Hallo,

ich glaube mein GMX Account hat sich verselbständigt und schickt E-Mails mit folgendem Inhalt an Leute, die ich nicht kenne:

-----Ursprüngliche Mitteilung-----
Von: My Dirty Hobby Online <rieke_thomsen@gmx.de>
An: OKnippelbe <OKnippelbe@aol.com>
Verschickt: Mi, 10 Apr 2013 5:52 am
Betreff: Rechnung My-Dirty-Hobby Ltd.

Hallo Nutzer,

in der Anlage bekommen Sie die Abrechnung für die Premium Mitgliedschaft von MyDirtyHobby AG für den zeitlichen Raum von 12 Monaten. Wir hoffen Sie haben auch zukünftig Spaß mit unterem Portal.

Wir bitten um Überweisung der Rechnung innerhalb von 7 Tagen an die in den AGBs genannte Bankverbindung. Im beigefügten Dokument finden Sie Ihre Rechnung, unsere AGBs und die Widerrufsbelehrung. Falls keine Zahlung ankommen sollte erhalten Sie in 14 Tagen Schreiben von unserem Inkassobüro mit weiteren Kosten.

Betrag: 98,00 Euro

Mit freundlichen Grüßen Ihr My-Dirty-Hobby Online Service Team


Aufgefallen ist es mir, weil ich mehrere E-Mail von "Mailer-Daemon" bekommen habe und mir jemand geantwortet hat.
Ich habe jetzt mein Passwort geändert und hoffe, dass ich jetzt Ruhe habe. Muss ich noch mehr tun?
Ich habe keinen Anhang geöffnet, nur die E-Mails gelesen. Kann es sein, dass ich mir meinen Rechner trotzdem mit irgendetwas verseucht habe? Wie kann ich das feststellen?

Vielen Dank für eure Hilfe.
LG Twix

Hallo und

Hast du noch weitere Logs (mit Funden)? Ist dein Virenscanner jemals fündig geworden?

Malwarebytes und/oder andere Virenscanner?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Hallo,

der Virenscanner auf der Arbeit hat nichts gefunden (Trend Micro Office Scan). Bei meinem privaten Rechner lasse ich heute Abend nochmal Antivir durchlaufen.

Wenn die nichts finden, habe ich nichts abbekommen?

Vielen Dank!

Was heißt der Virenscanner auf der Arbeit?
Firemenrechner werden hier normalerweise nicht bereinigt und zwei Rechner in einem Strang zu behandeln macht hinten und vorn keinen Sinn, beschränke sich daher bitte nur auf einen heimischen Privatrechner

Ich wollte doch nur sicher gehen, dass ich nicht auch noch auf der Arbeit irgendetwas eingschleppt habe. Anscheinend aber nicht.

Anders sieht es bei meinem privaten Rechner aus, Antivir hatte zwei Funde:
1.

Code: Alles auswählenAufklappen

ATTFilter

11.04.2013 22:36 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\XXXXX\AppData\Local\Temp\Low\0.7121049186834881.exe'
      enthielt einen Virus oder unerwünschtes Programm 'TR/Dropper.Gen' [trojan].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '561bbdbc.qua' 
      verschoben!
         

2.

Code: Alles auswählenAufklappen

ATTFilter

11.04.2013 22:36 [System-Scanner] Malware gefunden
      Die Datei 'C:\Users\XXXXX\AppData\Local\Microsoft\Windows\Temporary Internet 
      Files\Virtualized\C\Users\XXXXX\AppData\Roaming\Sun\Java\Deployment\cache\javapi
      \v1.0\jar\48.jar-51efaec5-4d479696.zip'
      enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2008-5353.SR' 
      [exploit].
      Durchgeführte Aktion(en):
      Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e879205.qua' 
      verschoben!
         

Zitat:

Ich wollte doch nur sicher gehen, dass ich nicht auch noch auf der Arbeit irgendetwas eingschleppt habe.

Das kann ich verstehen, trotzdem bereinigen wir keine Büro-PCs und zwei Rechner in einem Strang auch schonmal garnit

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

• Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
  
  
• Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
  
  
• Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
  
  
• Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
  
  
• Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!
  
  
• Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles hier in CODE-Tags in den Thread.

So, hier kommen meine Logs:
OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 12.04.2013 18:57:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*****\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,46% Memory free
5,99 Gb Paging File | 4,34 Gb Available in Paging File | 72,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 94,16 Gb Total Space | 11,96 Gb Free Space | 12,70% Space Free | Partition Type: NTFS
Drive D: | 195,14 Gb Total Space | 42,82 Gb Free Space | 21,94% Space Free | Partition Type: NTFS
 
