C:\Windows\System32\services.exe Infiziert!

Florian_Ice · 22.05.2013, 17:24

Guten Abend liebe Leser/innen,

ich habe die letzte Zeit sehr viele Downloads aufgrund mehrerer größeren und vor allem wichtigen Projekten im Bereich der Videobearbeitung & Animation getätigt.

Vorhin als ich unterwegs war (ca. 6 Std. außer Haus) hat sich anscheinend ein schwerwiegender "Virus" in meinem PC eingenistet, im WINDOWS Ordner.

Da ich absolut keine Ahnung von so etwas habe, und zufällig von diesem seriösen Forum zur Schadsoftware Bekämpfung gehört habe, finde ich es angemessen, mich an Ausgebildete bzw. Erfahrene zu wenden, die sich mit so etwas auskennen.

Ich habe mir die Forenregeln durchgelesen und alle Programme zum Logtexte erstellen runtergeladen, welche ich im Anhang versenden werde.

Nebenbei muss ich noch sagen, dass ich mich mit so etwas nicht auskenne und sie mein volles Vertrauen haben.

AVG sendet ca. alle 3 Minuten Meldungen über Trojaner und noch etwas anderes.
Hier kopiere ich mal was AVG findet :

Als erstes das Hauptproblem

"";"Virus identifiziert: Win64/Patched.A, c:\Windows\System32\services.exe";"Infiziert";"Datei oder Verzeichnis";"22.05.2013, 17:44:51"

Dann die zwei:

"";"Trojaner: Generic32.CEMU, c:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000064.@";"Infiziert"

"";"Trojaner: Generic31.ZCS, c:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000000.@";"Infiziert"

Die die zwei Trojaner treten immer zusammen auf, und das immer alleine :

"";"Luhe.Sirefef.A gefunden, c:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000032.@";"Infiziert";"Datei oder Verzeichnis";"22.05.2013, 17:33:01"

Ich kann leider nichts anderes unternehmen, als die Datein in Virenquarantäne zu verschieben oder zu entfernen, aber leider tauchen sie immer wieder auf, als würden sie immer von neu erstellt werden.

Ich habe mich einmal mithilfe von Google erkundigt und erfahren, dass eine wichtige Datei ausgetauscht wurde, welche ich nicht einfach löschen "darf".

In anderen Foren haben sogar Leute geschrieben, dass man das System neu aufsetzen muss, wobei ich sagen muss, dass das im Moment das Schlimmste wäre, was ich machen könnte.

Darf ich mich jetzt eig. noch irgendwo wie bei beispielsweise Youtube oder Steam einloggen, oder wäre das zu gefährlich ?

Antworten kann ich per Mobilem Gerät oder ggbf. an einem anderen PC abrufen.

Neben bei sollte ich vllt. noch erwähnen, dass ich erst 14 bin und mir jede Hilfe recht wäre, die mir zukommt.
Ich hoffe auf eine Hilfreiche Antwort und eine erfolgreiche Zusammenarbeit.

P.S: Ich kannte die OTL log Datei nicht anhängen die diese das Größenlimit von 97,7 kb überschritten hatte. Die Datei war 168 kb groß.

MfG Florian

smeenk · 22.05.2013, 17:44

Hi Florian

Ich bin Smeenk und ich werde versuchen Dir zu helfen

Systemscan mit ZOEK

Bitte lade die zoek.exe von hier: http://hijackthis.nl/smeenk/

Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen.
Starte die Zoek.exe mit einem Doppelklick (nur Windows XP-Benutzer).
Windows Vista/7 Benutzer starten das Tool bitte per Rechtsklick auf das Icon und wählen "Als Administrator starten".

Kopiere untenstehende Code in das Textfeld:

Code:

ATTFilter

emptyclsid;
chromelook;
autoclean;
startupall;
filesrcm;
firefoxlook;

Nun klicke auf "Run script" und warte geduldig, bis der Scan durchgelaufen ist.
Wenn das Tool fertig ist, wird sich Notepad mit dem Logfile öffnen (ggfs. erst nach einem Neustart).
Nachträglich kannst Du den Bericht unter c:\zoek-results.log einsehen.
Poste mir das Log File zoek-results.log

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte alles nach Möglichkeit hier in CODE-Tags posten: [code] Dein Log hier [/code]

Florian_Ice · 22.05.2013, 18:11

Hallo Smeenk,
erstmal vielen Dank für ihre Hilfe !
Das ist der TDSSKiller Bericht

Code:

