B071E70299549C18C8AE ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
14:25:02.0825 5580  msgpiowin32 - ok
14:25:02.0841 5580  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:25:02.0872 5580  mshidkmdf - ok
14:25:02.0872 5580  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
14:25:02.0903 5580  mshidumdf - ok
14:25:02.0903 5580  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:25:02.0919 5580  msisadrv - ok
14:25:02.0950 5580  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:25:02.0981 5580  MSiSCSI - ok
14:25:02.0981 5580  msiserver - ok
14:25:03.0028 5580  [ 192476C10371DC83243D67432B2CDCBF ] MSI_MSIBIOS_010507 C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys
14:25:03.0028 5580  MSI_MSIBIOS_010507 - ok
14:25:03.0059 5580  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:25:03.0090 5580  MSKSSRV - ok
14:25:03.0106 5580  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
14:25:03.0121 5580  MsLldp - ok
14:25:03.0137 5580  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:25:03.0153 5580  MSPCLOCK - ok
14:25:03.0153 5580  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:25:03.0168 5580  MSPQM - ok
14:25:03.0184 5580  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:25:03.0199 5580  MsRPC - ok
14:25:03.0231 5580  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
14:25:03.0231 5580  mssmbios - ok
14:25:03.0246 5580  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:25:03.0262 5580  MSTEE - ok
14:25:03.0293 5580  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
14:25:03.0293 5580  MTConfig - ok
14:25:03.0309 5580  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
14:25:03.0324 5580  Mup - ok
14:25:03.0355 5580  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
14:25:03.0355 5580  mvumis - ok
14:25:03.0387 5580  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
14:25:03.0402 5580  napagent - ok
14:25:03.0449 5580  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:25:03.0465 5580  NativeWifiP - ok
14:25:03.0496 5580  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
14:25:03.0511 5580  NcaSvc - ok
14:25:03.0543 5580  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
14:25:03.0574 5580  NcdAutoSetup - ok
14:25:03.0652 5580  [ 0F89AE618DBA5D8AB7A2DFCC375F4159 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:25:03.0699 5580  NDIS - ok
14:25:03.0714 5580  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:25:03.0745 5580  NdisCap - ok
14:25:03.0777 5580  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
14:25:03.0808 5580  NdisImPlatform - ok
14:25:03.0839 5580  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:25:03.0855 5580  NdisTapi - ok
14:25:03.0886 5580  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:25:03.0901 5580  Ndisuio - ok
14:25:03.0917 5580  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:25:03.0933 5580  NdisWan - ok
14:25:03.0948 5580  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
14:25:03.0964 5580  NDISWANLEGACY - ok
14:25:03.0995 5580  [ CE6EBC0AD38CC6482D8FBB744FF15CE2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:25:04.0011 5580  NDProxy - ok
14:25:04.0026 5580  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
14:25:04.0042 5580  Ndu - ok
14:25:04.0073 5580  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
14:25:04.0073 5580  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:25:04.0073 5580  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:25:04.0104 5580  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:25:04.0135 5580  NetBIOS - ok
14:25:04.0151 5580  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:25:04.0182 5580  NetBT - ok
14:25:04.0213 5580  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
14:25:04.0213 5580  Netlogon - ok
14:25:04.0245 5580  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
14:25:04.0276 5580  Netman - ok
14:25:04.0307 5580  [ 20F6FD63E6D456114BC8056D62792786 ] netprofm        C:\Windows\System32\netprofmsvc.dll
14:25:04.0338 5580  netprofm - ok
14:25:04.0401 5580  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:25:04.0416 5580  NetTcpPortSharing - ok
14:25:04.0572 5580  [ 57B9C04D673F236D41FAB03842C8640B ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
14:25:04.0806 5580  NETwNs64 - ok
14:25:04.0822 5580  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:25:04.0837 5580  nfrd960 - ok
14:25:04.0884 5580  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:25:04.0915 5580  NlaSvc - ok
14:25:04.0931 5580  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:25:04.0931 5580  Npfs - ok
14:25:04.0947 5580  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
14:25:04.0978 5580  npsvctrig - ok
14:25:05.0071 5580  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
14:25:05.0087 5580  nsi - ok