Computer Name: *****-NOTEBOOK | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-31335479-3379540539-2503252673-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\Program Files\Microsoft Office\Office14\msohtmed.exe" /p %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0DCB78F3-E2EC-42FE-B081-E4C033467813}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{1552CC45-B0E5-47CA-9DDD-587995C24C73}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1B3F2AC2-FC35-4031-B622-2886900E7E36}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{3401AAA6-2149-461F-BC29-92DE3E83D265}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{559B609C-820C-4919-B620-F7101995B30C}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{73A0F372-FD68-4F77-9F60-D18928AB0D0A}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{76C82BE3-5E9B-4D41-A165-DB59AB6CA408}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{82BD6516-38B4-4695-9563-660180E27134}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{9830AC40-8044-42A0-84A8-4CA87396CE75}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{ABFE890E-63B6-4F3E-A13C-928E6E3AFFA6}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{ACB05EAA-42F9-4C3A-BBA9-2CFE8C088B40}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{BAD473C5-1E30-478A-BC84-695CC79BEC1F}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{CEE01552-A759-45A3-BF40-02F6A5362DDE}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D1832FA9-C513-423F-9D60-C1A7FC6C9A88}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 
"{E5A78039-5300-4C1D-B10C-603E2EA9B3E8}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{E5D91CDC-9C4E-405C-A223-E5E26C580A91}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{ED726EA1-5915-4774-8B17-3A9C9976CFBB}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{F3086D4B-FB4E-4D86-9ACE-A783A382B135}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{F9F4C3F5-B11D-43BD-A686-7E988F539D6D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02862404-FCCD-403B-A476-0CDB047182D6}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{0D29D01E-B2A4-4106-AC35-C29CBA0D46C7}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe | 
"{0EEF9502-4793-41F8-B46E-17780300C2AF}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{19F1F748-60AC-4AA3-AA35-04469E6A4576}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{24636311-1C3D-4169-A3C1-7E41133595D9}" = protocol=17 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | 
"{24C94443-9D46-4435-BCFA-807825651CBB}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{25827B88-8EC1-40F4-A791-E80D7BBE53B2}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{37AF6D97-55DF-47AD-B7EF-9F5395890576}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe | 
"{399186B4-1CA7-4F24-976D-586D696A86B5}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpoews01.exe | 
"{3A692BC2-1741-4043-AACC-A47408E75188}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3AE61E55-74E6-4FA4-8D7A-96C348172EB8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{3BE601A7-FDC8-49D3-BA82-FC0D5625553F}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe | 
"{3D677CD6-547C-4E69-8912-0A6736845340}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{41508111-AB8C-443E-A1EF-D474D344D9D9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe | 
"{41C4E338-EC9D-420E-AA9E-78F000550987}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{47173D10-D14D-480A-81FB-F2EC8DDD8FC3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe | 
"{49DA7125-8026-4ECB-827E-1260F74EC860}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{4A810AFB-5CD5-4A79-A3EA-9F92F1ED2B60}" = protocol=6 | dir=in | app=c:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe | 
"{4C30BDE4-7EEF-4CD0-A80D-E0A25CDF7C6C}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{4C4D28F7-4624-4FE4-A9FF-10FECCD5C16D}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\sony ericsson media manager\mediamanager.exe | 
"{5087EEA2-E33D-4C1C-9805-D525C1F2E882}" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | 
"{50CB60F3-158C-41BF-A74D-2BC6C442F07F}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{564C3568-9EBD-4ACC-AB18-506CCC38EE2E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5DBDB1D3-AFB2-463C-9102-4A956BC6E87E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{63B1DFA1-F337-487B-8BA6-227BE6337E39}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe | 
"{665C7D37-2F24-444D-92A8-21967BF13587}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{66A692EB-7FDD-4465-8797-1EAB930D00F3}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{68129B06-A27E-4B47-8A90-058382D602F5}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{6D09952F-0B22-447F-ABBB-1CC360134385}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6DE9FDE1-5BA9-40C6-8DC1-7FAAF4D8085C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6E555262-445B-4AB9-B5E4-09DFAF397347}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{701CC6A0-CF86-4232-9E82-F9D95D89421E}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{7093B9A4-B53A-4E44-89A6-40A1C63E3C22}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe | 
"{7292D896-84D5-4B4C-8536-6676FFC0EDF8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{823D4A9D-3D0D-4EDB-816B-1A4E887A7C15}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{83E73BF1-C472-49A7-823B-FA5C6DFA7E31}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe | 
"{86483AF5-1D2F-47BA-97CE-BEA0D8E542D7}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{86F4F21A-D69A-414F-9DEA-27723744F8F7}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe | 
"{89A01D56-F827-406E-B880-A1514DC8EF2D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{95209E25-BE4B-483B-B07D-6EA532A48AA0}" = dir=in | app=c:\program files\cyberlink\powerdvd\powerdvd.exe | 
"{968A9CF7-51CC-4238-9632-D3A46A2AF6E4}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe | 
"{999EB7E7-CD41-425C-98B0-F78166E7D03D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe | 
"{9F176C54-6460-4DF5-8E2F-83A66EDAB529}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{A11392C1-7905-4BD7-AA11-277EE4FEA406}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe | 
"{A3E4CFA2-D328-468B-A65F-403E413BBA20}" = protocol=6 | dir=out | app=system | 
"{AF88CAC0-0E58-44E0-BB82-F357602EFF63}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{B66AF5EC-F941-43A8-B21C-E1881A839036}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{B7884E4A-077B-47CE-AA3D-6CBF8C4AE6BF}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{BB7AFFB2-6E6F-4C1D-A1D8-44385F3ABDF3}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version4\teamviewer.exe | 
"{BED0B186-69AC-4C13-A151-A7D7DC6E3A66}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{BF4DF860-64BE-4A28-9FDF-BA454CD6D958}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BFA4F7DA-FEF7-473B-ADA9-F45526CA9D54}" = protocol=17 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{BFB58E9E-0BF1-4EF7-8E23-E5BB70A0CE9C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{C637FD51-FEC0-4DB7-9C78-802769E5410E}" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{CB2BC1EC-15F7-41ED-8541-7C82CAE5C293}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 
"{D567FD36-09D5-48BD-BA77-E1B8BD8E1F73}" = protocol=6 | dir=in | app=c:\program files\icq7.2\aolload.exe | 
"{D663B076-63E0-4FF5-B202-618BF347B38B}" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | 
"{D8C45476-D473-4854-8715-CDD8422B1D61}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{D9A01E43-6F31-4DEF-9071-B65E034D1F80}" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"{DCAF7280-3F37-4899-8EC3-1DB2BD91F51E}" = dir=in | app=e:\setup\hpznui01.exe | 
"{E126EB9C-0C63-4520-9E87-2B5C16A2C0DE}" = protocol=6 | dir=in | app=c:\program files\fujitsu siemens computers\fsclounge\fscwbaseupdaterservice\2\fscwbaseupdaterservice.exe | 
"{E301B7AB-4F24-426A-8500-06AAFD546D3F}" = dir=in | app=c:\program files\itunes\itunes.exe | 
"{EC189B41-37B3-447E-8358-5182C2EC4F52}" = protocol=17 | dir=in | app=c:\program files\newsoft\presto! pagemanager 9.03\licensecheck.exe | 
"{EEC9413B-30A0-4598-BDCA-ADC0564BF506}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{EEDDF1EE-0692-4A6F-B9F9-C59DDFE72E51}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe | 
"{F68475FD-517C-4A0E-937D-D15926929B41}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 
"{FAD717C4-C0EF-49F7-A1C4-57DED5FF108A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{FD2E1598-5E7A-4C39-A1F9-838314E45324}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe | 
"{FD97368C-224C-4328-A5CE-350896FBEB4E}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe | 
"TCP Query User{0078DF36-5E33-494F-B6A5-E187FD3BC3D6}C:\program files\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"TCP Query User{373D57B0-AD0D-4ACE-B1E0-3F481F92EEC7}C:\program files\imesh applications\imesh\imesh.exe" = protocol=6 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | 
"TCP Query User{59985065-BA09-42CF-86A4-67850586A8B8}C:\program files\zattoo\zattood.exe" = protocol=6 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"TCP Query User{6003A808-4147-4B4D-A55F-6A4E4DCB2B15}C:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=c:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe | 
"TCP Query User{6874A580-098F-4A09-B8D5-600EBDF01B1B}C:\users\*****\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=6 | dir=in | app=c:\users\*****\appdata\local\temp\rarsfx0\bie_kms.exe | 
"TCP Query User{6F1DA92A-00EE-4EBE-8249-678AD1453E74}C:\users\*****\downloads\miranda se 2.0 (ansi)\miranda32.exe" = protocol=6 | dir=in | app=c:\users\*****\downloads\miranda se 2.0 (ansi)\miranda32.exe | 
"TCP Query User{78EECF4D-FD42-4495-8E78-97ED327AD4F2}C:\program files\digsby\lib\digsby-app.exe" = protocol=6 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | 
"TCP Query User{803A3F6E-9486-4335-A9CC-CB08ED75214B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{A09E5EE5-F596-4C9D-8FC6-4CFB2B6EAA81}C:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe" = protocol=6 | dir=in | app=c:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe | 
"TCP Query User{A4C7BACC-D70F-431E-96B9-D2647D1CCDD6}C:\program files\digsby\lib\digsby-app.exe" = protocol=6 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | 
"TCP Query User{C4A13F86-0048-4614-A19D-9A5F66E93F10}C:\users\*****\downloads\miranda se 2.0 (unicode)\miranda32.exe" = protocol=6 | dir=in | app=c:\users\*****\downloads\miranda se 2.0 (unicode)\miranda32.exe | 
"TCP Query User{E54075F6-8E7B-49CC-871A-A973A314EDFB}C:\program files\icq7.2\icq.exe" = protocol=6 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"TCP Query User{F89761FD-5FEE-4C0F-AADC-9DB255C31C1B}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"TCP Query User{F9654468-44B8-43B2-B5E8-5418A098454B}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{1012D890-EE0D-4AC1-83FA-2DB3781D87E2}C:\program files\zattoo\zattood.exe" = protocol=17 | dir=in | app=c:\program files\zattoo\zattood.exe | 
"UDP Query User{13EA4EFB-BA43-4D23-966A-A73A463E9FB7}C:\program files\digsby\lib\digsby-app.exe" = protocol=17 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | 
"UDP Query User{27468F03-FC02-4C36-A5CD-C2E98C8BBD17}C:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=c:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe | 
"UDP Query User{44C56B12-003C-4DC2-8152-D45DD9FE606E}C:\program files\digsby\lib\digsby-app.exe" = protocol=17 | dir=in | app=c:\program files\digsby\lib\digsby-app.exe | 
"UDP Query User{4ED986F8-0823-412D-B6BD-1ACB939AC126}C:\users\*****\appdata\local\temp\rarsfx0\bie_kms.exe" = protocol=17 | dir=in | app=c:\users\*****\appdata\local\temp\rarsfx0\bie_kms.exe | 
"UDP Query User{762DD083-5E71-4D4F-9C14-4FFAF4D50DB2}C:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe" = protocol=17 | dir=in | app=c:\program files\eds\unigraphics nx 2.0\ugii\ugraf.exe | 
"UDP Query User{7A9C8F02-79E9-4F41-90DE-B16C4B51C388}C:\users\*****\downloads\miranda se 2.0 (ansi)\miranda32.exe" = protocol=17 | dir=in | app=c:\users\\downloads\miranda se 2.0 (ansi)\miranda32.exe | 
"UDP Query User{7B28F13A-E37B-409F-B4B1-F6C6A411D9DA}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{89FDA54D-DC28-4977-A50B-6532FCD03CD7}C:\users\rieke\downloads\miranda se 2.0 (unicode)\miranda32.exe" = protocol=17 | dir=in | app=c:\users\*****\downloads\miranda se 2.0 (unicode)\miranda32.exe | 
"UDP Query User{A7285D1E-A7CB-495C-8AF8-ED5CD32ADA0E}C:\program files\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files\miranda im\miranda32.exe | 
"UDP Query User{C2713050-9AD3-4B59-B3D4-68C595DA47CB}C:\program files\icq7.2\icq.exe" = protocol=17 | dir=in | app=c:\program files\icq7.2\icq.exe | 
"UDP Query User{C572EA89-239A-44EF-BC57-54041746A1BA}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
"UDP Query User{E326D53D-6919-4E55-893E-FAED0929B6AC}C:\program files\imesh applications\imesh\imesh.exe" = protocol=17 | dir=in | app=c:\program files\imesh applications\imesh\imesh.exe | 
"UDP Query User{F9AE9C97-F8A9-4AC7-B570-21DAF3700E14}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0249C610-D6B3-4045-8941-524C07EA6B0D}" = 3Dconnexion Plug-In for Maya 6
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{02969390-DE3B-4A34-846D-C627FE2929AF}" = 3Dconnexion Plug-In for Maya 8.5
"{04AF7536-446D-4F5A-8920-B4E885E4581B}" = Presto! PageManager 9.03 SE
"{04B45310-A5FE-4425-BFCA-1A6D8920DE74}" = OpenOffice.org 3.0
"{065DBB54-6E55-A609-2E1E-F0617E827D53}" = Media Go Video Playback Engine 1.96.112.08260
"{068A74F6-E0C7-4500-96F3-8AEA41D81C7F}" = 3Dconnexion Plug-In for 3ds max 6 - 8
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{12BAA98C-F8DD-4BC9-BBE6-1C8463114197}" = BlackBerry Device Software Updater
"{13702021-43FB-480C-912F-D9B74A538288}" = OpenProj
"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR
"{154446DA-45DB-49F2-A284-D2C8AE997193}" = 3Dconnexion Plug-In for Photoshop CS3
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{161B0795-090D-4462-A5DC-FED13B8A05FC}" = DruckShop Weihnachten 35
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1973D19D-9B30-467C-A489-0690AD41AEF6}" = 3Dconnexion Plug-In for Pro/ENGINEER WF5
"{19DC9559-9C20-4A46-A67D-7ECBA52A2788}" = Nokia PC Suite
"{1A986F4A-5DBA-4A6F-8CE3-973066C2587C}" = 3Dconnexion Plug-in for QuickTime VR
"{1BD40171-1C20-480D-80EC-95DF47B341F9}" = Unigraphics NX 2.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{206DF524-85DE-4ECC-8E6B-4D6FFF769291}" = 3Dconnexion Add-On for XSI
"{22584D4F-56A5-4E97-8AE0-11726BEC1B0A}" = 3Dconnexion Add-In for SolidWorks
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2614F54E-A828-49FA-93BA-45A3F756BFAA}" = 32 Bit HP CIO Components Installer
"{27197499-7680-4208-8FD8-5439CDB0FDC1}" = HPProductAssistant
"{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}" = DriverBoost
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2F926AE7-9FB7-4B34-906F-9C29A6D146A7}" = SystemDiagnostics
"{2FFE93F0-BB72-4E52-8761-354D1AAA9387}" = Sony Ericsson PC Suite
"{3248F0A8-6813-11D6-A77B-00B0D0150030}" = J2SE Runtime Environment 5.0 Update 3
"{34B7AD92-DEB7-4FE6-8FBE-709C19A782D3}" = 3Dconnexion Plug-In for Maya 2010
"{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{43C0C354-A185-4D2D-A057-67C9160460E1}" = PS_AIO_04_C4580_Software_Min
"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support
"{460278A5-DF5B-4224-881A-7AF02014A9F3}" = 3Dconnexion Add-In for Solid Edge
"{4A3D0CF8-60FF-4CEF-91A4-A1F001424602}" = DocProc
"{4B085F27-F362-4E3C-88A7-55F8CC431876}" = 3Dconnexion 3DxWare
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50DD347D-AE3C-78A6-168D-E836D5333BED}" = Prezi Desktop
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{54750B8E-EB7B-48C9-AE89-49362114D8F0}" = 3Dconnexion Plug-In for Pro/ENGINEER WF2
"{5680F630-3D88-4EE6-9CFA-F19AD53A3D39}" = 3Dconnexion Plug-In for NX 7.0
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{593A6CAF-E114-4e31-884F-74FF349E8E36}" = SolutionCenter
"{5B3A0C24-FA5B-42C1-924C-F57133E9A18D}" = 3Dconnexion Plug-In for NX 6.0
"{5DDB3393-E08B-447E-925F-6C00B95D0FE7}" = iCloud
"{6117122E-780E-432B-8355-1EBCB5794500}" = 3Dconnexion Add-In for AutoCAD 2007
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = CyberLink PowerDVD
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6E0352EE-6F0D-4FBC-B1B8-4FF032C78BE0}" = PC Connectivity Solution
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70E1E357-E57C-4284-B04E-58196DC27BC1}" = PanoStandAlone
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71310D9B-7555-44FE-914C-A1B55CB7BC5D}" = Scrapbook
"{7208B623-1BF7-44E9-A86A-6BB99D558386}" = 3Dconnexion Plug-In for 3ds Max 9
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{73289228-1853-4623-982A-EB17FF0270CA}" = OSD_1.12
"{7446D38D-DF79-4CFD-ADB8-A935610677CE}" = 3Dconnexion Plug-In for Photoshop CS4
"{7641710F-A4AD-4EAE-889C-4958BE3F169C}" = C4580
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{791CAF6C-90A3-11D4-8306-00D0B72E1DB9}" = sentinelsystemdriver
"{7A6C3344-5CF9-4B83-959C-6576C5B27D09}" = Media Go
"{834CE00E-77CA-40C4-8642-E11012E20C8E}" = 3Dconnexion Add-In for Inventor
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{854C47D1-C2A0-4492-8655-C3F8D49C1031}" = Nero 8 Essentials
"{85F270C5-83C2-4A96-B22F-4B56A73FEC8A}" = 3Dconnexion Plug-In for Maya 6.5
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{928E049C-73F7-40D5-8A49-9D093FA403C6}" = 3Dconnexion Plug-In for NX 4.0
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{957FA351-47EC-4DCB-9CD0-94C95018A602}" = 3Dconnexion Plug-In for 3ds Max 2010
"{9684DB86-DF2C-4F9C-B08E-528D3708A9AB}" = Unigraphics NX FLEXlm
"{987109D9-6F63-4966-AAD4-6F9CEDB7A1A4}" = 3Dconnexion Plug-In for 3ds Max 2009
"{98EA51C9-B0B0-45BC-8641-3E119EA47D7B}" = Sony Ericsson Media Manager 1.2
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A3BC157-B94F-4EFD-ABA9-1E56DEB00655}" = FSCLounge
"{9B4DCDC9-DCD7-4FF7-A084-9A5B316C6981}" = 3Dconnexion Plug-In for Pro/ENGINEER WF3
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{9FADEA0D-C3FA-41D4-914B-1F0F92E56170}" = 3Dconnexion Plug-In for Pro/ENGINEER WF4
"{A06EA9B0-368C-4967-A7E6-8DBC0EACD1F6}" = 3Dconnexion Extension for SketchUp
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A6A195F5-BCAB-4F38-8459-DF693303CD8D}" = PS_AIO_04_C4580_ProductContext
"{A8517496-CC0A-4539-A8D1-71A14A3FDF87}_is1" = VORIS 2010 (Netzwerk-Server)
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AA6FA364-88F3-42F6-AFA6-46B97B9B6C18}" = 3Dconnexion Plug-In for Maya 2008
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{ADC9C942-0D52-4948-B4EB-A97CF194F0AB}" = 3Dconnexion Add-In for AutoCAD 2008
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes
"{B0D83FCD-9D42-43ED-8315-250326AADA02}" = ArcSoft Print Creations - Scrapbook
"{B347BE9B-E68E-43AA-A0F0-69ED5DE920E6}" = 3Dconnexion Plug-In for NX 5.0
"{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}" = PlayStation(R)Network Downloader
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B9B10906-5CB3-4F9D-A810-E4EA1F45DD75}" = 3Dconnexion Add-In for AutoCAD 2010
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware
"{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}" = HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{C1ECB98D-1D38-4DBC-976C-457E6BE6EA2B}" = 3Dconnexion Plug-in for Acrobat 3D
"{C346B94B-2EB2-4EC7-BE3D-152189B5AF0F}" = 3Dconnexion Plug-In for NX 3.0
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C50EF365-2898-489A-B6C7-30DAA466E9A2}" = Nokia Connectivity Cable Driver
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CA745293-13BD-4EC3-A62B-FFB44D9EB543}" = 3Dconnexion Plug-In for 3ds Max 2008
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CDE3D80D-0028-42E1-825B-1EC2168D7CC7}" = 3Dconnexion Plug-In for Maya 8
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D23E2520-0EAA-4AC3-A47E-A551C70D4FED}" = C4580_Help
"{D4278897-1541-493E-9D39-59CC6AB0FC09}" = PS_AIO_04_C4580_Software
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{DB01E04D-EFD8-43EB-A2A8-AE7092570F87}" = 3Dconnexion Add-On for XSI v3.5-7.0
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E370ED57-9B64-427B-8EC3-E8D84709C3C9}" = 3Dconnexion Add-In for AutoCAD 2009
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC50B3EE-C389-4E12-898E-68F7A6673794}" = 3Dconnexion Plug-In for Maya 2009
"{EC5F4C1B-F838-4CB7-8561-8F809296428B}" = TomTom HOME
"{ED00D08A-3C5F-488D-93A0-A04F21F23956}" = Windows Live Communications Platform
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F1ADFCF5-6724-4114-8B90-47B9A96D56AF}" = 3Dconnexion Plug-In for Maya 7
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F58B763E-9FB9-4629-AF3C-CC9744BC4BA7}" = Fujitsu Siemens Computers Recovery
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F95F178B-56AD-4FAB-87F8-FA81E66C7D68}" = Network
"{F996076C-BED5-45D6-9C10-39BC7B005F77}" = 3Dconnexion Plug-In for Photoshop CS2
"{FD011F34-749C-47E0-BA48-6009412C4789}" = ArcSoft Print Creations
"05B59228C7E1C21DFBE89260F879BD95880548D8" = Windows-Treiberpaket - Nokia Modem  (10/05/2009 4.2)
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd  (08/22/2008 7.0.0.0)
"8CDCFB95BB84DD9C0F88F22266A0CA86035E55BA" = Windows-Treiberpaket - Nokia Modem  (06/01/2009 7.01.0.4)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Photoshop Elements 2.0" = Adobe Photoshop Elements 2.0
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"Ashampoo Magical Snap 2_is1" = Ashampoo Magical Snap 2.50
"Avira AntiVir Desktop" = Avira Free Antivirus
"Big Fish Games Center" = Big Fish Games Center (remove only)
"Big Fish Games Sudoku" = Big Fish Games Sudoku (remove only)
"Caligari trueSpace7.6_is1" = Uninstall trueSpace7.6
"com.prezi.PreziDesktop" = Prezi Desktop
"ElsterFormular 13.0.0.8086p" = ElsterFormular
"EPSON BX535WD Series" = EPSON BX535WD Series Printer Uninstall
"EPSON Scanner" = EPSON Scan
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"Google Desktop" = Google Desktop
"HijackThis" = HijackThis 2.0.2
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 11.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"HPOCR" = OCR Software by I.R.I.S. 11.0
"ICQToolbar" = ICQ Toolbar
"InstallShield_{1BD40171-1C20-480D-80EC-95DF47B341F9}" = Unigraphics NX 2.0
"Luxor Amun Rising" = Luxor Amun Rising (remove only)
"Mahjong Towers Eternity EU" = Mahjong Towers Eternity EU (remove only)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Mystery Case Files - Prime Suspects" = Mystery Case Files - Prime Suspects (remove only)
"Nokia PC Suite" = Nokia PC Suite
"NVIDIA Drivers" = NVIDIA Drivers
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Picasa 3" = Picasa 3
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"TeamViewer 8" = TeamViewer 8
"TorisWin32" = TorisWin32
"TXL Wizard_is1" = TXL Wizard
"Uninstall_is1" = Uninstall 1.0.0.1
"Videoload Manager" = Videoload Manager 2.0.2200
"VirtualCloneDrive" = VirtualCloneDrive
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"yowindow" = YoWindow
"Zattoo" = Zattoo 3.3.4 Beta
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-31335479-3379540539-2503252673-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Move Media Player" = Move Media Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.03.2011 13:25:21 | Computer Name = *****-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 16.03.2011 13:47:37 | Computer Name = *****-Notebook | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
 PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.03.2011 13:48:21 | Computer Name = *****-Notebook | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\sony
 ericsson\sony ericsson pc suite\Drivers\DPInst64.exe".  Die abhängige Assemblierung
 "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 16.03.2011 13:50:02 | Computer Name = *****-Notebook | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Program Files\Nokia\Nokia
 PC Suite 7\TIS_Windows7PIM.dll".  Die abhängige Assemblierung "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0""
 konnte nicht gefunden werden.  Verwenden Sie für eine detaillierte Diagnose das Programm
 "sxstrace.exe".
 