ATTFilter

 19:01:06.0345 5884  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:01:06.0976 5884  ============================================================
19:01:06.0976 5884  Current date / time: 2013/05/22 19:01:06.0976
19:01:06.0976 5884  SystemInfo:
19:01:06.0976 5884  
19:01:06.0976 5884  OS Version: 6.1.7601 ServicePack: 1.0
19:01:06.0976 5884  Product type: Workstation
19:01:06.0977 5884  ComputerName: ICESHOCK-PC
19:01:06.0977 5884  UserName: IceShock
19:01:06.0977 5884  Windows directory: C:\Windows
19:01:06.0977 5884  System windows directory: C:\Windows
19:01:06.0977 5884  Running under WOW64
19:01:06.0977 5884  Processor architecture: Intel x64
19:01:06.0977 5884  Number of processors: 4
19:01:06.0977 5884  Page size: 0x1000
19:01:06.0977 5884  Boot type: Normal boot
19:01:06.0977 5884  ============================================================
19:01:07.0751 5884  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:01:07.0754 5884  ============================================================
19:01:07.0754 5884  \Device\Harddisk0\DR0:
19:01:07.0754 5884  MBR partitions:
19:01:07.0754 5884  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
19:01:07.0754 5884  ============================================================
19:01:07.0773 5884  C: <-> \Device\Harddisk0\DR0\Partition1
19:01:07.0773 5884  ============================================================
19:01:07.0773 5884  Initialize success
19:01:07.0773 5884  ============================================================
19:01:40.0864 2580  ============================================================
19:01:40.0864 2580  Scan started
19:01:40.0864 2580  Mode: Manual; SigCheck; TDLFS; 
19:01:40.0864 2580  ============================================================
19:01:41.0385 2580  ================ Scan system memory ========================
19:01:41.0385 2580  System memory - ok
19:01:41.0386 2580  ================ Scan services =============================
19:01:41.0500 2580  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:01:41.0550 2580  1394ohci - ok
19:01:41.0561 2580  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:01:41.0572 2580  ACPI - ok
19:01:41.0578 2580  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:01:41.0587 2580  AcpiPmi - ok
19:01:41.0607 2580  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:01:41.0620 2580  adp94xx - ok
19:01:41.0635 2580  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:01:41.0645 2580  adpahci - ok
19:01:41.0653 2580  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:01:41.0661 2580  adpu320 - ok
19:01:41.0683 2580  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:01:41.0706 2580  AeLookupSvc - ok
19:01:41.0817 2580  [ 0517E1670A58213E3F206066CD209273 ] AF15BDA         C:\Windows\system32\DRIVERS\AF15BDA.sys
19:01:41.0840 2580  AF15BDA - ok
19:01:41.0935 2580  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
19:01:41.0953 2580  Afc - ok
19:01:41.0993 2580  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
19:01:42.0014 2580  AFD - ok
19:01:42.0038 2580  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
19:01:42.0050 2580  agp440 - ok
19:01:42.0072 2580  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
19:01:42.0090 2580  ALG - ok
19:01:42.0102 2580  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:01:42.0116 2580  aliide - ok
19:01:42.0176 2580  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:01:42.0201 2580  AMD External Events Utility - ok
19:01:42.0231 2580  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
19:01:42.0245 2580  amdide - ok
19:01:42.0264 2580  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:01:42.0281 2580  AmdK8 - ok
19:01:42.0452 2580  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:01:42.0648 2580  amdkmdag - ok
19:01:42.0669 2580  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:01:42.0684 2580  amdkmdap - ok
19:01:42.0687 2580  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
19:01:42.0695 2580  AmdPPM - ok
19:01:42.0722 2580  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:01:42.0730 2580  amdsata - ok
19:01:42.0743 2580  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:01:42.0752 2580  amdsbs - ok
19:01:42.0768 2580  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:01:42.0775 2580  amdxata - ok
19:01:42.0796 2580  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
19:01:42.0818 2580  AppID - ok
19:01:42.0837 2580  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:01:42.0860 2580  AppIDSvc - ok
19:01:42.0911 2580  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
19:01:42.0929 2580  Appinfo - ok
19:01:43.0037 2580  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:01:43.0050 2580  Apple Mobile Device - ok
19:01:43.0084 2580  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:01:43.0102 2580  AppMgmt - ok
19:01:43.0126 2580  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
19:01:43.0141 2580  arc - ok
19:01:43.0162 2580  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:01:43.0178 2580  arcsas - ok
19:01:43.0214 2580  [ 10E9A8034C6843CA516BDB79D5D57B02 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
19:01:43.0226 2580  asahci64 - ok
19:01:43.0254 2580  [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
19:01:43.0275 2580  asmthub3 - ok
19:01:43.0297 2580  [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
19:01:43.0316 2580  asmtxhci - ok
19:01:43.0409 2580  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:01:43.0426 2580  aspnet_state - ok
19:01:43.0459 2580  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:01:43.0492 2580  AsyncMac - ok
19:01:43.0514 2580  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
19:01:43.0521 2580  atapi - ok
19:01:43.0562 2580  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
19:01:43.0570 2580  AtiHDAudioService - ok
19:01:43.0599 2580  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:01:43.0643 2580  AudioEndpointBuilder - ok
19:01:43.0650 2580  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:01:43.0675 2580  AudioSrv - ok
19:01:43.0702 2580  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
19:01:43.0708 2580  Avgfwfd - ok
19:01:43.0752 2580  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
19:01:43.0788 2580  avgfws - ok
19:01:43.0926 2580  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:01:43.0988 2580  AVGIDSAgent - ok
19:01:44.0003 2580  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
19:01:44.0011 2580  AVGIDSDriver - ok
19:01:44.0017 2580  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
19:01:44.0023 2580  AVGIDSHA - ok
19:01:44.0037 2580  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
19:01:44.0045 2580  Avgldx64 - ok
19:01:44.0070 2580  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
19:01:44.0079 2580  Avgloga - ok
19:01:44.0090 2580  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
19:01:44.0097 2580  Avgmfx64 - ok
19:01:44.0108 2580  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
19:01:44.0114 2580  Avgrkx64 - ok
19:01:44.0121 2580  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
19:01:44.0130 2580  Avgtdia - ok
19:01:44.0151 2580  [ 3B5657B6C11CDA87F664DD6F7DD0702D ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
19:01:44.0158 2580  avgtp - ok
19:01:44.0185 2580  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:01:44.0193 2580  avgwd - ok
19:01:44.0211 2580  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:01:44.0224 2580  AxInstSV - ok
19:01:44.0253 2580  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
19:01:44.0330 2580  b06bdrv - ok
19:01:44.0359 2580  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:01:44.0377 2580  b57nd60a - ok
19:01:44.0407 2580  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:01:44.0421 2580  BDESVC - ok
19:01:44.0431 2580  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:01:44.0460 2580  Beep - ok
19:01:44.0487 2580  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
19:01:44.0520 2580  BFE - ok
19:01:44.0549 2580  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
19:01:44.0584 2580  BITS - ok
19:01:44.0602 2580  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:01:44.0611 2580  blbdrive - ok
19:01:44.0710 2580  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:01:44.0723 2580  Bonjour Service - ok
19:01:44.0751 2580  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:01:44.0761 2580  bowser - ok
19:01:44.0782 2580  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:01:44.0795 2580  BrFiltLo - ok
19:01:44.0798 2580  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:01:44.0809 2580  BrFiltUp - ok
19:01:44.0828 2580  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
19:01:44.0840 2580  Browser - ok
19:01:44.0857 2580  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:01:44.0870 2580  Brserid - ok
19:01:44.0873 2580  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:01:44.0886 2580  BrSerWdm - ok
19:01:44.0889 2580  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:01:44.0899 2580  BrUsbMdm - ok
19:01:44.0901 2580  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:01:44.0910 2580  BrUsbSer - ok
19:01:44.0913 2580  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:01:44.0923 2580  BTHMODEM - ok
19:01:44.0946 2580  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
19:01:44.0969 2580  bthserv - ok
19:01:45.0046 2580  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
19:01:45.0068 2580  cbfs3 - ok
19:01:45.0079 2580  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:01:45.0106 2580  cdfs - ok
19:01:45.0128 2580  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:01:45.0138 2580  cdrom - ok
19:01:45.0152 2580  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:01:45.0174 2580  CertPropSvc - ok
19:01:45.0187 2580  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
19:01:45.0198 2580  circlass - ok
19:01:45.0214 2580  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
19:01:45.0225 2580  CLFS - ok
19:01:45.0272 2580  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:01:45.0285 2580  clr_optimization_v2.0.50727_32 - ok
19:01:45.0323 2580  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:01:45.0333 2580  clr_optimization_v2.0.50727_64 - ok
19:01:45.0413 2580  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:01:45.0431 2580  clr_optimization_v4.0.30319_32 - ok
19:01:45.0446 2580  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:01:45.0461 2580  clr_optimization_v4.0.30319_64 - ok
19:01:45.0480 2580  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
19:01:45.0494 2580  CmBatt - ok
19:01:45.0504 2580  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:01:45.0514 2580  cmdide - ok
19:01:45.0594 2580  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
19:01:45.0619 2580  CNG - ok
19:01:45.0632 2580  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
19:01:45.0639 2580  Compbatt - ok
19:01:45.0668 2580  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:01:45.0685 2580  CompositeBus - ok
19:01:45.0696 2580  COMSysApp - ok
19:01:45.0715 2580  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:01:45.0729 2580  crcdisk - ok
19:01:45.0759 2580  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:01:45.0777 2580  CryptSvc - ok
19:01:45.0802 2580  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
19:01:45.0824 2580  CSC - ok
19:01:45.0842 2580  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
19:01:45.0859 2580  CscService - ok
19:01:45.0880 2580  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:01:45.0911 2580  DcomLaunch - ok
19:01:45.0939 2580  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
19:01:45.0979 2580  defragsvc - ok
19:01:45.0989 2580  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:01:46.0011 2580  DfsC - ok
19:01:46.0033 2580  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:01:46.0044 2580  Dhcp - ok
19:01:46.0061 2580  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
19:01:46.0083 2580  discache - ok
19:01:46.0101 2580  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
19:01:46.0109 2580  Disk - ok
19:01:46.0134 2580  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:01:46.0143 2580  dmvsc - ok
19:01:46.0160 2580  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:01:46.0169 2580  Dnscache - ok
19:01:46.0185 2580  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:01:46.0209 2580  dot3svc - ok
19:01:46.0221 2580  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
19:01:46.0244 2580  DPS - ok
19:01:46.0263 2580  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:01:46.0273 2580  drmkaud - ok
19:01:46.0301 2580  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:01:46.0318 2580  dtsoftbus01 - ok
19:01:46.0321 2580  dump_wmimmc - ok
19:01:46.0393 2580  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:01:46.0425 2580  DXGKrnl - ok
19:01:46.0432 2580  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
19:01:46.0455 2580  EapHost - ok
19:01:46.0522 2580  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
19:01:46.0606 2580  ebdrv - ok
19:01:46.0630 2580  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
19:01:46.0638 2580  EFS - ok
19:01:46.0689 2580  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:01:46.0712 2580  ehRecvr - ok
19:01:46.0723 2580  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
19:01:46.0738 2580  ehSched - ok
19:01:46.0767 2580  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:01:46.0787 2580  elxstor - ok
19:01:46.0805 2580  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:01:46.0818 2580  ErrDev - ok
19:01:46.0862 2580  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
19:01:46.0917 2580  EventSystem - ok
19:01:46.0986 2580  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
19:01:47.0029 2580  exfat - ok
19:01:47.0072 2580  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:01:47.0119 2580  fastfat - ok
19:01:47.0140 2580  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
19:01:47.0154 2580  Fax - ok
19:01:47.0156 2580  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
19:01:47.0164 2580  fdc - ok
19:01:47.0175 2580  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
19:01:47.0197 2580  fdPHost - ok
19:01:47.0207 2580  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:01:47.0230 2580  FDResPub - ok
19:01:47.0240 2580  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:01:47.0247 2580  FileInfo - ok
19:01:47.0253 2580  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:01:47.0276 2580  Filetrace - ok
19:01:47.0278 2580  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:01:47.0286 2580  flpydisk - ok
19:01:47.0296 2580  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:01:47.0306 2580  FltMgr - ok
19:01:47.0374 2580  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
19:01:47.0419 2580  FontCache - ok
19:01:47.0458 2580  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:01:47.0466 2580  FontCache3.0.0.0 - ok
19:01:47.0479 2580  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:01:47.0488 2580  FsDepends - ok
19:01:47.0516 2580  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:01:47.0525 2580  Fs_Rec - ok
19:01:47.0547 2580  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:01:47.0561 2580  fvevol - ok
19:01:47.0572 2580  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:01:47.0582 2580  gagp30kx - ok
19:01:47.0654 2580  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
19:01:47.0666 2580  GEARAspiWDM - ok
19:01:47.0692 2580  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
19:01:47.0732 2580  gpsvc - ok
19:01:47.0766 2580  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:01:47.0772 2580  gupdate - ok
19:01:47.0808 2580  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:01:47.0820 2580  gupdatem - ok
19:01:47.0891 2580  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
19:01:47.0903 2580  hamachi - ok
19:01:48.0053 2580  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
19:01:48.0090 2580  Hamachi2Svc - ok
19:01:48.0102 2580  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:01:48.0110 2580  hcw85cir - ok
19:01:48.0134 2580  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:01:48.0147 2580  HdAudAddService - ok
19:01:48.0170 2580  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:01:48.0181 2580  HDAudBus - ok
19:01:48.0188 2580  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:01:48.0196 2580  HidBatt - ok
19:01:48.0206 2580  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:01:48.0217 2580  HidBth - ok
19:01:48.0234 2580  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:01:48.0244 2580  HidIr - ok
19:01:48.0269 2580  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
19:01:48.0293 2580  hidserv - ok
19:01:48.0311 2580  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:01:48.0320 2580  HidUsb - ok
19:01:48.0330 2580  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:01:48.0352 2580  hkmsvc - ok
19:01:48.0375 2580  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:01:48.0386 2580  HomeGroupListener - ok
19:01:48.0403 2580  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:01:48.0412 2580  HomeGroupProvider - ok
19:01:48.0424 2580  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:01:48.0431 2580  HpSAMD - ok
19:01:48.0451 2580  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:01:48.0480 2580  HTTP - ok
19:01:48.0487 2580  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:01:48.0494 2580  hwpolicy - ok
19:01:48.0503 2580  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:01:48.0511 2580  i8042prt - ok
19:01:48.0536 2580  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:01:48.0547 2580  iaStorV - ok
19:01:48.0584 2580  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:01:48.0614 2580  idsvc - ok
19:01:48.0629 2580  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:01:48.0636 2580  iirsp - ok
19:01:48.0670 2580  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
19:01:48.0714 2580  IKEEXT - ok
19:01:48.0787 2580  [ 254FAAE42AFC641C0BE628DE123EA9DE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:01:48.0849 2580  IntcAzAudAddService - ok
19:01:48.0862 2580  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
19:01:48.0869 2580  intelide - ok
19:01:48.0881 2580  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:01:48.0889 2580  intelppm - ok
19:01:48.0897 2580  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:01:48.0919 2580  IPBusEnum - ok
19:01:48.0933 2580  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:01:48.0955 2580  IpFilterDriver - ok
19:01:48.0963 2580  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:01:48.0971 2580  IPMIDRV - ok
19:01:48.0983 2580  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:01:49.0005 2580  IPNAT - ok
19:01:49.0079 2580  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
19:01:49.0103 2580  iPod Service - ok
19:01:49.0119 2580  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:01:49.0138 2580  IRENUM - ok
19:01:49.0163 2580  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:01:49.0175 2580  isapnp - ok
19:01:49.0197 2580  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:01:49.0214 2580  iScsiPrt - ok
19:01:49.0224 2580  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:01:49.0237 2580  kbdclass - ok
19:01:49.0251 2580  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:01:49.0265 2580  kbdhid - ok
19:01:49.0277 2580  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
19:01:49.0291 2580  KeyIso - ok
19:01:49.0308 2580  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:01:49.0322 2580  KSecDD - ok
19:01:49.0330 2580  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:01:49.0344 2580  KSecPkg - ok
19:01:49.0505 2580  [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
19:01:49.0520 2580  KSS - ok
19:01:49.0566 2580  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:01:49.0605 2580  ksthunk - ok
19:01:49.0630 2580  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:01:49.0671 2580  KtmRm - ok
19:01:49.0719 2580  [ 305BB2AC00D46542E0A653AB63F4ABB1 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
19:01:49.0736 2580  LADF_CaptureOnly - ok
19:01:49.0757 2580  [ 28CDDC7D478A6313F55077416DCBD0DE ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
19:01:49.0771 2580  LADF_RenderOnly - ok
19:01:49.0793 2580  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:01:49.0830 2580  LanmanServer - ok
19:01:49.0846 2580  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:01:49.0869 2580  LanmanWorkstation - ok
19:01:49.0926 2580  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
19:01:49.0938 2580  LGBusEnum - ok
19:01:49.0962 2580  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
19:01:49.0974 2580  LGVirHid - ok
19:01:49.0999 2580  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:01:50.0036 2580  lltdio - ok
19:01:50.0054 2580  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:01:50.0083 2580  lltdsvc - ok
19:01:50.0100 2580  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:01:50.0123 2580  lmhosts - ok
19:01:50.0153 2580  [ DF86570FFC4F8A7E38595CC072B19A5B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:01:50.0163 2580  LMS - ok
19:01:50.0190 2580  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:01:50.0198 2580  LSI_FC - ok
19:01:50.0210 2580  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:01:50.0218 2580  LSI_SAS - ok
19:01:50.0229 2580  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:01:50.0237 2580  LSI_SAS2 - ok
19:01:50.0251 2580  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:01:50.0260 2580  LSI_SCSI - ok
19:01:50.0272 2580  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
19:01:50.0295 2580  luafv - ok
19:01:50.0320 2580  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:01:50.0336 2580  Mcx2Svc - ok
19:01:50.0351 2580  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:01:50.0366 2580  megasas - ok
19:01:50.0382 2580  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:01:50.0401 2580  MegaSR - ok
19:01:50.0429 2580  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
19:01:50.0442 2580  MEIx64 - ok
19:01:50.0461 2580  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
19:01:50.0505 2580  MMCSS - ok
19:01:50.0511 2580  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
19:01:50.0533 2580  Modem - ok
19:01:50.0550 2580  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:01:50.0559 2580  monitor - ok
19:01:50.0570 2580  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:01:50.0577 2580  mouclass - ok
19:01:50.0594 2580  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:01:50.0603 2580  mouhid - ok
19:01:50.0617 2580  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:01:50.0626 2580  mountmgr - ok
19:01:50.0670 2580  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:01:50.0684 2580  MozillaMaintenance - ok
19:01:50.0702 2580  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:01:50.0714 2580  mpio - ok
19:01:50.0731 2580  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:01:50.0765 2580  mpsdrv - ok
19:01:50.0790 2580  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:01:50.0819 2580  MpsSvc - ok
19:01:50.0831 2580  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:01:50.0843 2580  MRxDAV - ok
19:01:50.0858 2580  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:01:50.0867 2580  mrxsmb - ok
19:01:50.0877 2580  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:01:50.0888 2580  mrxsmb10 - ok
19:01:50.0894 2580  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:01:50.0903 2580  mrxsmb20 - ok
19:01:50.0918 2580  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:01:50.0925 2580  msahci - ok
19:01:50.0940 2580  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:01:50.0948 2580  msdsm - ok
19:01:50.0965 2580  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
19:01:50.0975 2580  MSDTC - ok
19:01:50.0999 2580  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:01:51.0032 2580  Msfs - ok
19:01:51.0054 2580  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:01:51.0077 2580  mshidkmdf - ok
19:01:51.0089 2580  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:01:51.0096 2580  msisadrv - ok
19:01:51.0116 2580  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:01:51.0140 2580  MSiSCSI - ok
19:01:51.0142 2580  msiserver - ok
19:01:51.0162 2580  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:01:51.0185 2580  MSKSSRV - ok
19:01:51.0197 2580  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:01:51.0219 2580  MSPCLOCK - ok
19:01:51.0229 2580  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:01:51.0251 2580  MSPQM - ok
19:01:51.0270 2580  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:01:51.0281 2580  MsRPC - ok
19:01:51.0292 2580  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:01:51.0298 2580  mssmbios - ok
19:01:51.0307 2580  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:01:51.0329 2580  MSTEE - ok
19:01:51.0342 2580  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:01:51.0350 2580  MTConfig - ok
19:01:51.0358 2580  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:01:51.0366 2580  Mup - ok
19:01:51.0382 2580  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
19:01:51.0408 2580  napagent - ok
19:01:51.0434 2580  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:01:51.0448 2580  NativeWifiP - ok
19:01:51.0478 2580  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:01:51.0496 2580  NDIS - ok
19:01:51.0504 2580  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:01:51.0527 2580  NdisCap - ok
19:01:51.0533 2580  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:01:51.0555 2580  NdisTapi - ok