14:25:05.0087 5580  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:25:05.0118 5580  nsiproxy - ok
14:25:05.0165 5580  [ 4A7EEA9C4AD5CBFDA3C0E5B821C99CAD ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:25:05.0243 5580  Ntfs - ok
14:25:05.0274 5580  [ 1B32C54B95121AB1683C7B83B2DB4B96 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
14:25:05.0274 5580  NTIOLib_1_0_4 - ok
14:25:05.0290 5580  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
14:25:05.0305 5580  Null - ok
14:25:05.0337 5580  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:25:05.0337 5580  NVHDA - ok
14:25:05.0555 5580  [ 26AA3C7E6E1DB7107BF93503F6F57E88 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:25:05.0836 5580  nvlddmkm - ok
14:25:05.0851 5580  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:25:05.0867 5580  nvraid - ok
14:25:05.0883 5580  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:25:05.0898 5580  nvstor - ok
14:25:05.0945 5580  [ A83AC04D672567CAF8BE7A4D73C0B850 ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:25:05.0961 5580  nvsvc - ok
14:25:06.0039 5580  [ FB660F80BDC4F13D594996976AFAECD9 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:25:06.0070 5580  nvUpdatusService - ok
14:25:06.0085 5580  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:25:06.0101 5580  nv_agp - ok
14:25:06.0163 5580  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:25:06.0273 5580  odserv - ok
14:25:06.0273 5580  ohci1394 - ok
14:25:06.0304 5580  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:25:06.0319 5580  ose - ok
14:25:06.0335 5580  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:25:06.0366 5580  p2pimsvc - ok
14:25:06.0397 5580  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:25:06.0429 5580  p2psvc - ok
14:25:06.0460 5580  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
14:25:06.0491 5580  Parport - ok
14:25:06.0507 5580  [ C1D7BA7F0DE487DFEEB51BF8D3EC5562 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:25:06.0522 5580  partmgr - ok
14:25:06.0569 5580  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:25:06.0585 5580  PcaSvc - ok
14:25:06.0616 5580  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
14:25:06.0631 5580  pci - ok
14:25:06.0647 5580  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
14:25:06.0647 5580  pciide - ok
14:25:06.0678 5580  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:25:06.0694 5580  pcmcia - ok
14:25:06.0709 5580  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:25:06.0725 5580  pcw - ok
14:25:06.0756 5580  [ EF9B4F3136B4C45F421ADE6871659FB6 ] pdc             C:\Windows\system32\drivers\pdc.sys
14:25:06.0772 5580  pdc - ok
14:25:06.0787 5580  [ 70DBB6A8B52B3830922F1C5789E1BEEB ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:25:06.0819 5580  PEAUTH - ok
14:25:06.0881 5580  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:25:06.0975 5580  PeerDistSvc - ok
14:25:07.0099 5580  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:25:07.0131 5580  PerfHost - ok
14:25:07.0177 5580  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
14:25:07.0240 5580  pla - ok
14:25:07.0271 5580  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:25:07.0287 5580  PlugPlay - ok
14:25:07.0318 5580  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
14:25:07.0318 5580  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:25:07.0318 5580  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:25:07.0349 5580  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:25:07.0380 5580  PNRPAutoReg - ok
14:25:07.0396 5580  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:25:07.0411 5580  PNRPsvc - ok
14:25:07.0443 5580  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:25:07.0474 5580  PolicyAgent - ok
14:25:07.0505 5580  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
14:25:07.0536 5580  Power - ok
14:25:07.0567 5580  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:25:07.0583 5580  PptpMiniport - ok
14:25:07.0692 5580  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
14:25:07.0957 5580  PrintNotify - ok
14:25:07.0989 5580  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
14:25:08.0004 5580  Processor - ok
14:25:08.0035 5580  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
14:25:08.0051 5580  ProfSvc - ok
14:25:08.0067 5580  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:25:08.0082 5580  Psched - ok
14:25:08.0113 5580  [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys
14:25:08.0129 5580  PxHlpa64 - ok
14:25:08.0145 5580  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
14:25:08.0191 5580  QWAVE - ok
14:25:08.0207 5580  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:25:08.0223 5580  QWAVEdrv - ok