Error - 20.03.2011 08:44:28 | Computer Name = Rieke-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 20.03.2011 08:44:28 | Computer Name = *****-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 20.03.2011 08:45:45 | Computer Name = *****-Notebook | Source = WinMgmt | ID = 10
Description = 
 
Error - 20.03.2011 08:47:43 | Computer Name = *****-Notebook | Source = VSS | ID = 8194
Description = 
 
Error - 20.03.2011 08:47:47 | Computer Name = *****-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
Error - 20.03.2011 08:47:47 | Computer Name = *****-Notebook | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
 Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
 Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
 gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
 
[ System Events ]
Error - 11.04.2013 17:31:10 | Computer Name = *****-Notebook | Source = DCOM | ID = 10016
Description = 
 
Error - 11.04.2013 17:31:35 | Computer Name = *****-Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
 
Error - 11.04.2013 17:31:38 | Computer Name = *****-Notebook | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 11.04.2013 17:31:38 | Computer Name = *****-Notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.178.128 deaktiviert,
 da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
Error - 12.04.2013 12:48:56 | Computer Name = *****-Notebook | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Nero BackItUp Scheduler 3 erreicht.
 
Error - 12.04.2013 12:48:56 | Computer Name = *****-Notebook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Nero BackItUp Scheduler 3" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 12.04.2013 12:49:26 | Computer Name = *****-Notebook | Source = DCOM | ID = 10016
Description = 
 
Error - 12.04.2013 12:50:58 | Computer Name = *****-Notebook | Source = Service Control Manager | ID = 7022
Description = Der Dienst "HP CUE DeviceDiscovery Service" wurde nicht richtig gestartet.
 
Error - 12.04.2013 12:51:00 | Computer Name = *****-Notebook | Source = ipnathlp | ID = 34001
Description = ICS_IPV6 konnte den IPv6-Stapel nicht konfigurieren.
 
Error - 12.04.2013 12:51:00 | Computer Name = *****-Notebook | Source = ipnathlp | ID = 30013
Description = Die DHCP-Zuweisung wurde für IP-Adresse 192.168.178.128 deaktiviert,
 da die IP-Adresse außerhalb des Bereichs 192.168.0.0/255.255.255.0 liegt, von der
 die Adressen DHCP-Clients zu gewiesen werden. Ändern Sie den Bereich, sodass die
 IP-Adresse mit einbezogen wird, oder ändern Sie die IP-Adresse, sodass sie innerhalb
 dieses Bereichs liegt, um die DHCP-Zuweisung zu aktivieren.
 
 
< End of report >
         

--- --- ---


OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 12.04.2013 18:57:51 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\*****\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
2,99 Gb Total Physical Memory | 1,57 Gb Available Physical Memory | 52,46% Memory free
5,99 Gb Paging File | 4,34 Gb Available in Paging File | 72,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 94,16 Gb Total Space | 11,96 Gb Free Space | 12,70% Space Free | Partition Type: NTFS
Drive D: | 195,14 Gb Total Space | 42,82 Gb Free Space | 21,94% Space Free | Partition Type: NTFS
 
Computer Name: *****-NOTEBOOK | User Name: ***** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\*****\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Programme\Internet Explorer\iexplore.exe (Microsoft Corporation)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
PRC - C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
PRC - C:\Programme\Google\Google Toolbar\GoogleToolbarUser_32.exe (Google Inc.)
PRC - C:\Programme\Sony\Sony PC Companion\PCCompanion.exe (Sony)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe ()
PRC - C:\Programme\YoWindow\yowindow.exe (Repkasoft)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Programme\NewSoft\Presto! PageManager 9.03\Pmsb.exe (NewSoft Technology Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtProc.exe (NewSoft Technology Corporation)
PRC - C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
PRC - C:\Programme\NewSoft\Presto! PageManager 9.03\PMSpeed.exe (NewSoft Technology Corporation)
PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - D:\Unigraphics\UGNXFLEXlm\lmgrd.exe (Macrovision Corporation)
PRC - C:\Programme\Ashampoo\Ashampoo Magical Snap 2\ashsnap.exe (ashampoo GmbH & Co. KG)
PRC - C:\Programme\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclUSBSrv.exe (Nokia)
PRC - C:\Programme\PC Connectivity Solution\Transports\NclRSSrv.exe (Nokia)
PRC - C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
PRC - C:\Windows\System32\LocationNotifications.exe (Microsoft Corporation)
PRC - C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)
PRC - C:\Programme\OEM\OSD_1.12\osd.exe (ODM)
PRC - C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
PRC - C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
PRC - C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
PRC - C:\Programme\OEM\OSD_1.12\OsdService.exe (TODO: <公司名稱>)
PRC - D:\Unigraphics\UGNXFLEXlm\uglmd.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Sony\Sony PC Companion\MExplorer.dll ()
MOD - C:\Programme\Sony\Sony PC Companion\PCCompanionInfo.exe ()
MOD - C:\Programme\Sony\Sony PC Companion\TMonitorAPI.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Programme\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Programme\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\ScanModule.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMScnSet.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMDB_N.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMCommon.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMISM.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\CategoryManager.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMTree.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMView.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMSave.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMSet.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMPageVW.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMImgVW.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMINSO.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMPDFView.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMOffice.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMProp.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PerformOcr.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMStatus.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMDocVW.dll ()
MOD - C:\Programme\Sony\Sony PC Companion\VObject.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMAppBar.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\NetFun2K.dll ()
MOD - C:\Programme\Ashampoo\Ashampoo Magical Snap 2\ash_lang.dll ()
MOD - C:\Programme\Ashampoo\Ashampoo Magical Snap 2\MouseHook.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMANO.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\FT.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMApSet.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\nsSign.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMIEVW.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\QtCore4.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\QtSvg4.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\QtGUI4.dll ()
MOD - C:\Programme\Nokia\Nokia PC Suite 7\QtXml4.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\doccate.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\PMVoice.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\Qem.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\Import.dll ()
MOD - C:\Programme\NewSoft\Presto! PageManager 9.03\ComClass.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (EPSON_PM_RPCV4_05) -- C:\Programme\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE (SEIKO EPSON CORPORATION)
SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (TomTomHOMEService) -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe (TomTom)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (ICQ Service) -- C:\Programme\ICQ6Toolbar\ICQ Service.exe ()
SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (Unigraphics License Server (uglmd) -- D:\Unigraphics\UGNXFLEXlm\lmgrd.exe (Macrovision Corporation)
SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (TestHandler) -- C:\Programme\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe (Fujitsu Siemens Computers)
SRV - (OsdService) -- C:\Programme\OEM\OSD_1.12\OsdService.exe (TODO: <公司名稱>)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - ({95808DC4-FA4A-4C74-92FE-5B863F82066B}) -- C:\Programme\CyberLink\PowerDVD\000.fcl (CyberLink Corp.)
DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
DRV - (WSDPrintDevice) -- C:\Windows\System32\drivers\WSDPrint.sys (Microsoft Corporation)
DRV - (WSDScan) -- C:\Windows\System32\drivers\WSDScan.sys (Microsoft Corporation)
DRV - (netw5v32) -- C:\Windows\System32\drivers\netw5v32.sys (Intel Corporation)
DRV - (s1018mdm) -- C:\Windows\System32\drivers\s1018mdm.sys (MCCI Corporation)
DRV - (s1018unic) -- C:\Windows\System32\drivers\s1018unic.sys (MCCI Corporation)
DRV - (s1018mgmt) -- C:\Windows\System32\drivers\s1018mgmt.sys (MCCI Corporation)
DRV - (s1018obex) -- C:\Windows\System32\drivers\s1018obex.sys (MCCI Corporation)
DRV - (s1018bus) -- C:\Windows\System32\drivers\s1018bus.sys (MCCI Corporation)
DRV - (s1018nd5) -- C:\Windows\System32\drivers\s1018nd5.sys (MCCI Corporation)
DRV - (s1018mdfl) -- C:\Windows\System32\drivers\s1018mdfl.sys (MCCI Corporation)
DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia)
DRV - (JRAID) -- C:\Windows\System32\drivers\jraid.sys (JMicron Technology Corp.)
DRV - (GpdKbFilter) -- C:\Windows\System32\kbfiltr.sys (Windows (R) Codename Longhorn DDK provider)
DRV - (seehcri) -- C:\Windows\System32\drivers\seehcri.sys (Sony Ericsson Mobile Communications)
DRV - (RTL8169) -- C:\Windows\System32\drivers\Rtlh86.sys (Realtek Corporation                                            )
DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (AMD Technologies Inc.)
DRV - (GpdDevDPort) -- C:\Windows\System32\directport.sys ()
DRV - (Sentinel) -- C:\Windows\System32\drivers\sentinel.sys (Rainbow Technologies, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJC
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\.DEFAULT\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=FUJD&bmod=FUJD
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-18\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7FUJE
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.icq.com/
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\URLSearchHook:  - No CLSID value found
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\URLSearchHook: {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Programme\ICQ6Toolbar\ICQToolBar.dll (ICQ)
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}: "URL" = hxxp://127.0.0.1:4664/search&s=9PkZhAxfBCGpSzFgoQnUw4rxvGg?q={searchTerms}
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\SearchScopes\{8D1A00BD-99FB-4CE2-A50F-3903BEE979DD}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=IMH&o=2418&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^A2Z&apn_dtid=^YYYYYY^YY^DE&apn_uid=bc73bac8-a898-4bea-81a3-4ecefd229839&apn_sauid=D5FD2781-C068-4E93-8562-33028F064CB4&atb=sysid%3D1%3Aappid%3D205%3Auc76813591
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "ICQ Search"
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/ig|about:blank"
FF - prefs.js..extensions.enabledAddons: DivXWebPlayer%40divx.com:2.0.2.039
FF - prefs.js..extensions.enabledAddons: %7B5C46D283-ABDE-4dce-B83C-08881401921C%7D:2.1.7.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.7
FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..extensions.enabledItems: {E2883E8F-472F-4fb0-9522-AC9BF37916A7}:1
FF - prefs.js..extensions.enabledItems: 6
FF - prefs.js..extensions.enabledItems: 2
FF - prefs.js..extensions.enabledItems: 48
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.13.1.100007
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.60
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.2.4
FF - prefs.js..keyword.URL: "chrome://browser-region/locale/region.properties"
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@fluxdvd.com/NPWMDRMWrapper: C:\Program Files\Videoload Manager\NPWMDRMWrapper.dll ( )
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@playstation.com/PsndlCheck,version=1.00: C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF - HKLM\Software\MozillaPlugins\@protectdisc.com/NPMPDRM: C:\Program Files\Common Files\mpDRM\NPMPDRM.dll ( )
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\*****\AppData\Roaming\Move Networks\plugins\071803000001\npqmp071803000001.dll (Move Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.01 20:18:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.11 23:03:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.11 23:03:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.01 20:18:37 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.04.11 23:03:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.04.11 23:03:11 | 000,000,000 | ---D | M]
 