19:01:51.0560 2580  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:01:51.0581 2580  Ndisuio - ok
19:01:51.0590 2580  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:01:51.0614 2580  NdisWan - ok
19:01:51.0619 2580  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:01:51.0641 2580  NDProxy - ok
19:01:51.0646 2580  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:01:51.0669 2580  NetBIOS - ok
19:01:51.0683 2580  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:01:51.0708 2580  NetBT - ok
19:01:51.0716 2580  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
19:01:51.0725 2580  Netlogon - ok
19:01:51.0748 2580  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
19:01:51.0774 2580  Netman - ok
19:01:51.0825 2580  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0843 2580  NetMsmqActivator - ok
19:01:51.0848 2580  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0858 2580  NetPipeActivator - ok
19:01:51.0884 2580  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
19:01:51.0915 2580  netprofm - ok
19:01:51.0918 2580  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0925 2580  NetTcpActivator - ok
19:01:51.0928 2580  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:01:51.0936 2580  NetTcpPortSharing - ok
19:01:51.0968 2580  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:01:51.0979 2580  nfrd960 - ok
19:01:52.0046 2580  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:01:52.0065 2580  NlaSvc - ok
19:01:52.0076 2580  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:01:52.0104 2580  Npfs - ok
19:01:52.0106 2580  npggsvc - ok
19:01:52.0109 2580  NPPTNT2 - ok
19:01:52.0121 2580  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
19:01:52.0150 2580  nsi - ok
19:01:52.0157 2580  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:01:52.0181 2580  nsiproxy - ok
19:01:52.0264 2580  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:01:52.0321 2580  Ntfs - ok
19:01:52.0332 2580  NTIOLib_1_0_C - ok
19:01:52.0348 2580  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
19:01:52.0370 2580  Null - ok
19:01:52.0397 2580  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:01:52.0405 2580  nvraid - ok
19:01:52.0425 2580  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:01:52.0434 2580  nvstor - ok
19:01:52.0451 2580  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:01:52.0460 2580  nv_agp - ok
19:01:52.0462 2580  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:01:52.0472 2580  ohci1394 - ok
19:01:52.0485 2580  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:01:52.0496 2580  p2pimsvc - ok
19:01:52.0508 2580  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:01:52.0521 2580  p2psvc - ok
19:01:52.0539 2580  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:01:52.0548 2580  Parport - ok
19:01:52.0564 2580  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:01:52.0572 2580  partmgr - ok
19:01:52.0585 2580  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:01:52.0598 2580  PcaSvc - ok
19:01:52.0606 2580  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
19:01:52.0615 2580  pci - ok
19:01:52.0624 2580  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
19:01:52.0631 2580  pciide - ok
19:01:52.0643 2580  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:01:52.0652 2580  pcmcia - ok
19:01:52.0665 2580  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:01:52.0673 2580  pcw - ok
19:01:52.0687 2580  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:01:52.0716 2580  PEAUTH - ok
19:01:52.0751 2580  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:01:52.0788 2580  PeerDistSvc - ok
19:01:52.0843 2580  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:01:52.0862 2580  PerfHost - ok
19:01:52.0916 2580  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
19:01:52.0977 2580  pla - ok
19:01:53.0009 2580  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:01:53.0021 2580  PlugPlay - ok
19:01:53.0027 2580  PnkBstrA - ok
19:01:53.0038 2580  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:01:53.0046 2580  PNRPAutoReg - ok
19:01:53.0059 2580  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:01:53.0069 2580  PNRPsvc - ok
19:01:53.0096 2580  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:01:53.0122 2580  PolicyAgent - ok
19:01:53.0143 2580  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
19:01:53.0167 2580  Power - ok
19:01:53.0186 2580  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:01:53.0209 2580  PptpMiniport - ok
19:01:53.0223 2580  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
19:01:53.0232 2580  Processor - ok
19:01:53.0267 2580  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:01:53.0286 2580  ProfSvc - ok
19:01:53.0298 2580  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:01:53.0307 2580  ProtectedStorage - ok
19:01:53.0326 2580  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:01:53.0352 2580  Psched - ok
19:01:53.0396 2580  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:01:53.0443 2580  ql2300 - ok
19:01:53.0452 2580  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:01:53.0461 2580  ql40xx - ok
19:01:53.0489 2580  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
19:01:53.0502 2580  QWAVE - ok
19:01:53.0509 2580  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:01:53.0521 2580  QWAVEdrv - ok
19:01:53.0536 2580  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:01:53.0560 2580  RasAcd - ok
19:01:53.0576 2580  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:01:53.0599 2580  RasAgileVpn - ok
19:01:53.0613 2580  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
19:01:53.0637 2580  RasAuto - ok
19:01:53.0680 2580  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:01:53.0718 2580  Rasl2tp - ok
19:01:53.0743 2580  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
19:01:53.0768 2580  RasMan - ok
19:01:53.0773 2580  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:01:53.0796 2580  RasPppoe - ok
19:01:53.0808 2580  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:01:53.0830 2580  RasSstp - ok
19:01:53.0842 2580  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:01:53.0866 2580  rdbss - ok
19:01:53.0878 2580  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:01:53.0888 2580  rdpbus - ok
19:01:53.0895 2580  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:01:53.0917 2580  RDPCDD - ok
19:01:53.0942 2580  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:01:53.0951 2580  RDPDR - ok
19:01:53.0968 2580  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:01:53.0990 2580  RDPENCDD - ok
19:01:54.0000 2580  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:01:54.0022 2580  RDPREFMP - ok
19:01:54.0042 2580  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:01:54.0051 2580  RDPWD - ok
19:01:54.0062 2580  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:01:54.0071 2580  rdyboost - ok
19:01:54.0112 2580  [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nSU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
19:01:54.0119 2580  Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
19:01:54.0119 2580  Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
19:01:54.0141 2580  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:01:54.0179 2580  RemoteAccess - ok
19:01:54.0207 2580  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:01:54.0232 2580  RemoteRegistry - ok
19:01:54.0240 2580  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:01:54.0264 2580  RpcEptMapper - ok
19:01:54.0273 2580  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
19:01:54.0283 2580  RpcLocator - ok
19:01:54.0296 2580  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
19:01:54.0320 2580  RpcSs - ok
19:01:54.0335 2580  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:01:54.0358 2580  rspndr - ok
19:01:54.0397 2580  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:01:54.0418 2580  RTL8167 - ok
19:01:54.0460 2580  [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
19:01:54.0486 2580  RTL8192su - ok
19:01:54.0499 2580  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:01:54.0508 2580  s3cap - ok
19:01:54.0563 2580  [ 77A84B1FB7B5E492A560B97564AE6499 ] Said1109        C:\Windows\system32\DRIVERS\Said1109.sys
19:01:54.0576 2580  Said1109 - ok
19:01:54.0646 2580  [ 46B351B789DE0D95FE6B8B7318D5B4DF ] SaiK1109        C:\Windows\system32\DRIVERS\SaiK1109.sys
19:01:54.0662 2580  SaiK1109 - ok
19:01:54.0719 2580  [ CA2ED6629C654AA00B033E3675A4F13D ] SaiK1713        C:\Windows\system32\DRIVERS\SaiK1713.sys
19:01:54.0735 2580  SaiK1713 - ok
19:01:54.0795 2580  [ A7CEE5D110C7F07B20490398E673E4EA ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
19:01:54.0809 2580  SaiMini - ok
19:01:54.0860 2580  [ 86BDC00D124A611F1ECA5681D5123E26 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
19:01:54.0873 2580  SaiNtBus - ok
19:01:54.0904 2580  [ 2510B192A970122C7E7FAAE97CA51B29 ] SaiU1713        C:\Windows\system32\DRIVERS\SaiU1713.sys
19:01:54.0918 2580  SaiU1713 - ok
19:01:54.0930 2580  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
19:01:54.0945 2580  SamSs - ok
19:01:54.0964 2580  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:01:54.0980 2580  sbp2port - ok
19:01:55.0002 2580  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:01:55.0042 2580  SCardSvr - ok
19:01:55.0056 2580  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:01:55.0080 2580  scfilter - ok
19:01:55.0104 2580  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
19:01:55.0149 2580  Schedule - ok
19:01:55.0166 2580  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:01:55.0188 2580  SCPolicySvc - ok
19:01:55.0201 2580  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:01:55.0211 2580  SDRSVC - ok
19:01:55.0278 2580  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
19:01:55.0306 2580  SDScannerService - ok
19:01:55.0348 2580  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
19:01:55.0366 2580  SDUpdateService - ok
19:01:55.0382 2580  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
19:01:55.0390 2580  SDWSCService - ok
19:01:55.0416 2580  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:01:55.0455 2580  secdrv - ok
19:01:55.0465 2580  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
19:01:55.0487 2580  seclogon - ok
19:01:55.0507 2580  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
19:01:55.0530 2580  SENS - ok
19:01:55.0548 2580  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:01:55.0557 2580  SensrSvc - ok
19:01:55.0629 2580  [ FA4C17148ED9AD06E27533E096B407A5 ] Sentinel        C:\Program Files (x86)\Mad Catz\Sentinel\Sentinel.exe
19:01:55.0634 2580  Sentinel ( UnsignedFile.Multi.Generic ) - warning
19:01:55.0634 2580  Sentinel - detected UnsignedFile.Multi.Generic (1)
19:01:55.0644 2580  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:01:55.0660 2580  Serenum - ok
19:01:55.0681 2580  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:01:55.0697 2580  Serial - ok
19:01:55.0708 2580  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:01:55.0721 2580  sermouse - ok
19:01:55.0743 2580  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:01:55.0767 2580  SessionEnv - ok
19:01:55.0769 2580  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:01:55.0779 2580  sffdisk - ok
19:01:55.0781 2580  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:01:55.0790 2580  sffp_mmc - ok
19:01:55.0792 2580  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:01:55.0801 2580  sffp_sd - ok
19:01:55.0809 2580  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:01:55.0817 2580  sfloppy - ok
19:01:55.0828 2580  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:01:55.0853 2580  ShellHWDetection - ok
19:01:55.0863 2580  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:01:55.0870 2580  SiSRaid2 - ok
19:01:55.0881 2580  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:01:55.0888 2580  SiSRaid4 - ok
19:01:55.0994 2580  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
19:01:56.0009 2580  SkypeUpdate - ok
19:01:56.0036 2580  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:01:56.0070 2580  Smb - ok
19:01:56.0091 2580  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:01:56.0100 2580  SNMPTRAP - ok
19:01:56.0105 2580  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:01:56.0112 2580  spldr - ok
19:01:56.0134 2580  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
19:01:56.0147 2580  Spooler - ok
19:01:56.0201 2580  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
19:01:56.0299 2580  sppsvc - ok
19:01:56.0329 2580  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:01:56.0353 2580  sppuinotify - ok
19:01:56.0397 2580  sptd - ok
19:01:56.0423 2580  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:01:56.0444 2580  srv - ok
19:01:56.0457 2580  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:01:56.0471 2580  srv2 - ok
19:01:56.0481 2580  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:01:56.0492 2580  srvnet - ok
19:01:56.0521 2580  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:01:56.0550 2580  SSDPSRV - ok
19:01:56.0558 2580  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:01:56.0583 2580  SstpSvc - ok
19:01:56.0625 2580  Steam Client Service - ok
19:01:56.0666 2580  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:01:56.0680 2580  stexstor - ok
19:01:56.0715 2580  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
19:01:56.0745 2580  stisvc - ok
19:01:56.0766 2580  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:01:56.0774 2580  storflt - ok
19:01:56.0790 2580  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
19:01:56.0798 2580  StorSvc - ok
19:01:56.0815 2580  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:01:56.0822 2580  storvsc - ok
19:01:56.0838 2580  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:01:56.0846 2580  swenum - ok
19:01:56.0972 2580  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:01:56.0989 2580  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
19:01:56.0989 2580  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
19:01:57.0002 2580  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
19:01:57.0031 2580  swprv - ok
19:01:57.0062 2580  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
19:01:57.0103 2580  SysMain - ok
19:01:57.0111 2580  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:01:57.0123 2580  TabletInputService - ok
19:01:57.0128 2580  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:01:57.0152 2580  TapiSrv - ok
19:01:57.0164 2580  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
19:01:57.0188 2580  TBS - ok
19:01:57.0269 2580  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:01:57.0326 2580  Tcpip - ok
19:01:57.0394 2580  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:01:57.0425 2580  TCPIP6 - ok
19:01:57.0476 2580  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:01:57.0492 2580  tcpipreg - ok
19:01:57.0518 2580  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:01:57.0533 2580  TDPIPE - ok
19:01:57.0557 2580  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:01:57.0572 2580  TDTCP - ok
19:01:57.0589 2580  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:01:57.0623 2580  tdx - ok
19:01:57.0646 2580  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:01:57.0654 2580  TermDD - ok
19:01:57.0669 2580  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
19:01:57.0700 2580  TermService - ok
19:01:57.0710 2580  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
19:01:57.0722 2580  Themes - ok
19:01:57.0745 2580  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
19:01:57.0767 2580  THREADORDER - ok
19:01:57.0780 2580  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
19:01:57.0804 2580  TrkWks - ok
19:01:57.0843 2580  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:01:57.0866 2580  TrustedInstaller - ok
19:01:57.0885 2580  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:01:57.0909 2580  tssecsrv - ok
19:01:57.0933 2580  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:01:57.0941 2580  TsUsbFlt - ok
19:01:57.0951 2580  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:01:57.0959 2580  TsUsbGD - ok
19:01:57.0974 2580  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:01:57.0996 2580  tunnel - ok
19:01:58.0005 2580  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:01:58.0013 2580  uagp35 - ok
19:01:58.0030 2580  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:01:58.0054 2580  udfs - ok
19:01:58.0066 2580  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:01:58.0076 2580  UI0Detect - ok
19:01:58.0094 2580  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:01:58.0102 2580  uliagpkx - ok
19:01:58.0112 2580  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:01:58.0122 2580  umbus - ok
19:01:58.0128 2580  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:01:58.0144 2580  UmPass - ok
19:01:58.0166 2580  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
19:01:58.0176 2580  UmRdpService - ok
19:01:58.0255 2580  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:01:58.0344 2580  UNS - ok
19:01:58.0359 2580  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
19:01:58.0393 2580  upnphost - ok
19:01:58.0428 2580  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:01:58.0443 2580  USBAAPL64 - ok
19:01:58.0461 2580  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:01:58.0477 2580  usbaudio - ok
19:01:58.0502 2580  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:01:58.0514 2580  usbccgp - ok
19:01:58.0541 2580  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:01:58.0562 2580  usbcir - ok
19:01:58.0572 2580  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
19:01:58.0583 2580  usbehci - ok
19:01:58.0615 2580  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:01:58.0631 2580  usbhub - ok
19:01:58.0643 2580  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
19:01:58.0654 2580  usbohci - ok
19:01:58.0672 2580  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
19:01:58.0687 2580  usbprint - ok
19:01:58.0704 2580  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:01:58.0717 2580  USBSTOR - ok
19:01:58.0731 2580  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:01:58.0742 2580  usbuhci - ok
19:01:58.0771 2580  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
19:01:58.0806 2580  UxSms - ok
19:01:58.0817 2580  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
19:01:58.0825 2580  VaultSvc - ok
19:01:58.0832 2580  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:01:58.0839 2580  vdrvroot - ok
19:01:58.0852 2580  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
19:01:58.0879 2580  vds - ok
19:01:58.0903 2580  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:01:58.0913 2580  vga - ok
19:01:58.0915 2580  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:01:58.0937 2580  VgaSave - ok
19:01:58.0941 2580  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:01:58.0950 2580  vhdmp - ok
19:01:58.0958 2580  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:01:58.0965 2580  viaide - ok
19:01:58.0988 2580  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:01:58.0997 2580  vmbus - ok
19:01:59.0016 2580  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:01:59.0025 2580  VMBusHID - ok
19:01:59.0038 2580  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:01:59.0045 2580  volmgr - ok
19:01:59.0055 2580  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:01:59.0066 2580  volmgrx - ok
19:01:59.0081 2580  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:01:59.0092 2580  volsnap - ok
19:01:59.0112 2580  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:01:59.0121 2580  vsmraid - ok
19:01:59.0158 2580  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
19:01:59.0210 2580  VSS - ok
19:01:59.0312 2580  [ 4B817450226F93C31ADD5BCC27FED27A ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
19:01:59.0343 2580  vToolbarUpdater15.2.0 - ok
19:01:59.0368 2580  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:01:59.0377 2580  vwifibus - ok
19:01:59.0388 2580  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:01:59.0400 2580  vwififlt - ok
19:01:59.0432 2580  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
19:01:59.0459 2580  W32Time - ok
19:01:59.0472 2580  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:01:59.0480 2580  WacomPen - ok
19:01:59.0503 2580  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:01:59.0526 2580  WANARP - ok
19:01:59.0528 2580  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:01:59.0549 2580  Wanarpv6 - ok
19:01:59.0573 2580  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
19:01:59.0610 2580  wbengine - ok
19:01:59.0618 2580  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:01:59.0631 2580  WbioSrvc - ok
19:01:59.0636 2580  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:01:59.0651 2580  wcncsvc - ok
19:01:59.0661 2580  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:01:59.0670 2580  WcsPlugInService - ok
19:01:59.0684 2580  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
19:01:59.0691 2580  Wd - ok
19:01:59.0744 2580  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:01:59.0775 2580  Wdf01000 - ok
19:01:59.0783 2580  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:01:59.0798 2580  WdiServiceHost - ok
19:01:59.0800 2580  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:01:59.0812 2580  WdiSystemHost - ok
19:01:59.0819 2580  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
19:01:59.0833 2580  WebClient - ok
19:01:59.0843 2580  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:01:59.0868 2580  Wecsvc - ok
19:01:59.0882 2580  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:01:59.0906 2580  wercplsupport - ok
19:01:59.0931 2580  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:01:59.0955 2580  WerSvc - ok
19:01:59.0962 2580  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:01:59.0984 2580  WfpLwf - ok
19:01:59.0998 2580  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:02:00.0006 2580  WIMMount - ok
19:02:00.0018 2580  WinHttpAutoProxySvc - ok
19:02:00.0050 2580  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:02:00.0087 2580  Winmgmt - ok
19:02:00.0131 2580  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
19:02:00.0207 2580  WinRM - ok
19:02:00.0244 2580  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
19:02:00.0255 2580  WinUsb - ok
19:02:00.0289 2580  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:02:00.0321 2580  Wlansvc - ok
19:02:00.0493 2580  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:02:00.0563 2580  wlidsvc - ok
19:02:00.0579 2580  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:02:00.0587 2580  WmiAcpi - ok
19:02:00.0610 2580  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:02:00.0620 2580  wmiApSrv - ok
19:02:00.0633 2580  WMPNetworkSvc - ok
19:02:00.0648 2580  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:02:00.0657 2580  WPCSvc - ok
19:02:00.0669 2580  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:02:00.0680 2580  WPDBusEnum - ok
19:02:00.0689 2580  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:02:00.0712 2580  ws2ifsl - ok
19:02:00.0728 2580  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
19:02:00.0741 2580  wscsvc - ok
19:02:00.0743 2580  WSearch - ok
19:02:00.0793 2580  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:02:00.0847 2580  wuauserv - ok
19:02:00.0922 2580  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:02:00.0938 2580  WudfPf - ok
19:02:00.0974 2580  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:02:00.0993 2580  WUDFRd - ok
19:02:01.0048 2580  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:02:01.0066 2580  wudfsvc - ok
19:02:01.0121 2580  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:02:01.0140 2580  WwanSvc - ok
19:02:01.0151 2580  ================ Scan global ===============================
19:02:01.0171 2580  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:02:01.0230 2580  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:01.0239 2580  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
19:02:01.0264 2580  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:02:01.0306 2580  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
19:02:01.0327 2580  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
19:02:01.0327 2580  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
19:02:01.0327 2580  ================ Scan MBR ==================================
19:02:01.0356 2580  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:02:01.0561 2580  \Device\Harddisk0\DR0 - ok
19:02:01.0561 2580  ================ Scan VBR ==================================
19:02:01.0564 2580  [ 8F7BE01F6CE49A79B09F95E527F8B1A7 ] \Device\Harddisk0\DR0\Partition1
19:02:01.0566 2580  \Device\Harddisk0\DR0\Partition1 - ok
19:02:01.0566 2580  ============================================================
19:02:01.0566 2580  Scan finished
19:02:01.0566 2580  ============================================================
19:02:01.0578 6776  Detected object count: 4
19:02:01.0578 6776  Actual detected object count: 4
19:02:34.0149 6776  Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:34.0149 6776  Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:02:34.0151 6776  Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:34.0151 6776  Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:02:34.0152 6776  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
19:02:34.0152 6776  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
19:02:34.0154 6776  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - skipped by user
19:02:34.0154 6776  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Skip