14:25:08.0238 5580  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:25:08.0269 5580  RasAcd - ok
14:25:08.0301 5580  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:25:08.0316 5580  RasAgileVpn - ok
14:25:08.0316 5580  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
14:25:08.0347 5580  RasAuto - ok
14:25:08.0363 5580  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:25:08.0394 5580  Rasl2tp - ok
14:25:08.0410 5580  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
14:25:08.0441 5580  RasMan - ok
14:25:08.0441 5580  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:25:08.0457 5580  RasPppoe - ok
14:25:08.0472 5580  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:25:08.0488 5580  RasSstp - ok
14:25:08.0519 5580  [ B72C33DBD5326B3864CF2091AF8B906B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:25:08.0550 5580  rdbss - ok
14:25:08.0566 5580  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
14:25:08.0566 5580  rdpbus - ok
14:25:08.0597 5580  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:25:08.0628 5580  RDPDR - ok
14:25:08.0659 5580  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:25:08.0675 5580  RdpVideoMiniport - ok
14:25:08.0691 5580  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:25:08.0722 5580  RDPWD - ok
14:25:08.0737 5580  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:25:08.0753 5580  rdyboost - ok
14:25:08.0784 5580  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:25:08.0815 5580  RemoteAccess - ok
14:25:08.0847 5580  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:25:08.0878 5580  RemoteRegistry - ok
14:25:08.0893 5580  [ 17EF582CBC4809F96B9E6D0543480763 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
14:25:08.0940 5580  RFCOMM - ok
14:25:08.0971 5580  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:25:08.0987 5580  RpcEptMapper - ok
14:25:09.0018 5580  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
14:25:09.0034 5580  RpcLocator - ok
14:25:09.0049 5580  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
14:25:09.0081 5580  RpcSs - ok
14:25:09.0112 5580  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:25:09.0143 5580  rspndr - ok
14:25:09.0190 5580  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
14:25:09.0221 5580  RTL8168 - ok
14:25:09.0237 5580  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
14:25:09.0252 5580  s3cap - ok
14:25:09.0268 5580  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
14:25:09.0283 5580  SamSs - ok
14:25:09.0299 5580  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:25:09.0315 5580  sbp2port - ok
14:25:09.0330 5580  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:25:09.0361 5580  SCardSvr - ok
14:25:09.0361 5580  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:25:09.0393 5580  scfilter - ok
14:25:09.0455 5580  [ EDCDF4DB82EF825B94B190D544C8C58B ] Schedule        C:\Windows\system32\schedsvc.dll
14:25:09.0502 5580  Schedule - ok
14:25:09.0549 5580  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:25:09.0564 5580  SCPolicySvc - ok
14:25:09.0580 5580  [ 66E29CADF9FF6C8325C356BDD617F7EA ] sdbus           C:\Windows\System32\drivers\sdbus.sys
14:25:09.0595 5580  sdbus - ok
14:25:09.0642 5580  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:25:09.0658 5580  SDRSVC - ok
14:25:09.0673 5580  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
14:25:09.0689 5580  sdstor - ok
14:25:09.0705 5580  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:25:09.0705 5580  secdrv - ok
14:25:09.0736 5580  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
14:25:09.0767 5580  seclogon - ok
14:25:09.0783 5580  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
14:25:09.0814 5580  SENS - ok
14:25:09.0829 5580  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:25:09.0845 5580  SensrSvc - ok
14:25:09.0861 5580  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
14:25:09.0876 5580  SerCx - ok
14:25:09.0892 5580  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
14:25:09.0923 5580  Serenum - ok
14:25:09.0923 5580  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
14:25:09.0939 5580  Serial - ok
14:25:09.0939 5580  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
14:25:09.0954 5580  sermouse - ok
14:25:09.0970 5580  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
14:25:10.0001 5580  SessionEnv - ok
14:25:10.0001 5580  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
14:25:10.0032 5580  sfloppy - ok
14:25:10.0063 5580  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:25:10.0095 5580  SharedAccess - ok
14:25:10.0126 5580  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:25:10.0157 5580  ShellHWDetection - ok
14:25:10.0188 5580  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:25:10.0188 5580  SiSRaid2 - ok