[2009.11.19 10:20:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions
[2008.12.25 15:09:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2013.04.11 22:17:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s7bbqu14.default\extensions
[2013.02.24 14:50:42 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s7bbqu14.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009.11.19 10:20:38 | 000,000,000 | ---D | M] (Adobe DLM (powered by getPlus(R))) -- C:\Users\*****\AppData\Roaming\mozilla\Firefox\Profiles\s7bbqu14.default\extensions\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}
[2013.03.05 20:33:41 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\adblockpopups@jessehakanen.net.xpi
[2012.07.15 20:38:11 | 000,550,833 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\DivXWebPlayer@divx.com.xpi
[2012.07.13 22:19:30 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\elemhidehelper@adblockplus.org.xpi
[2013.04.11 22:17:36 | 000,334,383 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\personas@christopher.beard.xpi
[2012.02.09 02:36:51 | 000,020,591 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
[2011.11.07 22:06:11 | 000,372,140 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\{5C46D283-ABDE-4dce-B83C-08881401921C}.xpi
[2013.02.14 21:17:36 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2011.11.07 21:04:55 | 000,002,443 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\searchplugins\askcom.xml
[2013.04.11 22:21:38 | 000,001,056 | ---- | M] () -- C:\Users\*****\AppData\Roaming\mozilla\firefox\profiles\s7bbqu14.default\searchplugins\icqplugin.xml
[2013.04.11 23:03:10 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2013.04.11 23:03:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.11 23:03:15 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011.11.05 05:38:54 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.10.07 13:33:31 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011.11.05 05:38:54 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2011.11.05 05:38:54 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.11.05 05:38:54 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2011.11.05 05:38:54 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2006.09.18 23:41:30 | 000,000,736 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: ::1             localhost
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - !{855F3B16-6D32-4FE6-8A56-BBB695989046} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BDRegion] C:\Programme\CyberLink\Shared Files\brs.exe (cyberlink)
O4 - HKLM..\Run: [FSCRecovery] c:\Programme\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe (Fujitsu Siemens Computers GmbH)
O4 - HKLM..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe ( )
O4 - HKLM..\Run: [LanguageShortcut] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe ()
O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD File not found
O4 - HKLM..\Run: [NvCplDaemon] C:\Windows\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [PMSpeed] C:\Programme\NewSoft\Presto! PageManager 9.03\PMSpeed.exe (NewSoft Technology Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [WrtMon.exe] C:\Windows\System32\spool\drivers\w32x86\3\WrtMon.exe (NewSoft Technology Corporation)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [AquaSoft DesktopKalender] "C:\PROGRA~1\AquaSoft\PHOTOK~1\DESKTO~1.EXE" "-pC:\Users\*****\AppData\Roaming\AquaSoft\PHOTOK~1\DESKTO~1\PHOTOK~1.ADS" "-tC:\Users\*****\AppData\Roaming\AquaSoft\PHOTOK~1\DESKTO~1\Mittig.pwt" File not found
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [AshSnap] C:\Programme\Ashampoo\Ashampoo Magical Snap 2\ashsnap.exe (ashampoo GmbH & Co. KG)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [EPLTarget\P0000000000000000] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [EPLTarget\P0000000000000001] C:\Windows\System32\spool\DRIVERS\W32X86\3\E_TATIHTU.EXE (SEIKO EPSON CORPORATION)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [PC Suite Tray] C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe (Nokia)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [Picasa Media Detector] C:\Programme\Picasa2\PicasaMediaDetector.exe (Google Inc.)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [Scan Buttons] C:\Programme\NewSoft\Presto! PageManager 9.03\Pmsb.exe (NewSoft Technology Corporation)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [Sony PC Companion] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe (Sony)
O4 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000..\Run: [TomTomHOME.exe] C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LockWorkStation.vbs ()
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OSD.lnk = C:\Users\*****\AppData\Roaming\Microsoft\Installer\{73289228-1853-4623-982A-EB17FF0270CA}\_4D3FC276DECE661B01DFEC.exe ()
O4 - Startup: C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\YoWindow.lnk = C:\Programme\YoWindow\yowindow.exe (Repkasoft)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\*****\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm ()
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_03\bin\NPJPI150_03.dll (Sun Microsystems, Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Programme\ICQ7.2\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..Trusted Domains: localhost ([]http in Local intranet)
O15 - HKU\S-1-5-21-31335479-3379540539-2503252673-1000\..Trusted Ranges: GD ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_03-windows-i586.cab (Java Plug-in 1.5.0_03)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} hxxp://lokalisten.de/iup/ImageUploader4.cab (Image Uploader Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{164C6585-FAE0-4313-BBF0-B1704721EA6A}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\fluxhttp {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\fluxhttp\0x00000007 {8E2D00A0-82C6-4821-90BC-07F290841BB6} - C:\Programme\Common Files\fluxDVD\Lib\XEB\xebnavigation.ax ()
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GO36F4~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O24 - Desktop WallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\*****\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.03.04 21:58:13 | 000,000,061 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.12 18:48:30 | 000,000,000 | ---D | C] -- C:\Users\*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD
[2013.04.11 23:08:44 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2013.04.11 23:08:43 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2013.04.11 23:08:42 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2013.04.11 23:08:42 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2013.04.11 23:08:42 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2013.04.11 23:08:41 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2013.04.11 23:08:41 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2013.04.11 23:08:40 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2013.04.11 23:03:09 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.04.11 17:26:43 | 002,347,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2013.04.11 17:25:04 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.04.11 17:25:04 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.04.11 17:25:03 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[2013.04.11 17:24:52 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\aaclient.dll
[2013.04.11 17:24:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tsgqec.dll
[2013.04.03 22:17:41 | 000,008,192 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2013.04.03 22:17:40 | 000,095,232 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TLBHTU.DLL
[2013.04.03 22:17:40 | 000,081,408 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TD4BHTU.DLL
[2013.03.27 22:45:34 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\fabian
[2013.03.20 22:54:14 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
[2013.03.20 22:39:02 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usb8023.sys
[2013.03.14 00:57:50 | 000,000,000 | ---D | C] -- C:\Users\*****\Desktop\Turnier Friedrichskoog 2013
[2012.12.29 18:59:54 | 000,148,736 | ---- | C] (Avanquest Software) -- C:\ProgramData\hpe2F49.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.12 18:58:05 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 18:58:05 | 000,009,504 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.12 18:53:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.12 18:48:36 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.12 18:48:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.12 18:48:10 | 2411,708,416 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.11 23:38:20 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2013.04.11 23:38:20 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2013.04.11 23:36:20 | 000,656,500 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2013.04.11 23:36:20 | 000,618,342 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013.04.11 23:36:20 | 000,131,094 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2013.04.11 23:36:20 | 000,107,476 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013.04.11 23:29:52 | 000,439,976 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013.04.11 23:13:36 | 000,001,995 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.04.11 22:29:03 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.03 21:51:58 | 000,008,192 | ---- | M] (SEIKO EPSON CORP.) -- C:\Windows\System32\E_DCINST.DLL
[2013.04.03 21:51:56 | 000,095,232 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TLBHTU.DLL
[2013.04.03 21:51:56 | 000,081,408 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Windows\System32\E_TD4BHTU.DLL
[2013.03.29 20:22:42 | 000,135,136 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avipbb.sys
[2013.03.29 20:22:42 | 000,084,744 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avgntflt.sys
[2013.03.29 20:22:42 | 000,037,352 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\System32\drivers\avkmgr.sys
[2013.03.28 20:46:46 | 000,029,428 | ---- | M] () -- C:\Users\*****\Desktop\Willkommen bei rentalcars.pdf
[2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe
[2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe
[2013.03.19 06:48:45 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\csrsrv.dll
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.11 23:13:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2013.04.11 23:13:36 | 000,001,995 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.03.28 20:46:45 | 000,029,428 | ---- | C] () -- C:\Users\*****\Desktop\Willkommen bei rentalcars.pdf
[2011.12.22 00:02:46 | 000,000,000 | ---- | C] () -- C:\Users\*****\AppData\Local\{020F3E5B-9DB3-4B46-A428-32D69EF2F716}
[2011.06.10 06:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.04.04 18:09:29 | 000,013,312 | ---- | C] () -- C:\Users\*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.01.16 23:53:21 | 000,007,606 | ---- | C] () -- C:\Users\*****\AppData\Local\Resmon.ResmonCfg
[2009.11.19 13:13:43 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009.03.01 18:26:40 | 000,031,007 | ---- | C] () -- C:\Users\*****\AppData\Roaming\UserTile.png
[2008.12.21 01:35:41 | 000,000,722 | ---- | C] () -- C:\Users\*****\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

< End of report >
         

--- --- ---

[/CODE]

Rootkitscan mit GMER

Bitte lade dir GMER herunter: (Dateiname zufällig)

• Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
• Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:

  WARNING !!!
  GMER has found system modification, which might have been caused by ROOTKIT activity.
  Do you want to fully scan your system ?
  

  Unbedingt auf "No" klicken.
• Entferne rechts den Haken bei: IAT/EAT und Show All
• Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
• Starte den Scan mit "Scan".
• Mache nichts am Computer während der Scan läuft.
• Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

• Probiere alternativ den abgesicherten Modus.
• Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
• Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Hallo,

ich bin jetzt bis zum Ausführen der MBAR.EXE gekommen, noch vor dem Update bekomme ich folgende Fehlermeldung:

Registry value "AppInit_Dlls" has been found, which may be caused by rootkit activity.