Bei der zoek.exe Anwendung gab es leider ein Problem, und zwar nachdem ich das Programm als Administrator ausgeführt habe, passierte nicht mehr, als dass der kleine Ring neben meiner Maus, als Anzeichen, dass etwas lädt, auftauchte.
Ich werde nun den PC einmal neustarten und sehen, was passiert.

So, nach dem Neustart kommt nachdem ich das Programm ausgeführt habe, nach einiger Zeit eine Meldung von Windows, dass es Kompatibilitätsprobleme gibt. Mein Virenprogramm ist ausgeschaltet. Ich habe die .exe normal über den Link herunter geladen und gestartet. Habe ich etwas übersehen bzw. falsch gemacht ?

Florian_Ice · 22.05.2013, 18:58

Weil ich das OTL log nicht anhängen konnte, kopiere ich es hier noch einmal rein.

Code:

ATTFilter

OTL logfile created on: 22.05.2013 17:44:31 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\IceShock\Desktop\Threat
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,98 Gb Total Physical Memory | 4,15 Gb Available Physical Memory | 52,01% Memory free
15,96 Gb Paging File | 11,66 Gb Available in Paging File | 73,05% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,75 Gb Total Space | 44,87 Gb Free Space | 9,63% Space Free | Partition Type: NTFS
 
Computer Name: ICESHOCK-PC | User Name: IceShock | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC -  File not found
PRC - C:\Users\IceShock\Desktop\Threat\gmer_2.1.19163.exe ()
PRC - C:\Users\IceShock\Desktop\Threat\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\AVG Secure Search\vprot.exe (AVG Secure Search)
PRC - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
PRC - C:\Users\IceShock\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Users\IceShock\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
PRC - C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
PRC - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe (MSI CO.,LTD.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtWlan.exe (Realtek Semiconductor Corp.)
PRC - C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (Realtek)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\IceShock\Desktop\Threat\gmer_2.1.19163.exe ()
MOD - C:\Users\IceShock\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll ()
MOD - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\SiteSafety.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtScript4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtGui4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtSql4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtDeclarative4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\QtCore4.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - \\?\globalroot\systemroot\syswow64\mswsock.DLL ()
MOD - \\.\globalroot\systemroot\syswow64\mswsock.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (vToolbarUpdater15.2.0) -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe (AVG Secure Search)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.)
SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.)
SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.)
SRV - (Sentinel) -- C:\Program Files (x86)\Mad Catz\Sentinel\Sentinel.exe (Mad Catz)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (KSS) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
SRV - (npggsvc) -- C:\Windows\SysWOW64\GameMon.des (INCA Internet Co., Ltd.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Realtek11nSU) -- C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe (Realtek)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avgtp) -- C:\Windows\SysNative\drivers\avgtpx64.sys (AVG Technologies)
DRV:64bit: - (LADF_CaptureOnly) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys (Logitech)
DRV:64bit: - (LADF_RenderOnly) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys (Logitech)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Avgmfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (SaiNtBus) -- C:\Windows\SysNative\drivers\SaiBus.sys (Saitek)
DRV:64bit: - (SaiMini) -- C:\Windows\SysNative\drivers\SaiMini.sys (Saitek)
DRV:64bit: - (SaiK1109) -- C:\Windows\SysNative\drivers\SaiK1109.sys (Saitek)
DRV:64bit: - (Said1109) -- C:\Windows\SysNative\drivers\Said1109.sys (Saitek)
DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. )
DRV:64bit: - (Avgldx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Avgtdia) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (SaiK1713) -- C:\Windows\SysNative\drivers\SaiK1713.sys (Saitek)
DRV:64bit: - (SaiU1713) -- C:\Windows\SysNative\drivers\SaiU1713.sys (Saitek)
DRV:64bit: - (Avgrkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (cbfs3) -- C:\Windows\SysNative\drivers\cbfs3.sys (EldoS Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (asahci64) -- C:\Windows\SysNative\drivers\asahci64.sys (Asmedia Technology)
DRV:64bit: - (RTL8192su) -- C:\Windows\SysNative\drivers\rtl8192su.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (AF15BDA) -- C:\Windows\SysNative\drivers\AF15BDA.sys (ITETech                  )
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPPTNT2) -- C:\Windows\SysWOW64\npptNT2.sys (INCA Internet Co., Ltd.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=4AE88C89A58334B8
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D6 73 DD 34 4A CA CD 01  [binary data]
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www1.delta-search.com/?q={searchTerms}&affID=119781&tt=gc_&babsrc=SP_ss&mntrId=4AE88C89A58334B8
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={CC7E5D58-CB93-4533-B799-6601D5D2DF0E}&mid=b87bc5c21c8a47d0a9715dc0e367dd4b-471b36317b7118a808f2eafb55ec18b65e6faf26&lang=de&ds=AVG&pr=pr&d=2012-11-09 15:50:49&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-623712556-1154303772-162369497-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: info%40maltegoetz.de:1.0.1
FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..network.proxy.http: "www-proxy.t-online.de"
FF - prefs.js..network.proxy.http_port: 80
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.type: 1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.3: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\15.2.0.5 [2013.05.20 19:42:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}: C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ [2013.01.21 18:04:29 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.28 18:04:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.10 15:25:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.28 18:04:10 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.05.10 15:25:23 | 000,000,000 | ---D | M]
 