14:25:10.0204 5580  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:25:10.0219 5580  SiSRaid4 - ok
14:25:10.0251 5580  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:25:10.0282 5580  SNMPTRAP - ok
14:25:10.0297 5580  [ 465F3C355CE5ED2779B8F460F14C5A78 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
14:25:10.0313 5580  spaceport - ok
14:25:10.0329 5580  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
14:25:10.0344 5580  SpbCx - ok
14:25:10.0375 5580  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
14:25:10.0407 5580  Spooler - ok
14:25:10.0625 5580  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
14:25:10.0765 5580  sppsvc - ok
14:25:10.0859 5580  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:25:10.0890 5580  srv - ok
14:25:10.0921 5580  [ C2106BB710AA34A046126AED7BCA6964 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:25:10.0953 5580  srv2 - ok
14:25:10.0999 5580  [ 9400C71F5A1A380B494B6922F007D485 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:25:11.0015 5580  srvnet - ok
14:25:11.0062 5580  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:25:11.0077 5580  SSDPSRV - ok
14:25:11.0124 5580  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:25:11.0155 5580  SstpSvc - ok
14:25:11.0171 5580  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:25:11.0187 5580  stexstor - ok
14:25:11.0218 5580  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
14:25:11.0249 5580  stisvc - ok
14:25:11.0265 5580  [ C588BBD37B432CE3204E5765B459E6B2 ] storahci        C:\Windows\system32\drivers\storahci.sys
14:25:11.0265 5580  storahci - ok
14:25:11.0296 5580  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
14:25:11.0311 5580  storflt - ok
14:25:11.0327 5580  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
14:25:11.0343 5580  StorSvc - ok
14:25:11.0343 5580  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:25:11.0358 5580  storvsc - ok
14:25:11.0374 5580  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\Windows\System32\drivers\storvsp.sys
14:25:11.0389 5580  storvsp - ok
14:25:11.0405 5580  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
14:25:11.0436 5580  svsvc - ok
14:25:11.0452 5580  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
14:25:11.0467 5580  swenum - ok
14:25:11.0608 5580  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:25:11.0639 5580  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:25:11.0639 5580  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:25:11.0655 5580  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
14:25:11.0686 5580  swprv - ok
14:25:11.0717 5580  [ DC21E1F06343773D7E24362DCEF7944B ] SysMain         C:\Windows\system32\sysmain.dll
14:25:11.0764 5580  SysMain - ok
14:25:11.0795 5580  [ E219BF7BCCFE4881B0C053C7E0B47ECC ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
14:25:11.0826 5580  SystemEventsBroker - ok
14:25:11.0857 5580  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
14:25:11.0873 5580  TabletInputService - ok
14:25:11.0873 5580  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:25:11.0889 5580  TapiSrv - ok
14:25:11.0951 5580  [ 1D644E2D0FC395A055AB1C23C3B43631 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:25:12.0045 5580  Tcpip - ok
14:25:12.0076 5580  [ 1D644E2D0FC395A055AB1C23C3B43631 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:25:12.0123 5580  TCPIP6 - ok
14:25:12.0154 5580  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:25:12.0169 5580  tcpipreg - ok
14:25:12.0185 5580  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:25:12.0201 5580  tdx - ok
14:25:12.0232 5580  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
14:25:12.0232 5580  terminpt - ok
14:25:12.0279 5580  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
14:25:12.0310 5580  TermService - ok
14:25:12.0325 5580  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
14:25:12.0357 5580  Themes - ok
14:25:12.0388 5580  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
14:25:12.0403 5580  THREADORDER - ok
14:25:12.0419 5580  [ FF4135424A79DCC2998276D8E39C9B4D ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
14:25:12.0450 5580  TimeBroker - ok
14:25:12.0481 5580  [ B44EFE254C0B3719E4037088D24FE4B5 ] TPM             C:\Windows\system32\drivers\tpm.sys
14:25:12.0497 5580  TPM - ok
14:25:12.0513 5580  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
14:25:12.0544 5580  TrkWks - ok
14:25:12.0606 5580  [ 8D516AEF3C1DF980664CF17BB1FF6093 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:25:12.0622 5580  TrustedInstaller - ok
14:25:12.0653 5580  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:25:12.0653 5580  TsUsbFlt - ok
14:25:12.0653 5580  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
14:25:12.0669 5580  TsUsbGD - ok