Note:Press "No" button if you're not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool and press "Yes" should this message appear again.
Do you want to remove this value and restart the tool?


Was soll ich tun?

Bitte auf nein klicken und dann normal weitermachen

Danke,

dann kommt nun mein Log-File:

Code: Alles auswählenAufklappen

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org

Database version: v2013.04.15.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
***** :: *****-NOTEBOOK [administrator]

15.04.2013 22:19:10
mbar-log-2013-04-15 (22-19-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 31156
Time elapsed: 19 minute(s), 36 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Das wars???

Ok, was ist mit gmer?

Code: Alles auswählenAufklappen

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-15 21:18:11
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-22ZCT0 rev.11.01A11 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\*****\AppData\Local\Temp\fxrdyaog.sys


---- Kernel code sections - GMER 2.1 ----

.text  ntkrnlpa.exe!ZwRollbackEnlistment + 140D  83280A09 1 Byte  [06]
.text  ntkrnlpa.exe!KiDispatchInterrupt + 5A2    832BA1F2 19 Bytes  [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}

---- EOF - GMER 2.1 ----
         

aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

• Starte die aswMBR.exe - (aswMBR.exe Anleitung)
  Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
  Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS-Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop

• Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
• Drücke Start Scan
  
• Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
  TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
  Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Hallo,

da das Programm aswBMR abgestürzt ist, starte ich jetzt einen neuen Versuch mit der Variante none.

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-17 22:49:33
-----------------------------
22:49:33.515    OS Version: Windows 6.1.7601 Service Pack 1
22:49:33.515    Number of processors: 2 586 0x1706
22:49:33.516    ComputerName: *****-NOTEBOOK  UserName: *****
22:49:34.026    Initialize success
22:49:42.943    AVAST engine defs: 13041701
22:49:47.971    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
22:49:47.973    Disk 0 Vendor: WDC_WD3200BEVT-22ZCT0 11.01A11 Size: 305245MB BusType: 11
22:49:48.151    Disk 0 MBR read successfully
22:49:48.153    Disk 0 MBR scan
22:49:48.159    Disk 0 Windows 7 default MBR code
22:49:48.167    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS         9000 MB offset 2048
22:49:48.184    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS        96419 MB offset 18434048
22:49:48.203    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       199824 MB offset 215900160
22:49:48.211    Disk 0 scanning sectors +625140400
22:49:48.289    Disk 0 scanning C:\Windows\system32\drivers
22:50:02.434    Service scanning
22:50:30.485    Modules scanning
22:50:42.838    Disk 0 trace - called modules:
22:50:43.175    
22:50:43.180    Scan finished successfully
22:59:39.449    Disk 0 MBR has been saved successfully to "C:\Users\*****\Desktop\MBR.dat"
22:59:39.456    The log file has been saved successfully to "C:\Users\*****\Desktop\aswMBR.txt"
         