[2012.11.21 19:28:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IceShock\AppData\Roaming\mozilla\Extensions
[2013.05.19 20:04:36 | 000,000,000 | ---D | M] (No name found) -- C:\Users\IceShock\AppData\Roaming\mozilla\Firefox\Profiles\ym4wpztj.default\extensions
[2013.05.09 17:23:24 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\IceShock\AppData\Roaming\mozilla\Firefox\Profiles\ym4wpztj.default\extensions\ich@maltegoetz.de
[2013.05.17 20:13:53 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\IceShock\AppData\Roaming\mozilla\Firefox\Profiles\ym4wpztj.default\extensions\plugin@yontoo.com
[2013.04.28 17:28:51 | 000,011,691 | ---- | M] () (No name found) -- C:\Users\IceShock\AppData\Roaming\mozilla\firefox\profiles\ym4wpztj.default\extensions\info@maltegoetz.de.xpi
[2013.04.08 19:11:52 | 000,199,379 | ---- | M] () (No name found) -- C:\Users\IceShock\AppData\Roaming\mozilla\firefox\profiles\ym4wpztj.default\extensions\m2k@m2kdownloader.com.xpi
[2013.05.19 20:04:36 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\IceShock\AppData\Roaming\mozilla\firefox\profiles\ym4wpztj.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.05.17 20:14:20 | 000,006,505 | ---- | M] () -- C:\Users\IceShock\AppData\Roaming\mozilla\firefox\profiles\ym4wpztj.default\searchplugins\babylon.xml
[2013.05.17 20:14:42 | 000,001,294 | ---- | M] () -- C:\Users\IceShock\AppData\Roaming\mozilla\firefox\profiles\ym4wpztj.default\searchplugins\delta.xml
[2013.04.28 18:04:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.28 18:04:10 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.06.20 18:14:20 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.03.04 18:31:48 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.05.20 19:42:52 | 000,003,714 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.03.04 18:31:48 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.03.04 18:31:48 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.03.04 18:31:48 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.03.04 18:31:48 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.03.04 18:31:48 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: https://www.google.de/webhp?source=search_app
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - Extension: Google Drive = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: hxxp://www.ebay.de/itm/Transportkarre-Bollerw = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\beccpjhbnkfijbilflijfefngmadjgpg\2013.5.6.42583_0\
CHR - Extension: hxxp://www.cristgaming.com/pirate.swf = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkjkoekmhbbanmcnggdpbefhbchbjcd\2013.1.7.30669_0\
CHR - Extension: YouTube = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Battlefield Heroes = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh\5.0.203.0_0\
CHR - Extension: Google-Suche = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: hxxp://www.cgtextures.com/ = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\emdidcanbmalkddlmeipmkiglahlekbi\2013.3.5.46185_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\fclefogcenncfmmekelnpgpehiglcjln\1.2.0_0\
CHR - Extension: AdBlock = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.63_0\
CHR - Extension: hxxp://www.ebay.de/itm/1TB-Western-Digital-RE = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcmekfnfnpgkehopegnidhbfdbbjcacj\2013.4.22.25331_0\
CHR - Extension: hxxp://turbobit.net/bl34axgyjk2k.html = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\indgkdcgbhmgpbahgphnigknnkkmbhaj\2013.3.3.32624_0\
CHR - Extension: hxxp://www.spieletipps.de/n_28218/ = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeehpmebafnjeeaoaeifpcamfkeolnm\2013.3.2.25715_0\
CHR - Extension: AVG Security Toolbar = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\15.2.0.5_0\
CHR - Extension: hxxp://www.pspshare.org/ = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngfdcollficfcgghfkgjjfjinakcaodn\2012.11.24.42854_0\
CHR - Extension: Google Mail = C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.12.18 16:29:21 | 000,444,830 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1	www.007guard.com
O1 - Hosts: 127.0.0.1	007guard.com
O1 - Hosts: 127.0.0.1	008i.com
O1 - Hosts: 127.0.0.1	www.008k.com
O1 - Hosts: 127.0.0.1	008k.com
O1 - Hosts: 127.0.0.1	www.00hq.com
O1 - Hosts: 127.0.0.1	00hq.com
O1 - Hosts: 127.0.0.1	010402.com
O1 - Hosts: 127.0.0.1	www.032439.com
O1 - Hosts: 127.0.0.1	032439.com
O1 - Hosts: 127.0.0.1	www.0scan.com
O1 - Hosts: 127.0.0.1	0scan.com
O1 - Hosts: 127.0.0.1	www.1000gratisproben.com
O1 - Hosts: 127.0.0.1	1000gratisproben.com
O1 - Hosts: 127.0.0.1	1001namen.com
O1 - Hosts: 127.0.0.1	www.1001namen.com
O1 - Hosts: 127.0.0.1	100888290cs.com
O1 - Hosts: 127.0.0.1	www.100888290cs.com
O1 - Hosts: 127.0.0.1	www.100sexlinks.com
O1 - Hosts: 127.0.0.1	100sexlinks.com
O1 - Hosts: 127.0.0.1	www.10sek.com
O1 - Hosts: 127.0.0.1	10sek.com
O1 - Hosts: 127.0.0.1	www.1-2005-search.com
O1 - Hosts: 127.0.0.1	1-2005-search.com
O1 - Hosts: 127.0.0.1	www.123fporn.info
O1 - Hosts: 15276 more lines...
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll File not found
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [ProfilerU] C:\Programme\SmartTechnology\Software\ProfilerU.exe (Saitek)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SaiMfd] C:\Programme\SmartTechnology\Software\SaiMfd.exe (Saitek)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [Super-Charger] C:\Program Files (x86)\MSI\Super-Charger\StartSuperCharger.exe (MSI)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe (AVG Secure Search)
O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [AdobeBridge]  File not found
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [Akamai NetSession Interface] C:\Users\IceShock\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [KSS] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Kaspersky Lab ZAO)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [SaitekInstall] C:\Windows\temp\MadCatz\Range_MMO7_SD7_64_Drivers\00000000\setup.exe (Saitek)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-21-623712556-1154303772-162369497-1000..\Run: [Yontoo Desktop] C:\Users\IceShock\AppData\Roaming\Yontoo\YontooDesktop.exe (Yontoo LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube to iPod Converter - C:\Users\IceShock\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O8 - Extra context menu item: Free YouTube to iPod Converter - C:\Users\IceShock\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetoipodconverter.htm ()
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - mswsock.dll File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - mmswsock.dll File not found
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - mmswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - mswsock.dll File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Program Files (x86)\Bonjour\mdnsNSP.dll File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\.DEFAULT\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\.DEFAULT\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-18\..Trusted Domains: sony.com ([]* in Trusted sites)
O15 - HKU\S-1-5-19\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-19\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: clonewarsadventures.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: freerealms.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: soe.com ([]* in )
O15 - HKU\S-1-5-20\..Trusted Domains: sony.com ([]* in )
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: aeriagames.com ([]http in Trusted sites)
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: aeriagames.com ([]https in Trusted sites)
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-623712556-1154303772-162369497-1000\..Trusted Domains: sony.com ([]* in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{516F6EB0-7C10-4EFC-BE4C-FAD7F7119407}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll (AVG Secure Search)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) -  File not found
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) -  File not found
O20 - HKLM Winlogon: UserInit - (userinit.exe) -  File not found
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -  File not found
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O22:64bit: - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysNative\CbFsMntNtf3.dll (EldoS Corporation)
O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) -  File not found
O29 - HKLM SecurityProviders - (credssp.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{f1a820e0-74eb-11e2-9e94-8c89a58334b8}\Shell - "" = AutoRun
O33 - MountPoints2\{f1a820e0-74eb-11e2-9e94-8c89a58334b8}\Shell\AutoRun\command - "" = F:\Lucius_setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.05.22 17:03:36 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Threat
[2013.05.22 16:15:44 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
[2013.05.22 16:15:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.05.22 16:15:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.05.22 15:44:18 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Avg
[2013.05.22 15:02:02 | 000,000,000 | ---D | C] -- C:\OutputFolder
[2013.05.22 15:02:01 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Digiarty
[2013.05.22 15:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
[2013.05.22 15:01:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Digiarty
[2013.05.22 13:47:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lace Mamba Global
[2013.05.22 13:40:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lucius
[2013.05.22 12:32:43 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Lucius - Son of the Devil
[2013.05.21 18:39:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\EA Games
[2013.05.20 18:47:48 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Photoshop Cs6
[2013.05.19 22:05:29 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\illum
[2013.05.17 20:14:00 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Babylon
[2013.05.17 20:14:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.05.17 20:13:53 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Yontoo
[2013.05.17 20:13:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.05.17 20:13:30 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Local\PutLockerDownloader
[2013.05.17 20:13:17 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
[2013.05.16 19:30:42 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.16 19:30:42 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.16 19:30:42 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.16 19:30:42 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.16 19:30:42 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.16 19:30:42 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.16 19:30:42 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.16 19:30:42 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.16 19:30:42 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.16 19:30:42 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.16 19:30:42 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.16 19:30:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.16 19:30:40 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.16 19:30:40 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.16 19:30:40 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.16 15:13:51 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.16 15:13:51 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.16 15:13:40 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.16 15:13:40 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.16 15:13:40 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.16 15:13:40 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.16 15:13:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[2013.05.15 18:21:41 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Audacity
[2013.05.15 18:21:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013.05.15 18:18:57 | 000,000,000 | ---D | C] -- C:\ProgramData\YTD Video Downloader
[2013.05.15 18:18:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
[2013.05.15 18:18:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GreenTree Applications
[2013.05.14 12:58:26 | 000,971,680 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.05.14 12:58:25 | 001,092,512 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.05.14 12:58:25 | 000,311,200 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.05.14 12:58:23 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.05.14 12:58:23 | 000,188,320 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.05.14 12:58:23 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.05.14 12:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.05.13 20:07:57 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Local\Realmware
[2013.05.13 20:07:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realmware BF3 Tools
[2013.05.13 20:07:49 | 000,000,000 | ---D | C] -- C:\Program Files\Realmware
[2013.05.12 12:04:55 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\.minecraft
[2013.05.10 17:54:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2013.05.10 15:25:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
[2013.05.10 15:25:23 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
[2013.05.10 15:25:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp Detect
[2013.05.10 15:24:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PX Storage Engine
[2013.05.10 15:24:48 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Winamp
[2013.05.10 15:24:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Winamp
[2013.05.10 15:21:43 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Meine Traffic
[2013.05.10 15:21:38 | 000,331,136 | ---- | C] (Mirko Böer) -- C:\Windows\MTrUn.EXE
[2013.05.10 15:21:37 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Meine Traffic
[2013.05.10 15:21:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MT
[2013.05.10 13:17:57 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2013.05.10 13:15:28 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Local\Logitech
[2013.05.10 13:15:27 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Leadertech
[2013.05.10 13:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2013.05.10 13:14:18 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2013.05.10 13:13:43 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Logitech
[2013.05.10 13:13:43 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Logishrd
[2013.05.09 20:10:55 | 000,000,000 | ---D | C] -- C:\Twixtor5AEManual
[2013.05.09 20:10:45 | 000,000,000 | ---D | C] -- C:\Twixtor5AE
[2013.05.09 15:27:07 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2013.05.08 20:36:51 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Backup
[2013.05.08 14:49:35 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Blue Community
[2013.05.06 18:13:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\OFX
[2013.05.05 20:16:35 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\21. April 2013 Konfirmation
[2013.05.03 20:37:40 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Testbilder
[2013.05.03 18:15:46 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Local\SmartTechnology
[2013.05.03 17:46:17 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\SmartTechnology Profiles
[2013.05.03 17:45:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Technology
[2013.05.03 17:45:27 | 000,000,000 | ---D | C] -- C:\ProgramData\SmartTechnology
[2013.05.03 17:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\SmartTechnology
[2013.05.03 17:38:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Sentinel
[2013.05.03 17:38:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mad Catz
[2013.05.03 17:18:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MonitorDriver
[2013.05.03 17:17:59 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\InstallShield
[2013.05.01 11:48:28 | 000,122,904 | ---- | C] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System\OpenAL32.dll
[2013.05.01 10:32:01 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Desktop\Hamerwatch
[2013.04.30 18:39:38 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.30 18:39:38 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.30 18:39:38 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.30 18:39:38 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.30 18:39:38 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.30 18:39:38 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.30 18:39:38 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.30 18:39:38 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.30 18:39:37 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.30 18:39:37 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.30 18:39:37 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.30 18:39:37 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.30 18:39:37 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.30 18:39:36 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.30 18:39:36 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.30 18:39:36 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.30 18:39:36 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.30 18:39:36 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.30 18:39:36 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.30 18:39:36 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.30 18:39:36 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.30 18:39:36 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.30 18:39:36 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.30 18:39:36 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.30 18:39:36 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.30 18:39:35 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.30 18:39:35 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.30 18:39:35 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.30 18:39:35 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.30 18:39:35 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.30 18:39:35 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.30 18:39:35 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.30 18:39:35 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.30 18:39:35 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.30 18:39:35 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.30 18:39:34 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.30 18:39:34 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.30 18:39:34 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.30 18:39:34 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.30 18:39:34 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.30 18:39:34 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.30 18:39:34 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.30 18:39:33 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.30 18:39:33 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.30 18:39:33 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.30 18:39:33 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.30 18:39:33 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.30 18:39:33 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.30 18:39:33 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.30 18:39:33 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.30 18:39:33 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.30 18:39:33 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.30 18:39:32 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.28 18:04:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.28 11:45:58 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Local\Divinity 2
[2013.04.28 10:21:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Divinity II - Ego Draconis
[2013.04.28 10:18:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Divinity 2
[2013.04.28 10:07:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Divinity II - Ego Draconis
[2013.04.24 23:56:50 | 000,410,008 | ---- | C] (Logitech) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys
[2013.04.24 23:56:50 | 000,102,808 | ---- | C] (Logitech) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys
[2013.04.24 17:28:12 | 000,000,000 | ---D | C] -- C:\Users\IceShock\Documents\Thief - Deadly Shadows
[2013.04.24 17:21:45 | 000,000,000 | ---D | C] -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos
[2013.04.24 17:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos
[2013.04.24 17:21:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Thief - Deadly Shadows
[2012.11.18 15:42:50 | 000,802,136 | ---- | C] (BitTorrent Inc.) -- C:\Program Files\uTorrent.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.05.22 17:33:02 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.05.22 16:50:11 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.05.22 16:50:11 | 000,021,872 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.05.22 16:42:33 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.05.22 16:42:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.22 16:42:03 | 2132,443,135 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.22 16:40:38 | 000,000,112 | ---- | M] () -- C:\Users\IceShock\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten- - Trojaner-Board.url
[2013.05.22 16:40:04 | 000,000,188 | ---- | M] () -- C:\Users\IceShock\defogger_reenable
[2013.05.22 16:15:37 | 000,001,077 | ---- | M] () -- C:\Users\IceShock\Desktop\Kaspersky Security Scan.lnk
[2013.05.22 15:45:07 | 000,699,416 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.22 15:45:07 | 000,654,254 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.22 15:45:07 | 000,149,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.22 15:45:07 | 000,122,126 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.22 15:45:06 | 001,620,612 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.22 15:28:34 | 000,001,402 | ---- | M] () -- C:\Users\IceShock\Desktop\WinX HD Video Converter Deluxe.lnk
[2013.05.22 15:12:17 | 006,460,287 | ---- | M] () -- C:\Users\IceShock\Desktop\INTRO FERTIG.c4d
[2013.05.20 20:13:21 | 001,593,956 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.05.20 20:08:19 | 000,000,132 | ---- | M] () -- C:\Users\IceShock\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.05.20 20:03:48 | 006,460,081 | ---- | M] () -- C:\Users\IceShock\Desktop\INTRO FERTIG.bak
[2013.05.20 20:03:37 | 006,460,081 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Step 5 (EDITZ AN)FIN.c4d
[2013.05.20 19:59:24 | 006,460,081 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Step 5 (EDITZ AN)FIN.bak
[2013.05.20 19:42:31 | 000,045,856 | ---- | M] (AVG Technologies) -- C:\Windows\SysNative\drivers\avgtpx64.sys
[2013.05.20 11:38:56 | 000,007,598 | ---- | M] () -- C:\Users\IceShock\AppData\Local\Resmon.ResmonCfg
[2013.05.20 10:44:17 | 004,999,760 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN)(TEST).c4d
[2013.05.20 09:43:03 | 004,793,534 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN)(TEST).bak
[2013.05.19 22:17:59 | 004,678,226 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN).c4d
[2013.05.19 22:17:39 | 004,678,226 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (E,D AN).c4d
[2013.05.19 22:16:15 | 004,678,226 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (E,D AN).bak
[2013.05.18 16:17:26 | 004,503,153 | ---- | M] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (NO AN).c4d
[2013.05.17 21:34:30 | 000,056,960 | ---- | M] () -- C:\Users\IceShock\Desktop\Ohne Titel 8TEST.c4d
[2013.05.17 15:02:15 | 004,889,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.16 18:54:00 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.05.16 18:54:00 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.05.16 18:45:33 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2013.05.15 18:27:20 | 006,088,064 | ---- | M] () -- C:\Users\IceShock\Documents\greeen - VBT 2013 Qualifikation (produced by SlicK) HD.mp3
[2013.05.15 18:27:15 | 141,981,242 | ---- | M] () -- C:\Users\IceShock\Documents\greeen - VBT 2013 Qualifikation (produced by SlicK) HD.mp4
[2013.05.15 18:21:37 | 000,001,007 | ---- | M] () -- C:\Users\IceShock\Desktop\Audacity.lnk
[2013.05.15 18:18:54 | 000,001,289 | ---- | M] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.05.15 18:01:15 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.05.15 18:01:15 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.05.14 19:53:02 | 064,330,619 | ---- | M] () -- C:\Users\IceShock\AppData\Local\AdobeSetupUtility.zip.aamdownload
[2013.05.14 19:53:02 | 000,000,998 | ---- | M] () -- C:\Users\IceShock\AppData\Local\AdobeSetupUtility.zip.aamdownload.aamd
[2013.05.14 12:58:14 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.05.14 12:58:05 | 000,311,200 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.05.14 12:58:05 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.05.14 12:58:04 | 000,188,320 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.05.14 12:58:01 | 001,092,512 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.05.14 12:58:01 | 000,971,680 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.05.13 20:07:49 | 000,001,249 | ---- | M] () -- C:\Users\Public\Desktop\BF3 Settings Editor.lnk
[2013.05.10 15:25:25 | 000,000,979 | ---- | M] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.05.10 15:21:38 | 000,001,327 | R--- | M] () -- C:\Windows\MeineTraffic_Uninstall.in
[2013.05.10 15:21:38 | 000,000,871 | ---- | M] () -- C:\Users\IceShock\Desktop\Meine Traffic.lnk
[2013.05.08 14:49:35 | 000,000,312 | ---- | M] () -- C:\Users\IceShock\Desktop\Free Camera.appref-ms
[2013.05.06 20:00:03 | 000,158,104 | ---- | M] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp3.sfk
[2013.05.06 18:47:55 | 003,377,252 | ---- | M] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp3
[2013.05.06 13:58:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK1713_01009.Wdf
[2013.05.05 13:16:25 | 001,501,641 | ---- | M] () -- C:\Users\IceShock\Desktop\IMG_0420.JPG
[2013.05.05 13:16:14 | 000,001,220 | ---- | M] () -- C:\Users\IceShock\Desktop\Youda Marina en Español.lnk
[2013.05.03 17:38:40 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK1109_01009.Wdf
[2013.05.03 17:37:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Said1109_01009.Wdf
[2013.05.03 17:18:18 | 000,001,638 | ---- | M] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2013.05.01 15:55:00 | 015,456,185 | ---- | M] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp4
[2013.05.01 10:38:55 | 000,466,456 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2013.05.01 10:38:55 | 000,444,952 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2013.05.01 10:38:55 | 000,122,904 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\System\OpenAL32.dll
[2013.05.01 10:38:55 | 000,109,080 | ---- | M] (Portions (C) Creative Labs Inc. and NVIDIA Corp.) -- C:\Windows\SysWow64\OpenAL32.dll
[2013.05.01 10:38:44 | 000,590,434 | ---- | M] () -- C:\Users\IceShock\Desktop\oalinst.zip
[2013.04.30 18:39:39 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2013.04.30 18:39:38 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2013.04.30 18:39:38 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2013.04.30 18:39:38 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2013.04.30 18:39:38 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2013.04.30 18:39:38 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2013.04.30 18:39:38 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2013.04.30 18:39:38 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2013.04.30 18:39:37 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.30 18:39:37 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2013.04.30 18:39:37 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2013.04.30 18:39:37 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.30 18:39:37 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2013.04.30 18:39:37 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2013.04.30 18:39:36 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.30 18:39:36 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2013.04.30 18:39:36 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2013.04.30 18:39:36 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2013.04.30 18:39:36 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.30 18:39:36 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2013.04.30 18:39:36 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2013.04.30 18:39:36 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2013.04.30 18:39:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2013.04.30 18:39:36 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2013.04.30 18:39:36 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.30 18:39:36 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2013.04.30 18:39:35 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.30 18:39:35 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2013.04.30 18:39:35 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2013.04.30 18:39:35 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2013.04.30 18:39:35 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2013.04.30 18:39:35 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2013.04.30 18:39:35 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2013.04.30 18:39:35 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.30 18:39:35 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2013.04.30 18:39:35 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2013.04.30 18:39:35 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2013.04.30 18:39:35 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.30 18:39:34 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.30 18:39:34 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2013.04.30 18:39:34 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2013.04.30 18:39:34 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2013.04.30 18:39:34 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.30 18:39:34 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2013.04.30 18:39:33 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.30 18:39:33 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2013.04.30 18:39:33 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2013.04.30 18:39:33 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2013.04.30 18:39:33 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2013.04.30 18:39:33 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2013.04.30 18:39:33 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2013.04.30 18:39:33 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2013.04.30 18:39:33 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2013.04.30 18:39:33 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2013.04.30 18:39:32 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2013.04.28 10:21:53 | 000,002,136 | ---- | M] () -- C:\Users\IceShock\Desktop\Divinity II - Ego Draconis.lnk
[2013.04.24 23:56:50 | 000,410,008 | ---- | M] (Logitech) -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys
[2013.04.24 23:56:50 | 000,102,808 | ---- | M] (Logitech) -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys
[2013.04.24 23:56:50 | 000,077,592 | ---- | M] () -- C:\Windows\SysNative\ladfGSRCoinst_amd64.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.05.22 16:40:38 | 000,000,112 | ---- | C] () -- C:\Users\IceShock\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten- - Trojaner-Board.url
[2013.05.22 16:40:04 | 000,000,188 | ---- | C] () -- C:\Users\IceShock\defogger_reenable
[2013.05.22 16:15:45 | 000,001,077 | ---- | C] () -- C:\Users\IceShock\Desktop\Kaspersky Security Scan.lnk
[2013.05.22 15:28:34 | 000,001,402 | ---- | C] () -- C:\Users\IceShock\Desktop\WinX HD Video Converter Deluxe.lnk
[2013.05.20 20:08:19 | 000,000,132 | ---- | C] () -- C:\Users\IceShock\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
[2013.05.20 20:03:48 | 006,460,287 | ---- | C] () -- C:\Users\IceShock\Desktop\INTRO FERTIG.c4d
[2013.05.20 20:03:48 | 006,460,081 | ---- | C] () -- C:\Users\IceShock\Desktop\INTRO FERTIG.bak
[2013.05.20 11:38:56 | 000,007,598 | ---- | C] () -- C:\Users\IceShock\AppData\Local\Resmon.ResmonCfg
[2013.05.20 10:44:41 | 006,460,081 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Step 5 (EDITZ AN)FIN.c4d
[2013.05.20 10:44:41 | 006,460,081 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Step 5 (EDITZ AN)FIN.bak
[2013.05.19 22:48:32 | 004,999,760 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN)(TEST).c4d
[2013.05.19 22:48:32 | 004,793,534 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN)(TEST).bak
[2013.05.19 22:17:59 | 004,678,226 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 4 (EDITZ AN).c4d
[2013.05.19 11:57:52 | 004,678,226 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (E,D AN).c4d
[2013.05.19 11:57:52 | 004,678,226 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (E,D AN).bak
[2013.05.18 16:17:55 | 004,503,153 | ---- | C] () -- C:\Users\IceShock\Desktop\Intro Test 1 Step 3 (NO AN).c4d
[2013.05.17 21:18:36 | 000,056,960 | ---- | C] () -- C:\Users\IceShock\Desktop\Ohne Titel 8TEST.c4d
[2013.05.17 16:40:04 | 103,267,340 | ---- | C] () -- C:\Users\IceShock\Desktop\epic pack vip.lib4d
[2013.05.15 18:27:15 | 006,088,064 | ---- | C] () -- C:\Users\IceShock\Documents\greeen - VBT 2013 Qualifikation (produced by SlicK) HD.mp3
[2013.05.15 18:21:37 | 000,001,019 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.05.15 18:21:37 | 000,001,007 | ---- | C] () -- C:\Users\IceShock\Desktop\Audacity.lnk
[2013.05.15 18:20:16 | 141,981,242 | ---- | C] () -- C:\Users\IceShock\Documents\greeen - VBT 2013 Qualifikation (produced by SlicK) HD.mp4
[2013.05.15 18:18:54 | 000,001,289 | ---- | C] () -- C:\Users\Public\Desktop\YTD Video Downloader.lnk
[2013.05.14 19:51:07 | 064,330,619 | ---- | C] () -- C:\Users\IceShock\AppData\Local\AdobeSetupUtility.zip.aamdownload
[2013.05.14 19:51:07 | 000,000,998 | ---- | C] () -- C:\Users\IceShock\AppData\Local\AdobeSetupUtility.zip.aamdownload.aamd
[2013.05.13 20:07:49 | 000,001,249 | ---- | C] () -- C:\Users\Public\Desktop\BF3 Settings Editor.lnk
[2013.05.10 15:25:25 | 000,000,979 | ---- | C] () -- C:\Users\Public\Desktop\Winamp.lnk
[2013.05.10 15:21:38 | 000,001,327 | R--- | C] () -- C:\Windows\MeineTraffic_Uninstall.in
[2013.05.10 15:21:38 | 000,000,901 | ---- | C] () -- C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Meine Traffic.lnk
[2013.05.10 15:21:38 | 000,000,871 | ---- | C] () -- C:\Users\IceShock\Desktop\Meine Traffic.lnk
[2013.05.08 14:49:35 | 000,000,312 | ---- | C] () -- C:\Users\IceShock\Desktop\Free Camera.appref-ms
[2013.05.06 13:58:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK1713_01009.Wdf
[2013.05.05 18:03:18 | 000,158,104 | ---- | C] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp3.sfk
[2013.05.05 13:16:09 | 001,501,641 | ---- | C] () -- C:\Users\IceShock\Desktop\IMG_0420.JPG
[2013.05.03 17:38:40 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_SaiK1109_01009.Wdf
[2013.05.03 17:37:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Said1109_01009.Wdf
[2013.05.03 17:18:18 | 000,001,638 | ---- | C] () -- C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
[2013.05.01 15:55:01 | 003,377,252 | ---- | C] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp3
[2013.05.01 15:53:51 | 015,456,185 | ---- | C] () -- C:\Users\IceShock\Documents\LOOP THIS BEAT! - #3 - FROM ZERO TO HERO (NOT YET A HERO OST).mp4
[2013.05.01 10:38:26 | 000,590,434 | ---- | C] () -- C:\Users\IceShock\Desktop\oalinst.zip
[2013.04.30 18:39:36 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2013.04.30 18:39:35 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2013.04.28 10:21:53 | 000,002,136 | ---- | C] () -- C:\Users\IceShock\Desktop\Divinity II - Ego Draconis.lnk
[2013.04.24 23:56:50 | 000,077,592 | ---- | C] () -- C:\Windows\SysNative\ladfGSRCoinst_amd64.dll
[2013.03.17 15:12:42 | 000,056,320 | ---- | C] () -- C:\Windows\SysWow64\iyvu9_32.dll
[2013.03.09 18:53:39 | 000,010,240 | ---- | C] () -- C:\Windows\SysWow64\vidx16.dll
[2013.03.07 18:34:19 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013.02.11 17:05:48 | 000,001,456 | ---- | C] () -- C:\Users\IceShock\AppData\Local\Adobe Für Web speichern 13.0 Prefs
[2013.01.17 16:17:39 | 003,123,272 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2012.11.20 20:36:07 | 001,593,956 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.19 18:34:41 | 000,005,420 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.11.10 12:51:16 | 000,000,139 | ---- | C] () -- C:\Windows\disney.ini
[2012.11.09 18:17:34 | 000,280,904 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.11.09 18:17:32 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.08 18:07:03 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012.11.08 17:41:30 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.09.28 03:29:54 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.09.28 03:29:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.05.02 14:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.28 18:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2011.11.17 08:41:18 | 000,002,048 | -HS- | M] () -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\@
[2011.11.17 08:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\L
[2013.05.22 17:46:48 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U
[2013.05.22 15:31:52 | 000,002,048 | ---- | M] () -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000004.@
[2013.05.22 15:31:52 | 000,001,024 | ---- | M] () -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000008.@
[2013.05.22 15:31:52 | 000,001,632 | ---- | M] () -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\000000cb.@
[2013.05.22 17:46:47 | 000,090,624 | ---- | M] () -- C:\Windows\Installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000032.@
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[2013.05.22 16:42:06 | 000,004,608 | -HS- | M] () -- C:\Windows\assembly\GAC_32\Desktop.ini
[2013.05.22 16:42:06 | 000,006,144 | -HS- | M] () -- C:\Windows\assembly\GAC_64\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.12.09 18:47:52 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\TuneUp Software
[2012.12.09 18:47:52 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\TuneUp Software
[2013.05.19 15:01:24 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\.minecraft
[2013.01.05 22:41:32 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Aeria Games & Entertainment
[2013.05.15 18:46:51 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Audacity
[2012.11.09 16:43:28 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\AVG2013
[2013.05.17 20:14:00 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Babylon
[2012.12.13 20:41:41 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Carbon
[2012.12.21 18:42:28 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Cobra Mobile
[2013.02.01 11:54:39 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.11.24 15:49:10 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\DAEMON Tools Lite
[2013.05.22 15:28:37 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Digiarty
[2012.11.10 12:55:23 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Disney Interactive Studios
[2013.01.21 18:04:42 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\DVDVideoSoft
[2013.01.21 18:04:35 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.03.08 15:36:48 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Fatshark
[2012.12.23 13:05:25 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\fltk.org
[2013.03.12 20:18:54 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Galaxy on Fire 2 Full HD
[2013.04.01 20:08:10 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\GetRightToGo
[2013.05.10 13:15:27 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Leadertech
[2013.03.04 20:04:04 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\MAXON
[2013.05.10 15:21:43 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Meine Traffic
[2012.12.22 14:29:50 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\MinerWars
[2012.12.19 17:00:34 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Notepad++
[2012.12.03 19:02:33 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Origin
[2013.03.06 17:40:23 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\PDAppFlex
[2012.12.19 16:41:21 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Publish Providers
[2012.11.29 21:05:11 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Red Kawa
[2012.12.20 19:39:03 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Sony
[2012.11.24 19:48:44 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Spore
[2013.03.27 19:00:40 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\StealthBastard[Steam]
[2013.01.09 13:06:57 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\TS3Client
[2012.11.09 16:18:45 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\TuneUp Software
[2013.03.25 10:49:05 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Ubisoft
[2013.05.22 14:09:00 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\uTorrent
[2013.05.22 15:25:13 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\Yontoo
[2013.03.10 17:49:51 | 000,000,000 | ---D | M] -- C:\Users\IceShock\AppData\Roaming\YoudaGames
 