14:25:12.0700 5580  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:25:12.0715 5580  tunnel - ok
14:25:12.0731 5580  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:25:12.0747 5580  uagp35 - ok
14:25:12.0762 5580  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
14:25:12.0778 5580  UASPStor - ok
14:25:12.0809 5580  [ 1ED222DFE6C13DA50FE081ABF90CAFE1 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
14:25:12.0825 5580  UCX01000 - ok
14:25:12.0840 5580  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:25:12.0856 5580  udfs - ok
14:25:12.0903 5580  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:25:12.0934 5580  UI0Detect - ok
14:25:12.0949 5580  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:25:12.0949 5580  uliagpkx - ok
14:25:12.0965 5580  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
14:25:12.0996 5580  umbus - ok
14:25:13.0012 5580  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
14:25:13.0043 5580  UmPass - ok
14:25:13.0074 5580  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
14:25:13.0105 5580  UmRdpService - ok
14:25:13.0121 5580  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
14:25:13.0152 5580  upnphost - ok
14:25:13.0168 5580  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
14:25:13.0199 5580  USBAAPL64 - ok
14:25:13.0215 5580  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
14:25:13.0246 5580  usbccgp - ok
14:25:13.0277 5580  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
14:25:13.0308 5580  usbcir - ok
14:25:13.0371 5580  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
14:25:13.0386 5580  usbehci - ok
14:25:13.0402 5580  [ FBB6794E3BBAD92D66D59D206C1F849F ] usbhub          C:\Windows\System32\drivers\usbhub.sys
14:25:13.0417 5580  usbhub - ok
14:25:13.0464 5580  [ B7A948501424805571BF562BB0BFE31D ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
14:25:13.0480 5580  USBHUB3 - ok
14:25:13.0495 5580  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
14:25:13.0511 5580  usbohci - ok
14:25:13.0527 5580  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
14:25:13.0542 5580  usbprint - ok
14:25:13.0589 5580  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:25:13.0620 5580  usbscan - ok
14:25:13.0636 5580  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
14:25:13.0651 5580  USBSTOR - ok
14:25:13.0667 5580  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
14:25:13.0683 5580  usbuhci - ok
14:25:13.0729 5580  [ 09799E701B4327097E9F63D3FE221083 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:25:13.0761 5580  usbvideo - ok
14:25:13.0776 5580  [ 9CD4259AD15F84DE27B94A956C978D6C ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
14:25:13.0792 5580  USBXHCI - ok
14:25:13.0807 5580  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
14:25:13.0823 5580  VaultSvc - ok
14:25:13.0823 5580  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:25:13.0839 5580  vdrvroot - ok
14:25:13.0870 5580  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\Windows\System32\vds.exe
14:25:13.0901 5580  vds - ok
14:25:13.0917 5580  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
14:25:13.0932 5580  VerifierExt - ok
14:25:13.0963 5580  [ 8628FA679F0EC4B709CCD1F6B6A3233B ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
14:25:13.0979 5580  vhdmp - ok
14:25:13.0995 5580  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
14:25:14.0010 5580  viaide - ok
14:25:14.0026 5580  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\Windows\System32\drivers\Vid.sys
14:25:14.0057 5580  Vid - ok
14:25:14.0073 5580  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:25:14.0088 5580  vmbus - ok
14:25:14.0104 5580  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
14:25:14.0104 5580  VMBusHID - ok
14:25:14.0119 5580  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
14:25:14.0135 5580  vmbusr - ok
14:25:14.0166 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
14:25:14.0182 5580  vmicheartbeat - ok
14:25:14.0182 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
14:25:14.0197 5580  vmickvpexchange - ok
14:25:14.0213 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
14:25:14.0213 5580  vmicrdv - ok
14:25:14.0229 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
14:25:14.0244 5580  vmicshutdown - ok
14:25:14.0244 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
14:25:14.0260 5580  vmictimesync - ok
14:25:14.0260 5580  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
14:25:14.0275 5580  vmicvss - ok
14:25:14.0291 5580  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:25:14.0307 5580  volmgr - ok
14:25:14.0322 5580  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:25:14.0338 5580  volmgrx - ok
14:25:14.0369 5580  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:25:14.0385 5580  volsnap - ok