Code: Alles auswählenAufklappen

ATTFilter

19:54:35.0862 2744  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:54:36.0376 2744  ============================================================
19:54:36.0376 2744  Current date / time: 2013/04/18 19:54:36.0376
19:54:36.0376 2744  SystemInfo:
19:54:36.0376 2744  
19:54:36.0376 2744  OS Version: 6.1.7601 ServicePack: 1.0
19:54:36.0376 2744  Product type: Workstation
19:54:36.0376 2744  ComputerName: *****-NOTEBOOK
19:54:36.0376 2744  UserName: *****
19:54:36.0376 2744  Windows directory: C:\Windows
19:54:36.0376 2744  System windows directory: C:\Windows
19:54:36.0376 2744  Processor architecture: Intel x86
19:54:36.0376 2744  Number of processors: 2
19:54:36.0376 2744  Page size: 0x1000
19:54:36.0376 2744  Boot type: Normal boot
19:54:36.0376 2744  ============================================================
19:54:38.0108 2744  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:54:38.0108 2744  ============================================================
19:54:38.0108 2744  \Device\Harddisk0\DR0:
19:54:38.0108 2744  MBR partitions:
19:54:38.0108 2744  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1194800, BlocksNum 0xBC51800
19:54:38.0108 2744  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xCDE6000, BlocksNum 0x186482B0
19:54:38.0108 2744  ============================================================
19:54:38.0155 2744  C: <-> \Device\Harddisk0\DR0\Partition1
19:54:38.0264 2744  D: <-> \Device\Harddisk0\DR0\Partition2
19:54:38.0264 2744  ============================================================
19:54:38.0264 2744  Initialize success
19:54:38.0264 2744  ============================================================
19:54:52.0352 1312  ============================================================
19:54:52.0352 1312  Scan started
19:54:52.0352 1312  Mode: Manual; SigCheck; TDLFS; 
19:54:52.0352 1312  ============================================================
19:54:57.0328 1312  ================ Scan system memory ========================
19:54:57.0328 1312  System memory - ok
19:54:57.0328 1312  ================ Scan services =============================
19:54:58.0389 1312  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:54:58.0498 1312  1394ohci - ok
19:54:58.0779 1312  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
19:54:58.0826 1312  ACDaemon - ok
19:54:58.0888 1312  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:54:58.0904 1312  ACPI - ok
19:54:58.0966 1312  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:54:59.0044 1312  AcpiPmi - ok
19:54:59.0185 1312  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:54:59.0200 1312  AdobeARMservice - ok
19:54:59.0325 1312  [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:54:59.0341 1312  AdobeFlashPlayerUpdateSvc - ok
19:54:59.0403 1312  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:54:59.0434 1312  adp94xx - ok
19:54:59.0450 1312  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:54:59.0465 1312  adpahci - ok
19:54:59.0497 1312  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:54:59.0512 1312  adpu320 - ok
19:54:59.0590 1312  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:54:59.0653 1312  AeLookupSvc - ok
19:54:59.0731 1312  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
19:54:59.0777 1312  AFD - ok
19:54:59.0809 1312  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:54:59.0824 1312  agp440 - ok
19:54:59.0902 1312  [ 0DEE2B628D4C6E23285BB91EFFDABFDE ] ahcix86s        C:\Windows\system32\drivers\ahcix86s.sys
19:54:59.0918 1312  ahcix86s - ok
19:54:59.0980 1312  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
19:54:59.0996 1312  aic78xx - ok
19:55:00.0074 1312  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
19:55:00.0136 1312  ALG - ok
19:55:00.0183 1312  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:55:00.0199 1312  aliide - ok
19:55:00.0245 1312  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:55:00.0261 1312  amdagp - ok
19:55:00.0417 1312  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:55:00.0433 1312  amdide - ok
19:55:00.0495 1312  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:55:00.0542 1312  AmdK8 - ok
19:55:00.0589 1312  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:55:00.0635 1312  AmdPPM - ok
19:55:00.0682 1312  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:55:00.0698 1312  amdsata - ok
19:55:00.0745 1312  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:55:00.0776 1312  amdsbs - ok
19:55:00.0791 1312  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:55:00.0807 1312  amdxata - ok
19:55:00.0947 1312  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
19:55:00.0963 1312  AntiVirSchedulerService - ok
19:55:01.0025 1312  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
19:55:01.0041 1312  AntiVirService - ok
19:55:01.0119 1312  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
19:55:01.0244 1312  AppID - ok
19:55:01.0322 1312  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:55:01.0384 1312  AppIDSvc - ok
19:55:01.0415 1312  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
19:55:01.0478 1312  Appinfo - ok
19:55:01.0665 1312  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:55:01.0665 1312  Apple Mobile Device - ok
19:55:01.0712 1312  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:55:01.0727 1312  arc - ok
19:55:01.0743 1312  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:55:01.0759 1312  arcsas - ok
19:55:01.0852 1312  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:55:01.0977 1312  AsyncMac - ok
19:55:02.0008 1312  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
19:55:02.0024 1312  atapi - ok
19:55:02.0102 1312  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:55:02.0180 1312  AudioEndpointBuilder - ok
19:55:02.0227 1312  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:55:02.0242 1312  Audiosrv - ok
19:55:02.0336 1312  [ 87425709A251386064C99B684BF96F72 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
19:55:02.0351 1312  avgntflt - ok
19:55:02.0383 1312  [ D50FBA68163BC498F2C136E0E5BA8E2F ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
19:55:02.0429 1312  avipbb - ok
19:55:02.0476 1312  [ CB8741CD7B126499FED40C9B197F6AC5 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
19:55:02.0492 1312  avkmgr - ok
19:55:02.0539 1312  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:55:02.0632 1312  AxInstSV - ok
19:55:02.0679 1312  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
19:55:02.0741 1312  b06bdrv - ok
19:55:02.0788 1312  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:55:02.0804 1312  b57nd60x - ok
19:55:02.0897 1312  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:55:02.0960 1312  BDESVC - ok
19:55:02.0975 1312  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:55:03.0022 1312  Beep - ok
19:55:03.0085 1312  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
19:55:03.0131 1312  BFE - ok
19:55:03.0178 1312  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
19:55:03.0225 1312  BITS - ok
19:55:03.0241 1312  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:55:03.0287 1312  blbdrive - ok
19:55:03.0397 1312  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:55:03.0412 1312  Bonjour Service - ok
19:55:03.0443 1312  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:55:03.0506 1312  bowser - ok
19:55:03.0584 1312  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:55:03.0631 1312  BrFiltLo - ok
19:55:03.0646 1312  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:55:03.0677 1312  BrFiltUp - ok
19:55:03.0724 1312  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
19:55:03.0771 1312  Browser - ok
19:55:03.0802 1312  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:55:03.0880 1312  Brserid - ok
19:55:03.0896 1312  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:55:03.0927 1312  BrSerWdm - ok
19:55:03.0943 1312  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:55:03.0974 1312  BrUsbMdm - ok
19:55:03.0989 1312  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:55:04.0052 1312  BrUsbSer - ok
19:55:04.0083 1312  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:55:04.0130 1312  BTHMODEM - ok
19:55:04.0177 1312  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
19:55:04.0239 1312  bthserv - ok
19:55:04.0270 1312  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:55:04.0317 1312  cdfs - ok
19:55:04.0426 1312  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:55:04.0473 1312  cdrom - ok
19:55:04.0535 1312  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:55:04.0598 1312  CertPropSvc - ok
19:55:04.0629 1312  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:55:04.0645 1312  circlass - ok
19:55:04.0691 1312  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
19:55:04.0707 1312  CLFS - ok
19:55:04.0801 1312  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:04.0816 1312  clr_optimization_v2.0.50727_32 - ok
19:55:04.0910 1312  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:55:04.0972 1312  clr_optimization_v4.0.30319_32 - ok
19:55:04.0988 1312  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:55:05.0003 1312  CmBatt - ok
19:55:05.0097 1312  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:55:05.0113 1312  cmdide - ok
19:55:05.0175 1312  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:55:05.0222 1312  CNG - ok
19:55:05.0269 1312  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:55:05.0284 1312  Compbatt - ok
19:55:05.0331 1312  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:55:05.0362 1312  CompositeBus - ok
19:55:05.0378 1312  COMSysApp - ok
19:55:05.0393 1312  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:55:05.0409 1312  crcdisk - ok
19:55:05.0440 1312  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:55:05.0487 1312  CryptSvc - ok
19:55:05.0534 1312  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:55:05.0596 1312  DcomLaunch - ok
19:55:05.0674 1312  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:55:05.0783 1312  defragsvc - ok
19:55:05.0830 1312  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:55:05.0877 1312  DfsC - ok
19:55:05.0939 1312  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:55:05.0986 1312  Dhcp - ok
19:55:06.0017 1312  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
19:55:06.0064 1312  discache - ok
19:55:06.0111 1312  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:55:06.0127 1312  Disk - ok
19:55:06.0173 1312  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:55:06.0236 1312  Dnscache - ok
19:55:06.0298 1312  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:55:06.0361 1312  dot3svc - ok
19:55:06.0439 1312  [ B5E479EB83707DD698F66953E922042C ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
19:55:06.0470 1312  Dot4 - ok
19:55:06.0501 1312  [ CAEFD09B6A6249C53A67D55A9A9FCABF ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
19:55:06.0532 1312  Dot4Print - ok
19:55:06.0579 1312  [ CF491FF38D62143203C065260567E2F7 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
19:55:06.0626 1312  dot4usb - ok
19:55:06.0657 1312  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
19:55:06.0704 1312  DPS - ok
19:55:06.0751 1312  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:55:06.0782 1312  drmkaud - ok
19:55:06.0829 1312  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:55:06.0875 1312  DXGKrnl - ok
19:55:06.0922 1312  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
19:55:06.0969 1312  EapHost - ok
19:55:07.0078 1312  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
19:55:07.0187 1312  ebdrv - ok
19:55:07.0219 1312  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
19:55:07.0265 1312  EFS - ok
19:55:07.0328 1312  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:55:07.0406 1312  ehRecvr - ok
19:55:07.0437 1312  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
19:55:07.0499 1312  ehSched - ok
19:55:07.0609 1312  [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
19:55:07.0624 1312  ElbyCDIO - ok
19:55:07.0687 1312  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:55:07.0718 1312  elxstor - ok
19:55:07.0780 1312  [ CEF06A8DF4BA42673F3297759FD62E80 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_JT50RP.EXE
19:55:07.0780 1312  EPSON_PM_RPCV4_05 - ok
19:55:07.0811 1312  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:55:07.0874 1312  ErrDev - ok
19:55:07.0936 1312  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
19:55:07.0983 1312  EventSystem - ok
19:55:08.0014 1312  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
19:55:08.0045 1312  exfat - ok
19:55:08.0092 1312  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:55:08.0139 1312  fastfat - ok
19:55:08.0201 1312  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
19:55:08.0264 1312  Fax - ok
19:55:08.0279 1312  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:55:08.0295 1312  fdc - ok
19:55:08.0326 1312  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
19:55:08.0404 1312  fdPHost - ok
19:55:08.0420 1312  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
19:55:08.0482 1312  FDResPub - ok
19:55:08.0513 1312  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:55:08.0529 1312  FileInfo - ok
19:55:08.0529 1312  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:55:08.0623 1312  Filetrace - ok
19:55:08.0654 1312  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:55:08.0669 1312  flpydisk - ok
19:55:08.0716 1312  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:55:08.0732 1312  FltMgr - ok
19:55:08.0810 1312  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
19:55:08.0888 1312  FontCache - ok
19:55:09.0262 1312  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:55:09.0278 1312  FontCache3.0.0.0 - ok
19:55:09.0293 1312  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:55:09.0309 1312  FsDepends - ok
19:55:09.0371 1312  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:55:09.0387 1312  Fs_Rec - ok
19:55:09.0465 1312  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:55:09.0481 1312  fvevol - ok
19:55:09.0527 1312  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:55:09.0543 1312  gagp30kx - ok
19:55:09.0652 1312  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:55:09.0699 1312  GEARAspiWDM - ok
19:55:09.0777 1312  [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
19:55:09.0793 1312  GoogleDesktopManager-051210-111108 - ok
19:55:09.0824 1312  [ 9E6B5241CB0B11DDDDF162865041D193 ] GpdDevDPort     C:\Windows\system32\directport.sys
19:55:09.0839 1312  GpdDevDPort ( UnsignedFile.Multi.Generic ) - warning
19:55:09.0839 1312  GpdDevDPort - detected UnsignedFile.Multi.Generic (1)
19:55:09.0871 1312  [ E48C4E69E2126AAC01888C60CC6ED966 ] GpdKbFilter     C:\Windows\system32\kbfiltr.sys
19:55:09.0902 1312  GpdKbFilter ( UnsignedFile.Multi.Generic ) - warning
19:55:09.0902 1312  GpdKbFilter - detected UnsignedFile.Multi.Generic (1)
19:55:09.0949 1312  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:55:09.0995 1312  gpsvc - ok
19:55:10.0073 1312  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:55:10.0089 1312  gupdate - ok
19:55:10.0089 1312  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:55:10.0105 1312  gupdatem - ok
19:55:10.0151 1312  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
19:55:10.0151 1312  gusvc - ok
19:55:10.0183 1312  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:55:10.0214 1312  hcw85cir - ok
19:55:10.0245 1312  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:55:10.0276 1312  HDAudBus - ok
19:55:10.0307 1312  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:55:10.0354 1312  HidBatt - ok
19:55:10.0370 1312  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:55:10.0432 1312  HidBth - ok
19:55:10.0463 1312  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:55:10.0495 1312  HidIr - ok
19:55:10.0526 1312  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
19:55:10.0604 1312  hidserv - ok
19:55:10.0651 1312  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:55:10.0666 1312  HidUsb - ok
19:55:10.0697 1312  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:55:10.0744 1312  hkmsvc - ok
19:55:10.0791 1312  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:55:10.0900 1312  HomeGroupListener - ok
19:55:10.0963 1312  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:55:11.0025 1312  HomeGroupProvider - ok
19:55:11.0150 1312  [ ED377B3C83FDEA8D906109A085D219BA ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
19:55:11.0181 1312  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
19:55:11.0181 1312  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
19:55:11.0228 1312  [ EE4C7A4CF2316701FFDE90F404520265 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:55:11.0243 1312  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
19:55:11.0243 1312  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
19:55:11.0290 1312  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:55:11.0306 1312  HpSAMD - ok
19:55:11.0353 1312  [ 6F9CB6539A1B2508BD1C53D29334431A ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
19:55:11.0368 1312  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
19:55:11.0368 1312  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
19:55:11.0431 1312  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:55:11.0462 1312  HTTP - ok
19:55:11.0493 1312  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:55:11.0509 1312  hwpolicy - ok
19:55:11.0587 1312  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:55:11.0618 1312  i8042prt - ok
19:55:11.0649 1312  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:55:11.0680 1312  iaStorV - ok
19:55:11.0743 1312  [ B1A28FA1AFDE10B95FF9354B15701D70 ] ICQ Service     C:\Program Files\ICQ6Toolbar\ICQ Service.exe
19:55:11.0743 1312  ICQ Service - ok
19:55:11.0805 1312  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:55:11.0852 1312  idsvc - ok
19:55:11.0899 1312  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:55:11.0914 1312  iirsp - ok