========== Purity Check ==========
 
 

< End of report >

smeenk · 22.05.2013, 19:50

Starte TDSSKiler nochmals und wahle Cure bei untenstehende Fund:

( Virus.Win64.ZAccess.a )

Poste mir die neue Log-Datei zur Kontrolle.

Versuch Zoek.exe nochmals zu starten aber jetzt mit Doppelklick, vielleicht geht es dann

Florian_Ice · 22.05.2013, 19:57

Mit Doppelklick geht es leider auch nicht, aber ich werde morgen noch einmal den TDSSKiller laufen lassen, mal schauen was sich dann noch ergibt. Schönen Abend wünsche ich ihnen noch, und nochmals vielen Dank für ihre Unterstützung.

smeenk · 22.05.2013, 19:59

OK bis morgen

Du kannst eventuell diese Zip-Datei nochmal versuchen: http://www.hijackthis.nl/smeenk/140912/zoek.zip
Das sind umbenannte versionen von Zoek.exe
Manchmal klappt so etwas dann doch.

Florian_Ice · 23.05.2013, 13:00

So da bin ich wieder ! Nachdem ich mit TDSSKiller das eine entfernt habe, und zum Neustart aufhefordert wurde kam keine Meldung von AVG mehr. Nach dem Neustart gab es kurz Blackscreen, dann öffnete sich cmd.exe und dann wieder TDSSKiller.
Hier der Bericht

Code:

ATTFilter

13:38:14.0316 0528  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:38:15.0000 0528  ============================================================
13:38:15.0000 0528  Current date / time: 2013/05/23 13:38:15.0000
13:38:15.0000 0528  SystemInfo:
13:38:15.0000 0528  
13:38:15.0001 0528  OS Version: 6.1.7601 ServicePack: 1.0
13:38:15.0001 0528  Product type: Workstation
13:38:15.0001 0528  ComputerName: ICESHOCK-PC
13:38:15.0001 0528  UserName: IceShock
13:38:15.0001 0528  Windows directory: C:\Windows
13:38:15.0001 0528  System windows directory: C:\Windows
13:38:15.0001 0528  Running under WOW64
13:38:15.0001 0528  Processor architecture: Intel x64
13:38:15.0001 0528  Number of processors: 4
13:38:15.0001 0528  Page size: 0x1000
13:38:15.0001 0528  Boot type: Normal boot
13:38:15.0001 0528  ============================================================
13:38:15.0696 0528  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:38:15.0701 0528  ============================================================
13:38:15.0701 0528  \Device\Harddisk0\DR0:
13:38:15.0701 0528  MBR partitions:
13:38:15.0701 0528  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
13:38:15.0701 0528  ============================================================
13:38:15.0719 0528  C: <-> \Device\Harddisk0\DR0\Partition1
13:38:15.0719 0528  ============================================================
13:38:15.0719 0528  Initialize success
13:38:15.0719 0528  ============================================================
13:38:24.0355 2380  ============================================================
13:38:24.0355 2380  Scan started
13:38:24.0355 2380  Mode: Manual; SigCheck; TDLFS; 
13:38:24.0355 2380  ============================================================
13:38:25.0530 2380  ================ Scan system memory ========================
13:38:25.0530 2380  System memory - ok
13:38:25.0531 2380  ================ Scan services =============================
13:38:25.0644 2380  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:38:25.0682 2380  1394ohci - ok
13:38:25.0714 2380  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:38:25.0723 2380  ACPI - ok
13:38:25.0725 2380  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:38:25.0743 2380  AcpiPmi - ok
13:38:25.0808 2380  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:38:25.0825 2380  AdobeFlashPlayerUpdateSvc - ok
13:38:25.0870 2380  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
13:38:25.0892 2380  adp94xx - ok
13:38:25.0939 2380  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
13:38:25.0955 2380  adpahci - ok
13:38:25.0965 2380  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
13:38:25.0976 2380  adpu320 - ok
13:38:26.0002 2380  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:38:26.0048 2380  AeLookupSvc - ok
13:38:26.0130 2380  [ 0517E1670A58213E3F206066CD209273 ] AF15BDA         C:\Windows\system32\DRIVERS\AF15BDA.sys
13:38:26.0166 2380  AF15BDA - ok
13:38:26.0222 2380  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
13:38:26.0241 2380  Afc - ok
13:38:26.0280 2380  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:38:26.0314 2380  AFD - ok
13:38:26.0341 2380  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:38:26.0355 2380  agp440 - ok
13:38:26.0375 2380  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:38:26.0403 2380  ALG - ok
13:38:26.0422 2380  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:38:26.0434 2380  aliide - ok
13:38:26.0495 2380  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:38:26.0524 2380  AMD External Events Utility - ok
13:38:26.0534 2380  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:38:26.0545 2380  amdide - ok
13:38:26.0559 2380  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
13:38:26.0585 2380  AmdK8 - ok
13:38:26.0744 2380  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
13:38:26.0946 2380  amdkmdag - ok
13:38:26.0964 2380  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
13:38:26.0988 2380  amdkmdap - ok
13:38:27.0001 2380  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
13:38:27.0019 2380  AmdPPM - ok
13:38:27.0042 2380  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:38:27.0056 2380  amdsata - ok
13:38:27.0080 2380  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
13:38:27.0092 2380  amdsbs - ok
13:38:27.0104 2380  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:38:27.0114 2380  amdxata - ok
13:38:27.0132 2380  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:38:27.0189 2380  AppID - ok
13:38:27.0207 2380  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:38:27.0264 2380  AppIDSvc - ok
13:38:27.0331 2380  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
13:38:27.0354 2380  Appinfo - ok
13:38:27.0473 2380  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:38:27.0485 2380  Apple Mobile Device - ok
13:38:27.0520 2380  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:38:27.0545 2380  AppMgmt - ok
13:38:27.0570 2380  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
13:38:27.0584 2380  arc - ok
13:38:27.0606 2380  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
13:38:27.0621 2380  arcsas - ok
13:38:27.0659 2380  [ 10E9A8034C6843CA516BDB79D5D57B02 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
13:38:27.0669 2380  asahci64 - ok
13:38:27.0699 2380  [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
13:38:27.0730 2380  asmthub3 - ok
13:38:27.0750 2380  [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
13:38:27.0777 2380  asmtxhci - ok
13:38:27.0869 2380  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:38:27.0886 2380  aspnet_state - ok
13:38:27.0919 2380  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:38:27.0984 2380  AsyncMac - ok
13:38:28.0007 2380  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:38:28.0013 2380  atapi - ok
13:38:28.0064 2380  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
13:38:28.0088 2380  AtiHDAudioService - ok
13:38:28.0120 2380  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:38:28.0181 2380  AudioEndpointBuilder - ok
13:38:28.0297 2380  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:38:28.0333 2380  AudioSrv - ok
13:38:28.0445 2380  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
13:38:28.0450 2380  Avgfwfd - ok
13:38:28.0504 2380  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
13:38:28.0522 2380  avgfws - ok
13:38:28.0660 2380  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
13:38:28.0722 2380  AVGIDSAgent - ok
13:38:28.0738 2380  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
13:38:28.0744 2380  AVGIDSDriver - ok
13:38:28.0760 2380  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
13:38:28.0765 2380  AVGIDSHA - ok
13:38:28.0772 2380  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
13:38:28.0778 2380  Avgldx64 - ok
13:38:28.0805 2380  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
13:38:28.0813 2380  Avgloga - ok
13:38:28.0867 2380  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
13:38:28.0880 2380  Avgmfx64 - ok
13:38:28.0893 2380  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
13:38:28.0900 2380  Avgrkx64 - ok
13:38:28.0907 2380  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
13:38:28.0916 2380  Avgtdia - ok
13:38:28.0936 2380  [ 3B5657B6C11CDA87F664DD6F7DD0702D ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
13:38:28.0943 2380  avgtp - ok
13:38:28.0970 2380  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
13:38:28.0983 2380  avgwd - ok
13:38:29.0013 2380  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:38:29.0053 2380  AxInstSV - ok
13:38:29.0087 2380  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
13:38:29.0113 2380  b06bdrv - ok
13:38:29.0152 2380  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:38:29.0197 2380  b57nd60a - ok
13:38:29.0234 2380  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:38:29.0257 2380  BDESVC - ok
13:38:29.0274 2380  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:38:29.0312 2380  Beep - ok
13:38:29.0338 2380  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:38:29.0376 2380  BFE - ok
13:38:29.0396 2380  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:38:29.0409 2380  blbdrive - ok
13:38:29.0518 2380  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:38:29.0527 2380  Bonjour Service - ok
13:38:29.0552 2380  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:38:29.0570 2380  bowser - ok
13:38:29.0592 2380  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
13:38:29.0611 2380  BrFiltLo - ok
13:38:29.0614 2380  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
13:38:29.0622 2380  BrFiltUp - ok
13:38:29.0646 2380  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:38:29.0659 2380  Browser - ok
13:38:29.0666 2380  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:38:29.0687 2380  Brserid - ok
13:38:29.0690 2380  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:38:29.0705 2380  BrSerWdm - ok
13:38:29.0707 2380  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:38:29.0721 2380  BrUsbMdm - ok
13:38:29.0724 2380  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:38:29.0733 2380  BrUsbSer - ok
13:38:29.0736 2380  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
13:38:29.0749 2380  BTHMODEM - ok
13:38:29.0781 2380  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:38:29.0819 2380  bthserv - ok
13:38:29.0897 2380  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
13:38:29.0915 2380  cbfs3 - ok
13:38:29.0930 2380  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:38:29.0971 2380  cdfs - ok
13:38:29.0996 2380  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:38:30.0005 2380  cdrom - ok
13:38:30.0020 2380  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:38:30.0051 2380  CertPropSvc - ok
13:38:30.0056 2380  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
13:38:30.0073 2380  circlass - ok
13:38:30.0092 2380  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:38:30.0110 2380  CLFS - ok
13:38:30.0157 2380  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:38:30.0169 2380  clr_optimization_v2.0.50727_32 - ok
13:38:30.0208 2380  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:38:30.0220 2380  clr_optimization_v2.0.50727_64 - ok
13:38:30.0298 2380  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:38:30.0313 2380  clr_optimization_v4.0.30319_32 - ok
13:38:30.0323 2380  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:38:30.0337 2380  clr_optimization_v4.0.30319_64 - ok
13:38:30.0357 2380  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
13:38:30.0378 2380  CmBatt - ok
13:38:30.0389 2380  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:38:30.0401 2380  cmdide - ok
13:38:30.0437 2380  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
13:38:30.0464 2380  CNG - ok
13:38:30.0475 2380  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
13:38:30.0481 2380  Compbatt - ok
13:38:30.0511 2380  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:38:30.0531 2380  CompositeBus - ok
13:38:30.0538 2380  COMSysApp - ok
13:38:30.0549 2380  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
13:38:30.0556 2380  crcdisk - ok
13:38:30.0585 2380  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:38:30.0609 2380  CryptSvc - ok
13:38:30.0637 2380  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
13:38:30.0668 2380  CSC - ok
13:38:30.0696 2380  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
13:38:30.0729 2380  CscService - ok
13:38:30.0766 2380  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:38:30.0810 2380  DcomLaunch - ok
13:38:30.0832 2380  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:38:30.0871 2380  defragsvc - ok
13:38:30.0883 2380  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:38:30.0919 2380  DfsC - ok
13:38:30.0935 2380  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:38:30.0963 2380  Dhcp - ok
13:38:30.0988 2380  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:38:31.0037 2380  discache - ok
13:38:31.0061 2380  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
13:38:31.0068 2380  Disk - ok
13:38:31.0094 2380  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
13:38:31.0113 2380  dmvsc - ok
13:38:31.0129 2380  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:38:31.0149 2380  Dnscache - ok
13:38:31.0170 2380  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:38:31.0206 2380  dot3svc - ok
13:38:31.0223 2380  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:38:31.0263 2380  DPS - ok
13:38:31.0281 2380  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:38:31.0302 2380  drmkaud - ok
13:38:31.0327 2380  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:38:31.0335 2380  dtsoftbus01 - ok
13:38:31.0336 2380  dump_wmimmc - ok
13:38:31.0408 2380  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:38:31.0422 2380  DXGKrnl - ok
13:38:31.0434 2380  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:38:31.0461 2380  EapHost - ok
13:38:31.0523 2380  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
13:38:31.0592 2380  ebdrv - ok
13:38:31.0623 2380  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:38:31.0630 2380  EFS - ok
13:38:31.0672 2380  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:38:31.0705 2380  ehRecvr - ok
13:38:31.0716 2380  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:38:31.0729 2380  ehSched - ok
13:38:31.0759 2380  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
13:38:31.0771 2380  elxstor - ok
13:38:31.0782 2380  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:38:31.0790 2380  ErrDev - ok
13:38:31.0821 2380  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:38:31.0853 2380  EventSystem - ok
13:38:31.0862 2380  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:38:31.0885 2380  exfat - ok
13:38:31.0903 2380  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:38:31.0939 2380  fastfat - ok
13:38:31.0967 2380  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:38:31.0989 2380  Fax - ok
13:38:31.0991 2380  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
13:38:32.0005 2380  fdc - ok
13:38:32.0019 2380  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:38:32.0041 2380  fdPHost - ok
13:38:32.0050 2380  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:38:32.0084 2380  FDResPub - ok
13:38:32.0116 2380  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:38:32.0123 2380  FileInfo - ok
13:38:32.0130 2380  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:38:32.0163 2380  Filetrace - ok
13:38:32.0165 2380  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
13:38:32.0173 2380  flpydisk - ok
13:38:32.0189 2380  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:38:32.0198 2380  FltMgr - ok
13:38:32.0276 2380  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
13:38:32.0303 2380  FontCache - ok
13:38:32.0343 2380  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:38:32.0354 2380  FontCache3.0.0.0 - ok
13:38:32.0372 2380  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:38:32.0383 2380  FsDepends - ok
13:38:32.0409 2380  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:38:32.0415 2380  Fs_Rec - ok
13:38:32.0440 2380  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:38:32.0451 2380  fvevol - ok
13:38:32.0465 2380  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
13:38:32.0472 2380  gagp30kx - ok
13:38:32.0539 2380  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:38:32.0548 2380  GEARAspiWDM - ok
13:38:32.0577 2380  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:38:32.0615 2380  gpsvc - ok
13:38:32.0651 2380  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:32.0656 2380  gupdate - ok
13:38:32.0667 2380  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:38:32.0672 2380  gupdatem - ok
13:38:32.0734 2380  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:38:32.0744 2380  hamachi - ok
13:38:32.0836 2380  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:38:32.0869 2380  Hamachi2Svc - ok
13:38:32.0888 2380  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:38:32.0900 2380  hcw85cir - ok
13:38:32.0927 2380  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:38:32.0957 2380  HdAudAddService - ok
13:38:32.0972 2380  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:38:33.0000 2380  HDAudBus - ok
13:38:33.0006 2380  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
13:38:33.0020 2380  HidBatt - ok
13:38:33.0033 2380  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
13:38:33.0056 2380  HidBth - ok
13:38:33.0069 2380  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
13:38:33.0087 2380  HidIr - ok
13:38:33.0113 2380  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:38:33.0149 2380  hidserv - ok
13:38:33.0163 2380  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:38:33.0170 2380  HidUsb - ok
13:38:33.0181 2380  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:38:33.0209 2380  hkmsvc - ok
13:38:33.0218 2380  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:38:33.0227 2380  HomeGroupListener - ok
13:38:33.0246 2380  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:38:33.0261 2380  HomeGroupProvider - ok
13:38:33.0275 2380  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:38:33.0282 2380  HpSAMD - ok
13:38:33.0311 2380  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:38:33.0346 2380  HTTP - ok
13:38:33.0363 2380  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:38:33.0369 2380  hwpolicy - ok
13:38:33.0388 2380  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:38:33.0395 2380  i8042prt - ok
13:38:33.0421 2380  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:38:33.0431 2380  iaStorV - ok
13:38:33.0494 2380  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:38:33.0551 2380  idsvc - ok
13:38:33.0672 2380  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
13:38:33.0719 2380  iirsp - ok
13:38:33.0774 2380  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:38:33.0853 2380  IKEEXT - ok
13:38:33.0938 2380  [ 254FAAE42AFC641C0BE628DE123EA9DE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:38:33.0977 2380  IntcAzAudAddService - ok
13:38:33.0997 2380  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:38:34.0003 2380  intelide - ok
13:38:34.0015 2380  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:38:34.0033 2380  intelppm - ok
13:38:34.0048 2380  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:38:34.0079 2380  IPBusEnum - ok
13:38:34.0085 2380  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:38:34.0108 2380  IpFilterDriver - ok
13:38:34.0131 2380  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:38:34.0144 2380  IPMIDRV - ok
13:38:34.0150 2380  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:38:34.0179 2380  IPNAT - ok
13:38:34.0255 2380  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:38:34.0280 2380  iPod Service - ok
13:38:34.0295 2380  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:38:34.0312 2380  IRENUM - ok
13:38:34.0323 2380  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:38:34.0329 2380  isapnp - ok
13:38:34.0347 2380  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:38:34.0357 2380  iScsiPrt - ok
13:38:34.0375 2380  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:38:34.0381 2380  kbdclass - ok
13:38:34.0385 2380  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:38:34.0401 2380  kbdhid - ok
13:38:34.0412 2380  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:38:34.0419 2380  KeyIso - ok
13:38:34.0434 2380  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:38:34.0440 2380  KSecDD - ok
13:38:34.0448 2380  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:38:34.0455 2380  KSecPkg - ok
13:38:34.0615 2380  [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
13:38:34.0629 2380  KSS - ok
13:38:34.0675 2380  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:38:34.0733 2380  ksthunk - ok
13:38:34.0764 2380  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:38:34.0800 2380  KtmRm - ok
13:38:34.0837 2380  [ 305BB2AC00D46542E0A653AB63F4ABB1 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
13:38:34.0845 2380  LADF_CaptureOnly - ok
13:38:34.0867 2380  [ 28CDDC7D478A6313F55077416DCBD0DE ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
13:38:34.0872 2380  LADF_RenderOnly - ok
13:38:34.0893 2380  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:38:34.0923 2380  LanmanServer - ok
13:38:34.0939 2380  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:38:34.0970 2380  LanmanWorkstation - ok
13:38:35.0019 2380  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
13:38:35.0029 2380  LGBusEnum - ok
13:38:35.0055 2380  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
13:38:35.0064 2380  LGVirHid - ok
13:38:35.0092 2380  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:38:35.0139 2380  lltdio - ok
13:38:35.0164 2380  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:38:35.0217 2380  lltdsvc - ok
13:38:35.0235 2380  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:38:35.0264 2380  lmhosts - ok
13:38:35.0296 2380  [ DF86570FFC4F8A7E38595CC072B19A5B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:38:35.0306 2380  LMS - ok
13:38:35.0333 2380  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
13:38:35.0348 2380  LSI_FC - ok
13:38:35.0361 2380  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
13:38:35.0373 2380  LSI_SAS - ok
13:38:35.0389 2380  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
13:38:35.0399 2380  LSI_SAS2 - ok
13:38:35.0411 2380  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
13:38:35.0422 2380  LSI_SCSI - ok
13:38:35.0439 2380  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:38:35.0466 2380  luafv - ok
13:38:35.0487 2380  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:38:35.0497 2380  Mcx2Svc - ok
13:38:35.0510 2380  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
13:38:35.0517 2380  megasas - ok
13:38:35.0532 2380  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
13:38:35.0541 2380  MegaSR - ok
13:38:35.0572 2380  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:38:35.0584 2380  MEIx64 - ok
13:38:35.0604 2380  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:38:35.0658 2380  MMCSS - ok
13:38:35.0671 2380  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:38:35.0702 2380  Modem - ok
13:38:35.0710 2380  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:38:35.0728 2380  monitor - ok
13:38:35.0746 2380  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:38:35.0752 2380  mouclass - ok
13:38:35.0771 2380  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:38:35.0792 2380  mouhid - ok
13:38:35.0811 2380  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:38:35.0821 2380  mountmgr - ok
13:38:35.0871 2380  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:38:35.0885 2380  MozillaMaintenance - ok
13:38:35.0903 2380  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:38:35.0919 2380  mpio - ok
13:38:35.0941 2380  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:38:35.0975 2380  mpsdrv - ok
13:38:36.0016 2380  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:38:36.0047 2380  MpsSvc - ok
13:38:36.0057 2380  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:38:36.0076 2380  MRxDAV - ok
13:38:36.0092 2380  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:38:36.0104 2380  mrxsmb - ok
13:38:36.0120 2380  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:38:36.0128 2380  mrxsmb10 - ok
13:38:36.0137 2380  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:38:36.0143 2380  mrxsmb20 - ok
13:38:36.0169 2380  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:38:36.0176 2380  msahci - ok
13:38:36.0191 2380  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:38:36.0199 2380  msdsm - ok