14:25:14.0400 5580  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
14:25:14.0416 5580  vpci - ok
14:25:14.0416 5580  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
14:25:14.0431 5580  vpcivsp - ok
14:25:14.0447 5580  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:25:14.0463 5580  vsmraid - ok
14:25:14.0509 5580  [ EA658570314042C914964FC72AB50E6B ] VSS             C:\Windows\system32\vssvc.exe
14:25:14.0572 5580  VSS - ok
14:25:14.0587 5580  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
14:25:14.0603 5580  VSTXRAID - ok
14:25:14.0619 5580  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:25:14.0619 5580  vwifibus - ok
14:25:14.0634 5580  [ 095E943D27025E4D588AF0A72CC2318F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:25:14.0650 5580  vwififlt - ok
14:25:14.0665 5580  [ 73FA1A41A97A5C34ADC03B3577FF1A86 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
14:25:14.0681 5580  vwifimp - ok
14:25:14.0728 5580  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
14:25:14.0743 5580  W32Time - ok
14:25:14.0775 5580  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
14:25:14.0790 5580  WacomPen - ok
14:25:14.0837 5580  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
14:25:14.0837 5580  Wanarp - ok
14:25:14.0853 5580  [ 6081CEC9EF9EB145D8B46655C7708D51 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:25:14.0853 5580  Wanarpv6 - ok
14:25:14.0915 5580  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
14:25:14.0977 5580  wbengine - ok
14:25:15.0009 5580  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:25:15.0024 5580  WbioSrvc - ok
14:25:15.0071 5580  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
14:25:15.0087 5580  Wcmsvc - ok
14:25:15.0133 5580  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:25:15.0149 5580  wcncsvc - ok
14:25:15.0165 5580  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:25:15.0180 5580  WcsPlugInService - ok
14:25:15.0211 5580  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
14:25:15.0227 5580  Wd - ok
14:25:15.0243 5580  [ 260F8DFC4D5748F4CCB9B19CFB0E58EA ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
14:25:15.0258 5580  WdBoot - ok
14:25:15.0274 5580  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:25:15.0305 5580  Wdf01000 - ok
14:25:15.0321 5580  [ 880FFFC4D5BBBB4187B6B04AB2E8C32A ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
14:25:15.0336 5580  WdFilter - ok
14:25:15.0352 5580  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:25:15.0367 5580  WdiServiceHost - ok
14:25:15.0367 5580  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:25:15.0399 5580  WdiSystemHost - ok
14:25:15.0414 5580  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
14:25:15.0430 5580  WebClient - ok
14:25:15.0430 5580  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:25:15.0461 5580  Wecsvc - ok
14:25:15.0477 5580  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:25:15.0508 5580  wercplsupport - ok
14:25:15.0523 5580  [ 8E2426162ED6749A127B35D235F21E11 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:25:15.0555 5580  WerSvc - ok
14:25:15.0570 5580  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
14:25:15.0586 5580  WFPLWFS - ok
14:25:15.0617 5580  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
14:25:15.0633 5580  WiaRpc - ok
14:25:15.0648 5580  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:25:15.0664 5580  WIMMount - ok
14:25:15.0679 5580  WinDefend - ok
14:25:15.0726 5580  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
14:25:15.0742 5580  WinHttpAutoProxySvc - ok
14:25:15.0820 5580  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:25:15.0851 5580  Winmgmt - ok
14:25:15.0913 5580  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:25:16.0007 5580  WinRM - ok
14:25:16.0054 5580  [ BB20956C424531003F7FA6CD36F11D5D ] winusb          C:\Windows\system32\DRIVERS\winusb.sys
14:25:16.0085 5580  winusb - ok
14:25:16.0147 5580  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
14:25:16.0194 5580  WlanSvc - ok
14:25:16.0257 5580  [ 08EFA13A2234C8C3B8A99E4B88BE7E9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
14:25:16.0319 5580  wlidsvc - ok
14:25:16.0350 5580  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
14:25:16.0366 5580  WmiAcpi - ok
14:25:16.0397 5580  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:25:16.0413 5580  wmiApSrv - ok
14:25:16.0444 5580  WMPNetworkSvc - ok
14:25:16.0537 5580  [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe
14:25:16.0553 5580  WMZuneComm - ok
14:25:16.0569 5580  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
14:25:16.0584 5580  wpcfltr - ok
14:25:16.0600 5580  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:25:16.0615 5580  WPCSvc - ok