19:55:12.0008 1312  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:55:12.0101 1312  IKEEXT - ok
19:55:12.0195 1312  [ 2DEB2538C9372568BB67B5FDF2359790 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
19:55:12.0289 1312  IntcAzAudAddService - ok
19:55:12.0351 1312  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:55:12.0351 1312  intelide - ok
19:55:12.0398 1312  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:55:12.0429 1312  intelppm - ok
19:55:12.0460 1312  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:55:12.0523 1312  IPBusEnum - ok
19:55:12.0538 1312  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:55:12.0601 1312  IpFilterDriver - ok
19:55:12.0647 1312  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:55:12.0694 1312  iphlpsvc - ok
19:55:12.0741 1312  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:55:12.0757 1312  IPMIDRV - ok
19:55:12.0772 1312  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:55:12.0819 1312  IPNAT - ok
19:55:12.0913 1312  [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:55:12.0928 1312  iPod Service - ok
19:55:12.0975 1312  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:55:13.0006 1312  IRENUM - ok
19:55:13.0022 1312  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:55:13.0037 1312  isapnp - ok
19:55:13.0084 1312  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:55:13.0100 1312  iScsiPrt - ok
19:55:13.0131 1312  [ C36F3A1A4E8416EF43F30DEAB7701730 ] JRAID           C:\Windows\system32\drivers\jraid.sys
19:55:13.0178 1312  JRAID - ok
19:55:13.0209 1312  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:55:13.0240 1312  kbdclass - ok
19:55:13.0271 1312  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:55:13.0303 1312  kbdhid - ok
19:55:13.0334 1312  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
19:55:13.0349 1312  KeyIso - ok
19:55:13.0381 1312  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:55:13.0396 1312  KSecDD - ok
19:55:13.0443 1312  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:55:13.0459 1312  KSecPkg - ok
19:55:13.0599 1312  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:55:13.0724 1312  KtmRm - ok
19:55:13.0755 1312  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:55:13.0802 1312  LanmanServer - ok
19:55:13.0880 1312  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:55:13.0942 1312  LanmanWorkstation - ok
19:55:13.0989 1312  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:55:14.0036 1312  lltdio - ok
19:55:14.0067 1312  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:55:14.0129 1312  lltdsvc - ok
19:55:14.0145 1312  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:55:14.0176 1312  lmhosts - ok
19:55:14.0207 1312  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:55:14.0223 1312  LSI_FC - ok
19:55:14.0239 1312  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:55:14.0254 1312  LSI_SAS - ok
19:55:14.0270 1312  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:55:14.0285 1312  LSI_SAS2 - ok
19:55:14.0301 1312  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:55:14.0317 1312  LSI_SCSI - ok
19:55:14.0348 1312  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
19:55:14.0410 1312  luafv - ok
19:55:14.0457 1312  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:55:14.0488 1312  Mcx2Svc - ok
19:55:14.0535 1312  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:55:14.0551 1312  megasas - ok
19:55:14.0597 1312  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:55:14.0629 1312  MegaSR - ok
19:55:14.0691 1312  Microsoft SharePoint Workspace Audit Service - ok
19:55:14.0753 1312  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
19:55:14.0785 1312  MMCSS - ok
19:55:14.0816 1312  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
19:55:14.0863 1312  Modem - ok
19:55:14.0894 1312  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:55:14.0925 1312  monitor - ok
19:55:14.0972 1312  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:55:14.0987 1312  mouclass - ok
19:55:15.0034 1312  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:55:15.0050 1312  mouhid - ok
19:55:15.0081 1312  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:55:15.0097 1312  mountmgr - ok
19:55:15.0221 1312  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:55:15.0237 1312  MozillaMaintenance - ok
19:55:15.0299 1312  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:55:15.0331 1312  mpio - ok
19:55:15.0362 1312  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:55:15.0440 1312  mpsdrv - ok
19:55:15.0487 1312  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:55:15.0596 1312  MpsSvc - ok
19:55:15.0627 1312  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:55:15.0658 1312  MRxDAV - ok
19:55:15.0705 1312  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:55:15.0783 1312  mrxsmb - ok
19:55:15.0830 1312  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:55:15.0861 1312  mrxsmb10 - ok
19:55:15.0877 1312  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:55:15.0923 1312  mrxsmb20 - ok
19:55:15.0955 1312  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
19:55:15.0970 1312  msahci - ok
19:55:15.0986 1312  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:55:16.0001 1312  msdsm - ok
19:55:16.0017 1312  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
19:55:16.0079 1312  MSDTC - ok
19:55:16.0111 1312  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:55:16.0142 1312  Msfs - ok
19:55:16.0157 1312  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:55:16.0204 1312  mshidkmdf - ok
19:55:16.0235 1312  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:55:16.0251 1312  msisadrv - ok
19:55:16.0282 1312  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:55:16.0313 1312  MSiSCSI - ok
19:55:16.0313 1312  msiserver - ok
19:55:16.0345 1312  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:55:16.0391 1312  MSKSSRV - ok
19:55:16.0407 1312  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:55:16.0454 1312  MSPCLOCK - ok
19:55:16.0485 1312  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:55:16.0532 1312  MSPQM - ok
19:55:16.0594 1312  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:55:16.0610 1312  MsRPC - ok
19:55:17.0577 1312  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:55:17.0577 1312  mssmbios - ok
19:55:17.0608 1312  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:55:17.0639 1312  MSTEE - ok
19:55:18.0591 1312  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:55:18.0622 1312  MTConfig - ok
19:55:18.0638 1312  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:55:18.0653 1312  Mup - ok
19:55:19.0293 1312  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
19:55:19.0324 1312  napagent - ok
19:55:19.0433 1312  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:55:19.0449 1312  NativeWifiP - ok
19:55:19.0511 1312  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:55:19.0543 1312  NDIS - ok
19:55:19.0621 1312  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:55:19.0652 1312  NdisCap - ok
19:55:19.0683 1312  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:55:19.0730 1312  NdisTapi - ok
19:55:19.0761 1312  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:55:19.0808 1312  Ndisuio - ok
19:55:19.0855 1312  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:55:19.0901 1312  NdisWan - ok
19:55:19.0933 1312  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:55:19.0979 1312  NDProxy - ok
19:55:20.0603 1312  [ B044BB341E164DA6750A9B8E6A5FF6A1 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
19:55:20.0650 1312  Nero BackItUp Scheduler 3 - ok
19:55:20.0697 1312  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:55:20.0759 1312  NetBIOS - ok
19:55:20.0822 1312  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:55:20.0837 1312  NetBT - ok
19:55:20.0869 1312  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
19:55:20.0884 1312  Netlogon - ok
19:55:20.0962 1312  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
19:55:21.0025 1312  Netman - ok
19:55:21.0056 1312  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
19:55:21.0087 1312  netprofm - ok
19:55:21.0103 1312  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:55:21.0134 1312  NetTcpPortSharing - ok
19:55:21.0259 1312  [ 58218EC6B61B1169CF54AAB0D00F5FE2 ] netw5v32        C:\Windows\system32\DRIVERS\netw5v32.sys
19:55:21.0415 1312  netw5v32 - ok
19:55:21.0461 1312  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:55:21.0477 1312  nfrd960 - ok
19:55:21.0508 1312  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:55:21.0539 1312  NlaSvc - ok
19:55:21.0649 1312  [ EBA1B4BF2E2375ABDADEDB649F283541 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
19:55:21.0680 1312  NMIndexingService - ok
19:55:21.0711 1312  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:55:21.0742 1312  Npfs - ok
19:55:21.0805 1312  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
19:55:21.0836 1312  nsi - ok
19:55:21.0851 1312  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:55:21.0898 1312  nsiproxy - ok
19:55:21.0976 1312  [ 9CDAEBE5160B9AF02AE17C62BDB6C4B5 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:55:22.0070 1312  Ntfs - ok
19:55:22.0101 1312  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
19:55:22.0132 1312  Null - ok
19:55:22.0397 1312  [ 2713392707E515EFB671751FA767EBD2 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
19:55:22.0772 1312  nvlddmkm - ok
19:55:22.0834 1312  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:55:22.0850 1312  nvraid - ok
19:55:22.0881 1312  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:55:22.0897 1312  nvstor - ok
19:55:22.0928 1312  [ D445466C0A10536486FBEBBC271D6E34 ] nvsvc           C:\Windows\system32\nvvsvc.exe
19:55:22.0943 1312  nvsvc - ok
19:55:22.0990 1312  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:55:23.0006 1312  nv_agp - ok
19:55:23.0068 1312  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:55:23.0115 1312  ohci1394 - ok
19:55:23.0146 1312  [ B7EDD9FD6387802DFAA795372AECF212 ] OsdService      C:\Program Files\OEM\OSD_1.12\OsdService.exe
19:55:23.0193 1312  OsdService ( UnsignedFile.Multi.Generic ) - warning
19:55:23.0193 1312  OsdService - detected UnsignedFile.Multi.Generic (1)
19:55:23.0333 1312  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:55:23.0365 1312  ose - ok
19:55:23.0817 1312  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:55:23.0989 1312  osppsvc - ok
19:55:24.0098 1312  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:55:24.0160 1312  p2pimsvc - ok
19:55:24.0207 1312  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:55:24.0285 1312  p2psvc - ok
19:55:24.0394 1312  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:55:24.0488 1312  Parport - ok
19:55:24.0519 1312  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:55:24.0535 1312  partmgr - ok
19:55:24.0597 1312  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
19:55:24.0644 1312  Parvdm - ok
19:55:24.0675 1312  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:55:24.0737 1312  PcaSvc - ok
19:55:24.0784 1312  [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd        C:\Windows\system32\DRIVERS\pccsmcfd.sys
19:55:24.0862 1312  pccsmcfd - ok
19:55:24.0893 1312  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
19:55:24.0909 1312  pci - ok
19:55:24.0940 1312  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
19:55:24.0956 1312  pciide - ok
19:55:25.0143 1312  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:55:25.0159 1312  pcmcia - ok
19:55:25.0268 1312  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
19:55:25.0284 1312  pcw - ok
19:55:25.0362 1312  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:55:25.0440 1312  PEAUTH - ok
19:55:25.0611 1312  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
19:55:25.0720 1312  pla - ok
19:55:25.0767 1312  [ 875E4E0661F3A5994DF9E5E3A0A4F96B ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe
19:55:25.0767 1312  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - warning
19:55:25.0767 1312  PLFlash DeviceIoControl Service - detected UnsignedFile.Multi.Generic (1)
19:55:25.0845 1312  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:55:25.0923 1312  PlugPlay - ok
19:55:25.0954 1312  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:55:25.0986 1312  PNRPAutoReg - ok
19:55:26.0001 1312  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:55:26.0017 1312  PNRPsvc - ok
19:55:26.0079 1312  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:55:26.0110 1312  PolicyAgent - ok
19:55:26.0157 1312  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
19:55:26.0188 1312  Power - ok
19:55:26.0251 1312  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:55:26.0313 1312  PptpMiniport - ok
19:55:26.0344 1312  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:55:26.0391 1312  Processor - ok
19:55:26.0422 1312  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
19:55:26.0469 1312  ProfSvc - ok
19:55:26.0485 1312  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:55:26.0500 1312  ProtectedStorage - ok
19:55:26.0610 1312  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:55:26.0641 1312  Psched - ok
19:55:26.0688 1312  [ 49452BFCEC22F36A7A9B9C2181BC3042 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
19:55:26.0703 1312  PxHelp20 - ok
19:55:26.0781 1312  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:55:26.0844 1312  ql2300 - ok
19:55:26.0875 1312  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:55:26.0890 1312  ql40xx - ok
19:55:26.0922 1312  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
19:55:26.0953 1312  QWAVE - ok
19:55:26.0968 1312  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:55:26.0984 1312  QWAVEdrv - ok
19:55:27.0046 1312  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:55:27.0124 1312  RasAcd - ok
19:55:27.0171 1312  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:55:27.0234 1312  RasAgileVpn - ok
19:55:27.0249 1312  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
19:55:27.0280 1312  RasAuto - ok
19:55:27.0312 1312  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:55:27.0358 1312  Rasl2tp - ok
19:55:27.0390 1312  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
19:55:27.0468 1312  RasMan - ok
19:55:27.0483 1312  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:55:27.0546 1312  RasPppoe - ok
19:55:27.0608 1312  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:55:27.0655 1312  RasSstp - ok
19:55:27.0702 1312  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:55:27.0795 1312  rdbss - ok
19:55:27.0826 1312  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:55:27.0842 1312  rdpbus - ok
19:55:27.0873 1312  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:55:27.0936 1312  RDPCDD - ok
19:55:27.0967 1312  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:55:27.0998 1312  RDPENCDD - ok
19:55:28.0014 1312  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:55:28.0045 1312  RDPREFMP - ok
19:55:28.0076 1312  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:55:28.0154 1312  RDPWD - ok
19:55:28.0216 1312  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:55:28.0232 1312  rdyboost - ok
19:55:28.0279 1312  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:55:28.0326 1312  RemoteAccess - ok
19:55:28.0357 1312  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:55:28.0435 1312  RemoteRegistry - ok
19:55:28.0497 1312  [ 616EAC1B0E48B236A5A9B8AE07FDB81C ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
19:55:28.0544 1312  RimUsb - ok
19:55:28.0606 1312  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:55:28.0622 1312  RpcEptMapper - ok
19:55:28.0669 1312  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
19:55:28.0684 1312  RpcLocator - ok
19:55:28.0716 1312  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
19:55:28.0747 1312  RpcSs - ok
19:55:28.0809 1312  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:55:28.0872 1312  rspndr - ok
19:55:28.0934 1312  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
19:55:28.0996 1312  RTL8167 - ok
19:55:29.0043 1312  [ 8CCA591019216E9523E3CB385CE643E6 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
19:55:29.0106 1312  RTL8169 - ok
19:55:29.0152 1312  [ 1C5C2CB892553D2CF3F45A4BB323FCD6 ] s1018bus        C:\Windows\system32\DRIVERS\s1018bus.sys
19:55:29.0168 1312  s1018bus - ok
19:55:29.0199 1312  [ 38F5EA219593F19B6B3A1B9C169E3B61 ] s1018mdfl       C:\Windows\system32\DRIVERS\s1018mdfl.sys
19:55:29.0215 1312  s1018mdfl - ok
19:55:29.0230 1312  [ 666AF6B64FC7DF92D3CA4819EA91631D ] s1018mdm        C:\Windows\system32\DRIVERS\s1018mdm.sys
19:55:29.0246 1312  s1018mdm - ok
19:55:29.0293 1312  [ F4CEDA6E2DDFF2AF8BD745615A7CA9C0 ] s1018mgmt       C:\Windows\system32\DRIVERS\s1018mgmt.sys
19:55:29.0324 1312  s1018mgmt - ok
19:55:29.0371 1312  [ 3622D9FF2253DCBE885B10736609A4CA ] s1018nd5        C:\Windows\system32\DRIVERS\s1018nd5.sys
19:55:29.0386 1312  s1018nd5 - ok
19:55:29.0418 1312  [ 49431EFDA842B474531C29FFAE9F5D09 ] s1018obex       C:\Windows\system32\DRIVERS\s1018obex.sys
19:55:29.0433 1312  s1018obex - ok
19:55:29.0464 1312  [ AC6B514CB4474F4C867D7CDC9CD54F05 ] s1018unic       C:\Windows\system32\DRIVERS\s1018unic.sys
19:55:29.0480 1312  s1018unic - ok
19:55:29.0511 1312  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
19:55:29.0527 1312  SamSs - ok
19:55:29.0620 1312  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:55:29.0636 1312  sbp2port - ok
19:55:29.0683 1312  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:55:29.0745 1312  SCardSvr - ok
19:55:29.0761 1312  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:55:29.0823 1312  scfilter - ok
19:55:29.0870 1312  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
19:55:29.0948 1312  Schedule - ok
19:55:29.0995 1312  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:55:30.0010 1312  SCPolicySvc - ok
19:55:30.0369 1312  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:55:30.0416 1312  SDRSVC - ok
19:55:30.0447 1312  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:55:30.0510 1312  secdrv - ok