14:25:16.0631 5580  [ 94AA5150E35B3ABB7191FE641E3C2473 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:25:16.0662 5580  WPDBusEnum - ok
14:25:16.0662 5580  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
14:25:16.0693 5580  WpdUpFltr - ok
14:25:16.0709 5580  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:25:16.0725 5580  ws2ifsl - ok
14:25:16.0740 5580  [ FB0C1B7F94FA08E72F19F6F2CE7210E1 ] wscsvc          C:\Windows\System32\wscsvc.dll
14:25:16.0756 5580  wscsvc - ok
14:25:16.0756 5580  WSearch - ok
14:25:16.0818 5580  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
14:25:16.0912 5580  WSService - ok
14:25:16.0974 5580  [ A8484C0CB54DB48180FB7CA00F1C3F8F ] wuauserv        C:\Windows\system32\wuaueng.dll
14:25:17.0083 5580  wuauserv - ok
14:25:17.0130 5580  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:25:17.0161 5580  WudfPf - ok
14:25:17.0161 5580  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
14:25:17.0177 5580  WUDFRd - ok
14:25:17.0224 5580  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:25:17.0239 5580  wudfsvc - ok
14:25:17.0255 5580  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
14:25:17.0271 5580  WUDFWpdFs - ok
14:25:17.0271 5580  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
14:25:17.0286 5580  WUDFWpdMtp - ok
14:25:17.0317 5580  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:25:17.0333 5580  WwanSvc - ok
14:25:17.0380 5580  [ D107AA09E4E233E1AAE126255D8A4057 ] xusb22          C:\Windows\System32\drivers\xusb22.sys
14:25:17.0395 5580  xusb22 - ok
14:25:17.0551 5580  [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe
14:25:17.0770 5580  ZuneNetworkSvc - ok
14:25:17.0801 5580  [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe
14:25:17.0817 5580  ZuneWlanCfgSvc - ok
14:25:17.0832 5580  ================ Scan global ===============================
14:25:17.0879 5580  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
14:25:17.0910 5580  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
14:25:17.0957 5580  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
14:25:17.0988 5580  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
14:25:17.0988 5580  [Global] - ok
14:25:17.0988 5580  ================ Scan MBR ==================================
14:25:18.0004 5580  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:25:18.0519 5580  \Device\Harddisk0\DR0 - ok
14:25:18.0519 5580  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR2
14:25:19.0002 5580  \Device\Harddisk1\DR2 - ok
14:25:19.0002 5580  ================ Scan VBR ==================================
14:25:19.0018 5580  [ 4842AB1C0F0893D2B5A8718C43D9C3CB ] \Device\Harddisk0\DR0\Partition1
14:25:19.0018 5580  \Device\Harddisk0\DR0\Partition1 - ok
14:25:19.0049 5580  [ 4AF3BAF9A9694C3D5041BC1FC2BDFF89 ] \Device\Harddisk0\DR0\Partition2
14:25:19.0049 5580  \Device\Harddisk0\DR0\Partition2 - ok
14:25:19.0049 5580  [ F3F2D2C60E6EF8495E3C74E9D96A51BB ] \Device\Harddisk1\DR2\Partition1
14:25:19.0065 5580  \Device\Harddisk1\DR2\Partition1 - ok
14:25:19.0065 5580  ============================================================
14:25:19.0065 5580  Scan finished
14:25:19.0065 5580  ============================================================
14:25:19.0065 4040  Detected object count: 4
14:25:19.0065 4040  Actual detected object count: 4
14:41:38.0348 4040  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:38.0348 4040  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:41:38.0348 4040  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:38.0348 4040  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:41:38.0348 4040  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:38.0348 4040  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:41:38.0364 4040  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:41:38.0364 4040  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip

14.01.2013, 11:16	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ordner auf Wechselmedien werden als Verknüpfung angezeigt ESET hast du wahrscheinlich falsch ausgeführt....das Log ist unbrauchbar Hatte es was gefunden? __________________ Logfiles bitte immer in CODE-Tags posten

14.01.2013, 22:22	#12
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ordner auf Wechselmedien werden als Verknüpfung angezeigt Anleitungen bitte komplett lesen Ich hab extra einen Hinweis deswegen zu aswMBR gepostet __________________ Logfiles bitte immer in CODE-Tags posten

15.01.2013, 12:24	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Ordner auf Wechselmedien werden als Verknüpfung angezeigt Dann bitte nur den TDSS-Killer ausführen __________________ Logfiles bitte immer in CODE-Tags posten

Ordner auf Wechselmedien werden als Verknüpfung angezeigt

Log-Analyse und Auswertung: Ordner auf Wechselmedien werden als Verknüpfung angezeigt