19:55:30.0603 1312  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
19:55:30.0681 1312  seclogon - ok
19:55:30.0712 1312  [ E5B56569A9F79B70314FEDE6C953641E ] seehcri         C:\Windows\system32\DRIVERS\seehcri.sys
19:55:30.0759 1312  seehcri - ok
19:55:30.0775 1312  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
19:55:30.0853 1312  SENS - ok
19:55:30.0915 1312  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:55:30.0978 1312  SensrSvc - ok
19:55:31.0024 1312  [ 8627C992B8A80504FC477B2E8FF8EC4F ] Sentinel        C:\Windows\System32\Drivers\SENTINEL.SYS
19:55:31.0040 1312  Sentinel ( UnsignedFile.Multi.Generic ) - warning
19:55:31.0040 1312  Sentinel - detected UnsignedFile.Multi.Generic (1)
19:55:31.0071 1312  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:55:31.0102 1312  Serenum - ok
19:55:31.0134 1312  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:55:31.0149 1312  Serial - ok
19:55:31.0196 1312  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:55:31.0212 1312  sermouse - ok
19:55:31.0305 1312  [ 8988D1F32F56B3CD3F0F6C39F8A91A98 ] ServiceLayer    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
19:55:31.0352 1312  ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
19:55:31.0352 1312  ServiceLayer - detected UnsignedFile.Multi.Generic (1)
19:55:31.0399 1312  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:55:31.0446 1312  SessionEnv - ok
19:55:31.0461 1312  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:55:31.0539 1312  sffdisk - ok
19:55:31.0586 1312  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:55:31.0602 1312  sffp_mmc - ok
19:55:31.0617 1312  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:55:31.0633 1312  sffp_sd - ok
19:55:31.0664 1312  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:55:31.0695 1312  sfloppy - ok
19:55:31.0726 1312  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:55:31.0773 1312  SharedAccess - ok
19:55:31.0804 1312  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:55:31.0836 1312  ShellHWDetection - ok
19:55:31.0867 1312  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:55:31.0898 1312  sisagp - ok
19:55:31.0945 1312  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:55:31.0960 1312  SiSRaid2 - ok
19:55:31.0976 1312  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:55:31.0992 1312  SiSRaid4 - ok
19:55:32.0085 1312  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:55:32.0132 1312  SkypeUpdate - ok
19:55:32.0163 1312  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:55:32.0179 1312  Smb - ok
19:55:32.0304 1312  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:55:32.0335 1312  SNMPTRAP - ok
19:55:32.0460 1312  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
19:55:32.0522 1312  Sony PC Companion ( UnsignedFile.Multi.Generic ) - warning
19:55:32.0522 1312  Sony PC Companion - detected UnsignedFile.Multi.Generic (1)
19:55:32.0538 1312  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:55:32.0584 1312  spldr - ok
19:55:32.0616 1312  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
19:55:32.0678 1312  Spooler - ok
19:55:32.0756 1312  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:55:32.0881 1312  sppsvc - ok
19:55:32.0928 1312  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:55:32.0974 1312  sppuinotify - ok
19:55:33.0021 1312  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:55:33.0084 1312  srv - ok
19:55:33.0099 1312  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:55:33.0146 1312  srv2 - ok
19:55:33.0162 1312  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:55:33.0193 1312  srvnet - ok
19:55:33.0224 1312  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:55:33.0286 1312  SSDPSRV - ok
19:55:33.0318 1312  [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
19:55:33.0364 1312  ssmdrv - ok
19:55:33.0380 1312  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:55:33.0427 1312  SstpSvc - ok
19:55:33.0474 1312  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:55:33.0520 1312  stexstor - ok
19:55:33.0614 1312  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:55:33.0661 1312  StiSvc - ok
19:55:33.0708 1312  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:55:33.0723 1312  swenum - ok
19:55:33.0754 1312  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
19:55:33.0801 1312  swprv - ok
19:55:33.0848 1312  [ 55F6E55CC2430CA8713387106FA79817 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
19:55:33.0864 1312  SynTP - ok
19:55:33.0942 1312  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
19:55:33.0988 1312  SysMain - ok
19:55:34.0051 1312  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:55:34.0082 1312  TabletInputService - ok
19:55:34.0144 1312  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:55:34.0207 1312  TapiSrv - ok
19:55:34.0269 1312  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
19:55:34.0300 1312  TBS - ok
19:55:34.0378 1312  [ 7C0507D2391AF5933600CBCED799F277 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:55:34.0441 1312  Tcpip - ok
19:55:34.0488 1312  [ 7C0507D2391AF5933600CBCED799F277 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:55:34.0519 1312  TCPIP6 - ok
19:55:34.0550 1312  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:55:34.0581 1312  tcpipreg - ok
19:55:34.0628 1312  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:55:34.0659 1312  TDPIPE - ok
19:55:34.0706 1312  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:55:34.0722 1312  TDTCP - ok
19:55:34.0768 1312  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:55:34.0800 1312  tdx - ok
19:55:35.0174 1312  [ 851C5080261DFC1FCDC21DF0E5EA3BCB ] TeamViewer8     C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
19:55:35.0299 1312  TeamViewer8 - ok
19:55:35.0346 1312  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:55:35.0361 1312  TermDD - ok
19:55:35.0611 1312  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
19:55:35.0689 1312  TermService - ok
19:55:35.0845 1312  [ 250B9120C7C103AFDC0C6643F9691055 ] TestHandler     C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
19:55:35.0845 1312  TestHandler ( UnsignedFile.Multi.Generic ) - warning
19:55:35.0845 1312  TestHandler - detected UnsignedFile.Multi.Generic (1)
19:55:35.0907 1312  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
19:55:35.0923 1312  Themes - ok
19:55:35.0938 1312  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:55:35.0970 1312  THREADORDER - ok
19:55:36.0063 1312  [ A21E58F345F337316A98C5121CBE17E8 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
19:55:36.0079 1312  TomTomHOMEService - ok
19:55:36.0126 1312  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
19:55:36.0172 1312  TrkWks - ok
19:55:36.0282 1312  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:55:36.0297 1312  TrustedInstaller - ok
19:55:36.0328 1312  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:55:36.0360 1312  tssecsrv - ok
19:55:36.0406 1312  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:55:36.0438 1312  TsUsbFlt - ok
19:55:36.0484 1312  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:55:36.0531 1312  tunnel - ok
19:55:36.0594 1312  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:55:36.0609 1312  uagp35 - ok
19:55:36.0625 1312  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:55:36.0687 1312  udfs - ok
19:55:36.0874 1312  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:55:36.0921 1312  UI0Detect - ok
19:55:36.0952 1312  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:55:36.0968 1312  uliagpkx - ok
19:55:37.0030 1312  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:55:37.0077 1312  umbus - ok
19:55:37.0108 1312  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:55:37.0124 1312  UmPass - ok
19:55:37.0374 1312  [ 8904797AB560918B115B7EC350B3D2C7 ] Unigraphics License Server (uglmd) D:\Unigraphics\UGNXFLEXlm\lmgrd.exe
19:55:37.0389 1312  Unigraphics License Server (uglmd) ( UnsignedFile.Multi.Generic ) - warning
19:55:37.0389 1312  Unigraphics License Server (uglmd) - detected UnsignedFile.Multi.Generic (1)
19:55:37.0576 1312  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
19:55:37.0639 1312  upnphost - ok
19:55:37.0686 1312  [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
19:55:37.0779 1312  USBAAPL - ok
19:55:37.0810 1312  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:55:37.0873 1312  usbccgp - ok
19:55:37.0920 1312  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:55:37.0966 1312  usbcir - ok
19:55:38.0013 1312  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:55:38.0029 1312  usbehci - ok
19:55:38.0091 1312  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
19:55:38.0138 1312  usbhub - ok
19:55:38.0154 1312  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:55:38.0200 1312  usbohci - ok
19:55:38.0232 1312  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:55:38.0278 1312  usbprint - ok
19:55:38.0325 1312  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:55:38.0372 1312  usbscan - ok
19:55:38.0403 1312  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:55:38.0450 1312  USBSTOR - ok
19:55:38.0481 1312  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:55:38.0512 1312  usbuhci - ok
19:55:38.0606 1312  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:55:38.0622 1312  usbvideo - ok
19:55:38.0700 1312  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
19:55:38.0762 1312  UxSms - ok
19:55:38.0793 1312  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
19:55:38.0793 1312  VaultSvc - ok
19:55:38.0840 1312  [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
19:55:38.0871 1312  VClone - ok
19:55:38.0918 1312  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:55:38.0934 1312  vdrvroot - ok
19:55:38.0980 1312  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
19:55:39.0043 1312  vds - ok
19:55:39.0090 1312  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:55:39.0105 1312  vga - ok
19:55:39.0230 1312  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:55:39.0261 1312  VgaSave - ok
19:55:39.0355 1312  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:55:39.0370 1312  vhdmp - ok
19:55:39.0433 1312  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:55:39.0448 1312  viaagp - ok
19:55:39.0620 1312  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
19:55:39.0667 1312  ViaC7 - ok
19:55:39.0698 1312  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
19:55:39.0714 1312  viaide - ok
19:55:39.0776 1312  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:55:39.0792 1312  volmgr - ok
19:55:39.0823 1312  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:55:39.0854 1312  volmgrx - ok
19:55:39.0870 1312  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:55:39.0885 1312  volsnap - ok
19:55:39.0916 1312  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:55:39.0932 1312  vsmraid - ok
19:55:40.0026 1312  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
19:55:40.0104 1312  VSS - ok
19:55:40.0119 1312  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:55:40.0135 1312  vwifibus - ok
19:55:40.0197 1312  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
19:55:40.0260 1312  W32Time - ok
19:55:40.0291 1312  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:55:40.0338 1312  WacomPen - ok
19:55:40.0369 1312  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:55:40.0431 1312  WANARP - ok
19:55:40.0431 1312  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:55:40.0462 1312  Wanarpv6 - ok
19:55:40.0618 1312  [ 353A04C273EC58475D8633E75CCD5604 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:55:40.0696 1312  WatAdminSvc - ok
19:55:40.0759 1312  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
19:55:40.0852 1312  wbengine - ok
19:55:40.0899 1312  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:55:40.0930 1312  WbioSrvc - ok
19:55:40.0977 1312  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:55:41.0024 1312  wcncsvc - ok
19:55:41.0055 1312  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:55:41.0133 1312  WcsPlugInService - ok
19:55:41.0164 1312  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:55:41.0180 1312  Wd - ok
19:55:41.0227 1312  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:55:41.0258 1312  Wdf01000 - ok
19:55:41.0274 1312  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:55:41.0352 1312  WdiServiceHost - ok
19:55:41.0367 1312  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:55:41.0383 1312  WdiSystemHost - ok
19:55:41.0414 1312  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
19:55:41.0461 1312  WebClient - ok
19:55:41.0492 1312  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:55:41.0523 1312  Wecsvc - ok
19:55:41.0539 1312  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:55:41.0570 1312  wercplsupport - ok
19:55:41.0632 1312  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:55:41.0695 1312  WerSvc - ok
19:55:41.0742 1312  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:55:41.0757 1312  WfpLwf - ok
19:55:41.0788 1312  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:55:41.0804 1312  WIMMount - ok
19:55:42.0007 1312  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:55:42.0054 1312  WinDefend - ok
19:55:42.0054 1312  WinHttpAutoProxySvc - ok
19:55:42.0288 1312  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:55:42.0381 1312  Winmgmt - ok
19:55:42.0428 1312  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
19:55:42.0506 1312  WinRM - ok
19:55:42.0600 1312  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:55:42.0631 1312  WinUsb - ok
19:55:42.0678 1312  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:55:42.0740 1312  Wlansvc - ok
19:55:42.0756 1312  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:55:42.0771 1312  WmiAcpi - ok
19:55:42.0880 1312  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:55:42.0943 1312  wmiApSrv - ok
19:55:43.0083 1312  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:55:43.0130 1312  WMPNetworkSvc - ok
19:55:43.0192 1312  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:55:43.0239 1312  WPCSvc - ok
19:55:43.0270 1312  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:55:43.0302 1312  WPDBusEnum - ok
19:55:43.0348 1312  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:55:43.0426 1312  ws2ifsl - ok
19:55:43.0442 1312  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
19:55:43.0504 1312  wscsvc - ok
19:55:43.0614 1312  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
19:55:43.0629 1312  WSDPrintDevice - ok
19:55:43.0692 1312  [ 7DC0270CFD4A05B4112E3EBBF083B595 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
19:55:43.0707 1312  WSDScan - ok
19:55:43.0707 1312  WSearch - ok
19:55:43.0879 1312  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:55:43.0957 1312  wuauserv - ok
19:55:43.0988 1312  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:55:44.0019 1312  WudfPf - ok
19:55:44.0066 1312  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:55:44.0082 1312  WUDFRd - ok
19:55:44.0160 1312  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:55:44.0206 1312  wudfsvc - ok
19:55:44.0238 1312  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:55:44.0300 1312  WwanSvc - ok
19:55:44.0394 1312  [ 74EC37B9EAF9FCA015B933A526825C7A ] {95808DC4-FA4A-4C74-92FE-5B863F82066B} C:\Program Files\CyberLink\PowerDVD\000.fcl
19:55:44.0409 1312  {95808DC4-FA4A-4C74-92FE-5B863F82066B} - ok
19:55:44.0425 1312  ================ Scan global ===============================
19:55:44.0456 1312  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:55:44.0503 1312  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:55:44.0565 1312  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:55:44.0596 1312  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:55:44.0643 1312  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:55:44.0659 1312  [Global] - ok
19:55:44.0659 1312  ================ Scan MBR ==================================
19:55:44.0674 1312  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:55:45.0033 1312  \Device\Harddisk0\DR0 - ok
19:55:45.0033 1312  ================ Scan VBR ==================================
19:55:45.0033 1312  [ 3D2744C00DABA1058A7C90F799F359CE ] \Device\Harddisk0\DR0\Partition1
19:55:45.0033 1312  \Device\Harddisk0\DR0\Partition1 - ok
19:55:45.0064 1312  [ 2E8119675E5F4A5D83E35072BAE43E85 ] \Device\Harddisk0\DR0\Partition2
19:55:45.0064 1312  \Device\Harddisk0\DR0\Partition2 - ok
19:55:45.0064 1312  ============================================================
19:55:45.0064 1312  Scan finished
19:55:45.0064 1312  ============================================================
19:55:45.0080 5340  Detected object count: 12
19:55:45.0080 5340  Actual detected object count: 12
19:55:56.0156 5340  GpdDevDPort ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0156 5340  GpdDevDPort ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0156 5340  GpdKbFilter ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0156 5340  GpdKbFilter ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0156 5340  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0156 5340  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0156 5340  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0156 5340  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  OsdService ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  OsdService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  PLFlash DeviceIoControl Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  Sony PC Companion ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  Sony PC Companion ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  TestHandler ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  TestHandler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:55:56.0172 5340  Unigraphics License Server (uglmd) ( UnsignedFile.Multi.Generic ) - skipped by user
19:55:56.0172 5340  Unigraphics License Server (uglmd) ( UnsignedFile.Multi.Generic ) - User select action: Skip