13:38:36.0216 2380  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:38:36.0235 2380  MSDTC - ok
13:38:36.0258 2380  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:38:36.0300 2380  Msfs - ok
13:38:36.0322 2380  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:38:36.0353 2380  mshidkmdf - ok
13:38:36.0365 2380  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:38:36.0371 2380  msisadrv - ok
13:38:36.0392 2380  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:38:36.0422 2380  MSiSCSI - ok
13:38:36.0424 2380  msiserver - ok
13:38:36.0438 2380  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:38:36.0477 2380  MSKSSRV - ok
13:38:36.0489 2380  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:38:36.0519 2380  MSPCLOCK - ok
13:38:36.0530 2380  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:38:36.0561 2380  MSPQM - ok
13:38:36.0571 2380  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:38:36.0580 2380  MsRPC - ok
13:38:36.0593 2380  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:38:36.0599 2380  mssmbios - ok
13:38:36.0608 2380  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:38:36.0640 2380  MSTEE - ok
13:38:36.0652 2380  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
13:38:36.0659 2380  MTConfig - ok
13:38:36.0668 2380  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:38:36.0674 2380  Mup - ok
13:38:36.0691 2380  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:38:36.0721 2380  napagent - ok
13:38:36.0744 2380  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:38:36.0765 2380  NativeWifiP - ok
13:38:36.0795 2380  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:38:36.0810 2380  NDIS - ok
13:38:36.0830 2380  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:38:36.0852 2380  NdisCap - ok
13:38:36.0859 2380  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:38:36.0881 2380  NdisTapi - ok
13:38:36.0894 2380  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:38:36.0925 2380  Ndisuio - ok
13:38:36.0933 2380  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:38:36.0963 2380  NdisWan - ok
13:38:36.0978 2380  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:38:37.0000 2380  NDProxy - ok
13:38:37.0006 2380  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:38:37.0031 2380  NetBIOS - ok
13:38:37.0042 2380  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:38:37.0065 2380  NetBT - ok
13:38:37.0084 2380  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:38:37.0091 2380  Netlogon - ok
13:38:37.0116 2380  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:38:37.0141 2380  Netman - ok
13:38:37.0193 2380  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:38:37.0209 2380  NetMsmqActivator - ok
13:38:37.0214 2380  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:38:37.0225 2380  NetPipeActivator - ok
13:38:37.0252 2380  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:38:37.0285 2380  netprofm - ok
13:38:37.0288 2380  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:38:37.0295 2380  NetTcpActivator - ok
13:38:37.0297 2380  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:38:37.0304 2380  NetTcpPortSharing - ok
13:38:37.0335 2380  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
13:38:37.0342 2380  nfrd960 - ok
13:38:37.0406 2380  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:38:37.0430 2380  NlaSvc - ok
13:38:37.0444 2380  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:38:37.0469 2380  Npfs - ok
13:38:37.0471 2380  npggsvc - ok
13:38:37.0474 2380  NPPTNT2 - ok
13:38:37.0480 2380  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:38:37.0503 2380  nsi - ok
13:38:37.0508 2380  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:38:37.0540 2380  nsiproxy - ok
13:38:37.0609 2380  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:38:37.0631 2380  Ntfs - ok
13:38:37.0641 2380  NTIOLib_1_0_C - ok
13:38:37.0649 2380  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:38:37.0683 2380  Null - ok
13:38:37.0715 2380  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:38:37.0722 2380  nvraid - ok
13:38:37.0752 2380  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:38:37.0759 2380  nvstor - ok
13:38:37.0777 2380  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:38:37.0785 2380  nv_agp - ok
13:38:37.0788 2380  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:38:37.0800 2380  ohci1394 - ok
13:38:37.0819 2380  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:38:37.0839 2380  p2pimsvc - ok
13:38:37.0859 2380  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:38:37.0871 2380  p2psvc - ok
13:38:37.0890 2380  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:38:37.0906 2380  Parport - ok
13:38:37.0923 2380  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:38:37.0930 2380  partmgr - ok
13:38:37.0936 2380  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:38:37.0952 2380  PcaSvc - ok
13:38:37.0965 2380  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:38:37.0972 2380  pci - ok
13:38:37.0983 2380  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:38:37.0988 2380  pciide - ok
13:38:38.0002 2380  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
13:38:38.0011 2380  pcmcia - ok
13:38:38.0024 2380  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:38:38.0030 2380  pcw - ok
13:38:38.0046 2380  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:38:38.0082 2380  PEAUTH - ok
13:38:38.0111 2380  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:38:38.0157 2380  PeerDistSvc - ok
13:38:38.0211 2380  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:38:38.0230 2380  PerfHost - ok
13:38:38.0270 2380  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:38:38.0332 2380  pla - ok
13:38:38.0368 2380  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:38:38.0385 2380  PlugPlay - ok
13:38:38.0403 2380  PnkBstrA - ok
13:38:38.0414 2380  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:38:38.0435 2380  PNRPAutoReg - ok
13:38:38.0453 2380  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:38:38.0467 2380  PNRPsvc - ok
13:38:38.0497 2380  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:38:38.0532 2380  PolicyAgent - ok
13:38:38.0552 2380  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:38:38.0585 2380  Power - ok
13:38:38.0604 2380  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:38:38.0630 2380  PptpMiniport - ok
13:38:38.0641 2380  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
13:38:38.0649 2380  Processor - ok
13:38:38.0675 2380  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:38:38.0696 2380  ProfSvc - ok
13:38:38.0707 2380  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:38:38.0714 2380  ProtectedStorage - ok
13:38:38.0777 2380  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:38:38.0849 2380  Psched - ok
13:38:38.0922 2380  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
13:38:38.0968 2380  ql2300 - ok
13:38:38.0979 2380  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
13:38:38.0989 2380  ql40xx - ok
13:38:39.0015 2380  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:38:39.0032 2380  QWAVE - ok
13:38:39.0043 2380  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:38:39.0067 2380  QWAVEdrv - ok
13:38:39.0078 2380  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:38:39.0110 2380  RasAcd - ok
13:38:39.0135 2380  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:38:39.0157 2380  RasAgileVpn - ok
13:38:39.0164 2380  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:38:39.0197 2380  RasAuto - ok
13:38:39.0206 2380  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:38:39.0234 2380  Rasl2tp - ok
13:38:39.0252 2380  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:38:39.0277 2380  RasMan - ok
13:38:39.0282 2380  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:38:39.0316 2380  RasPppoe - ok
13:38:39.0325 2380  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:38:39.0354 2380  RasSstp - ok
13:38:39.0367 2380  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:38:39.0391 2380  rdbss - ok
13:38:39.0396 2380  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:38:39.0404 2380  rdpbus - ok
13:38:39.0446 2380  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:38:39.0491 2380  RDPCDD - ok
13:38:39.0518 2380  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:38:39.0528 2380  RDPDR - ok
13:38:39.0544 2380  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:38:39.0581 2380  RDPENCDD - ok
13:38:39.0593 2380  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:38:39.0614 2380  RDPREFMP - ok
13:38:39.0634 2380  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:38:39.0659 2380  RDPWD - ok
13:38:39.0680 2380  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:38:39.0697 2380  rdyboost - ok
13:38:39.0738 2380  [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nSU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
13:38:39.0749 2380  Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
13:38:39.0749 2380  Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
13:38:39.0767 2380  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:38:39.0808 2380  RemoteAccess - ok
13:38:39.0825 2380  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:38:39.0863 2380  RemoteRegistry - ok
13:38:39.0883 2380  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:38:39.0920 2380  RpcEptMapper - ok
13:38:39.0941 2380  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:38:39.0954 2380  RpcLocator - ok
13:38:39.0971 2380  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:38:39.0995 2380  RpcSs - ok
13:38:40.0019 2380  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:38:40.0041 2380  rspndr - ok
13:38:40.0083 2380  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:38:40.0102 2380  RTL8167 - ok
13:38:40.0144 2380  [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
13:38:40.0164 2380  RTL8192su - ok
13:38:40.0174 2380  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:38:40.0193 2380  s3cap - ok
13:38:40.0247 2380  [ 77A84B1FB7B5E492A560B97564AE6499 ] Said1109        C:\Windows\system32\DRIVERS\Said1109.sys
13:38:40.0256 2380  Said1109 - ok
13:38:40.0330 2380  [ 46B351B789DE0D95FE6B8B7318D5B4DF ] SaiK1109        C:\Windows\system32\DRIVERS\SaiK1109.sys
13:38:40.0344 2380  SaiK1109 - ok
13:38:40.0411 2380  [ CA2ED6629C654AA00B033E3675A4F13D ] SaiK1713        C:\Windows\system32\DRIVERS\SaiK1713.sys
13:38:40.0424 2380  SaiK1713 - ok
13:38:40.0479 2380  [ A7CEE5D110C7F07B20490398E673E4EA ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
13:38:40.0491 2380  SaiMini - ok
13:38:40.0544 2380  [ 86BDC00D124A611F1ECA5681D5123E26 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
13:38:40.0555 2380  SaiNtBus - ok
13:38:40.0597 2380  [ 2510B192A970122C7E7FAAE97CA51B29 ] SaiU1713        C:\Windows\system32\DRIVERS\SaiU1713.sys
13:38:40.0608 2380  SaiU1713 - ok
13:38:40.0614 2380  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:38:40.0627 2380  SamSs - ok
13:38:40.0665 2380  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:38:40.0694 2380  sbp2port - ok
13:38:40.0711 2380  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:38:40.0747 2380  SCardSvr - ok
13:38:40.0765 2380  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:38:40.0791 2380  scfilter - ok
13:38:40.0813 2380  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:38:40.0840 2380  Schedule - ok
13:38:40.0858 2380  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:38:40.0879 2380  SCPolicySvc - ok
13:38:40.0893 2380  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:38:40.0901 2380  SDRSVC - ok
13:38:40.0970 2380  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
13:38:40.0996 2380  SDScannerService - ok
13:38:41.0044 2380  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:38:41.0070 2380  SDUpdateService - ok
13:38:41.0083 2380  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:38:41.0090 2380  SDWSCService - ok
13:38:41.0117 2380  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:38:41.0160 2380  secdrv - ok
13:38:41.0174 2380  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:38:41.0195 2380  seclogon - ok
13:38:41.0200 2380  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:38:41.0232 2380  SENS - ok
13:38:41.0241 2380  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:38:41.0258 2380  SensrSvc - ok
13:38:41.0329 2380  [ FA4C17148ED9AD06E27533E096B407A5 ] Sentinel        C:\Program Files (x86)\Mad Catz\Sentinel\Sentinel.exe
13:38:41.0341 2380  Sentinel ( UnsignedFile.Multi.Generic ) - warning
13:38:41.0341 2380  Sentinel - detected UnsignedFile.Multi.Generic (1)
13:38:41.0361 2380  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:38:41.0385 2380  Serenum - ok
13:38:41.0407 2380  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:38:41.0428 2380  Serial - ok
13:38:41.0459 2380  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
13:38:41.0483 2380  sermouse - ok
13:38:41.0510 2380  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:38:41.0547 2380  SessionEnv - ok
13:38:41.0549 2380  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:38:41.0558 2380  sffdisk - ok
13:38:41.0560 2380  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:38:41.0568 2380  sffp_mmc - ok
13:38:41.0571 2380  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:38:41.0585 2380  sffp_sd - ok
13:38:41.0593 2380  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
13:38:41.0601 2380  sfloppy - ok
13:38:41.0612 2380  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:38:41.0636 2380  ShellHWDetection - ok
13:38:41.0647 2380  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
13:38:41.0653 2380  SiSRaid2 - ok
13:38:41.0665 2380  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
13:38:41.0671 2380  SiSRaid4 - ok
13:38:41.0779 2380  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:38:41.0789 2380  SkypeUpdate - ok
13:38:41.0803 2380  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:38:41.0845 2380  Smb - ok
13:38:41.0866 2380  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:38:41.0880 2380  SNMPTRAP - ok
13:38:41.0889 2380  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:38:41.0894 2380  spldr - ok
13:38:41.0917 2380  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:38:41.0928 2380  Spooler - ok
13:38:41.0988 2380  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:38:42.0088 2380  sppsvc - ok
13:38:42.0097 2380  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:38:42.0119 2380  sppuinotify - ok
13:38:42.0156 2380  sptd - ok
13:38:42.0182 2380  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:38:42.0213 2380  srv - ok
13:38:42.0234 2380  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:38:42.0262 2380  srv2 - ok
13:38:42.0274 2380  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:38:42.0287 2380  srvnet - ok
13:38:42.0322 2380  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:38:42.0361 2380  SSDPSRV - ok
13:38:42.0367 2380  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:38:42.0389 2380  SstpSvc - ok
13:38:42.0443 2380  Steam Client Service - ok
13:38:42.0483 2380  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
13:38:42.0495 2380  stexstor - ok
13:38:42.0524 2380  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:38:42.0561 2380  stisvc - ok
13:38:42.0575 2380  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:38:42.0581 2380  storflt - ok
13:38:42.0599 2380  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
13:38:42.0618 2380  StorSvc - ok
13:38:42.0658 2380  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:38:42.0671 2380  storvsc - ok
13:38:42.0690 2380  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:38:42.0702 2380  swenum - ok
13:38:42.0849 2380  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
13:38:42.0876 2380  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
13:38:42.0877 2380  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
13:38:42.0905 2380  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:38:42.0955 2380  swprv - ok
13:38:42.0994 2380  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:38:43.0058 2380  SysMain - ok
13:38:43.0071 2380  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:38:43.0086 2380  TabletInputService - ok
13:38:43.0091 2380  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:38:43.0128 2380  TapiSrv - ok
13:38:43.0141 2380  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:38:43.0164 2380  TBS - ok
13:38:43.0246 2380  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:38:43.0314 2380  Tcpip - ok
13:38:43.0339 2380  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:38:43.0362 2380  TCPIP6 - ok
13:38:43.0411 2380  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:38:43.0425 2380  tcpipreg - ok
13:38:43.0453 2380  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:38:43.0477 2380  TDPIPE - ok
13:38:43.0491 2380  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:38:43.0514 2380  TDTCP - ok
13:38:43.0523 2380  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:38:43.0560 2380  tdx - ok
13:38:43.0580 2380  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:38:43.0587 2380  TermDD - ok
13:38:43.0612 2380  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:38:43.0650 2380  TermService - ok
13:38:43.0661 2380  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:38:43.0672 2380  Themes - ok
13:38:43.0688 2380  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:38:43.0710 2380  THREADORDER - ok
13:38:43.0723 2380  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:38:43.0750 2380  TrkWks - ok
13:38:43.0794 2380  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:38:43.0841 2380  TrustedInstaller - ok
13:38:43.0862 2380  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:38:43.0904 2380  tssecsrv - ok
13:38:43.0934 2380  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:38:43.0979 2380  TsUsbFlt - ok
13:38:44.0086 2380  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
13:38:44.0122 2380  TsUsbGD - ok
13:38:44.0142 2380  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:38:44.0187 2380  tunnel - ok
13:38:44.0198 2380  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
13:38:44.0205 2380  uagp35 - ok
13:38:44.0214 2380  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:38:44.0244 2380  udfs - ok
13:38:44.0259 2380  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:38:44.0285 2380  UI0Detect - ok
13:38:44.0295 2380  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:38:44.0307 2380  uliagpkx - ok
13:38:44.0322 2380  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:38:44.0341 2380  umbus - ok
13:38:44.0350 2380  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
13:38:44.0370 2380  UmPass - ok
13:38:44.0392 2380  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
13:38:44.0414 2380  UmRdpService - ok
13:38:44.0488 2380  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:38:44.0558 2380  UNS - ok
13:38:44.0576 2380  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:38:44.0610 2380  upnphost - ok
13:38:44.0637 2380  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:38:44.0644 2380  USBAAPL64 - ok
13:38:44.0662 2380  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:38:44.0682 2380  usbaudio - ok
13:38:44.0712 2380  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:38:44.0726 2380  usbccgp - ok
13:38:44.0750 2380  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:38:44.0763 2380  usbcir - ok
13:38:44.0773 2380  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
13:38:44.0786 2380  usbehci - ok
13:38:44.0807 2380  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:38:44.0830 2380  usbhub - ok
13:38:44.0844 2380  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:38:44.0858 2380  usbohci - ok
13:38:44.0864 2380  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
13:38:44.0878 2380  usbprint - ok
13:38:44.0888 2380  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:38:44.0912 2380  USBSTOR - ok
13:38:44.0923 2380  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
13:38:44.0941 2380  usbuhci - ok
13:38:44.0963 2380  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:38:45.0009 2380  UxSms - ok
13:38:45.0018 2380  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:38:45.0026 2380  VaultSvc - ok
13:38:45.0050 2380  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:38:45.0056 2380  vdrvroot - ok
13:38:45.0070 2380  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:38:45.0106 2380  vds - ok
13:38:45.0121 2380  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:38:45.0130 2380  vga - ok
13:38:45.0132 2380  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:38:45.0164 2380  VgaSave - ok
13:38:45.0172 2380  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:38:45.0181 2380  vhdmp - ok
13:38:45.0192 2380  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:38:45.0199 2380  viaide - ok
13:38:45.0248 2380  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:38:45.0265 2380  vmbus - ok
13:38:45.0284 2380  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:38:45.0306 2380  VMBusHID - ok
13:38:45.0314 2380  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:38:45.0325 2380  volmgr - ok
13:38:45.0340 2380  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:38:45.0350 2380  volmgrx - ok
13:38:45.0358 2380  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:38:45.0371 2380  volsnap - ok
13:38:45.0396 2380  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
13:38:45.0408 2380  vsmraid - ok
13:38:45.0456 2380  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:38:45.0539 2380  VSS - ok
13:38:45.0638 2380  [ 4B817450226F93C31ADD5BCC27FED27A ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
13:38:45.0663 2380  vToolbarUpdater15.2.0 - ok
13:38:45.0686 2380  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:38:45.0709 2380  vwifibus - ok
13:38:45.0722 2380  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:38:45.0742 2380  vwififlt - ok
13:38:45.0767 2380  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:38:45.0794 2380  W32Time - ok
13:38:45.0806 2380  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
13:38:45.0847 2380  WacomPen - ok
13:38:45.0871 2380  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:38:45.0919 2380  WANARP - ok
13:38:45.0932 2380  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:38:45.0952 2380  Wanarpv6 - ok
13:38:45.0995 2380  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:38:46.0050 2380  wbengine - ok
13:38:46.0061 2380  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:38:46.0083 2380  WbioSrvc - ok
13:38:46.0091 2380  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:38:46.0138 2380  wcncsvc - ok
13:38:46.0146 2380  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:38:46.0171 2380  WcsPlugInService - ok
13:38:46.0193 2380  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
13:38:46.0204 2380  Wd - ok
13:38:46.0229 2380  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:38:46.0253 2380  Wdf01000 - ok
13:38:46.0284 2380  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:38:46.0314 2380  WdiServiceHost - ok
13:38:46.0316 2380  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:38:46.0328 2380  WdiSystemHost - ok
13:38:46.0370 2380  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:38:46.0402 2380  WebClient - ok
13:38:46.0419 2380  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:38:46.0471 2380  Wecsvc - ok
13:38:46.0482 2380  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:38:46.0508 2380  wercplsupport - ok
13:38:46.0532 2380  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:38:46.0557 2380  WerSvc - ok
13:38:46.0579 2380  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:38:46.0603 2380  WfpLwf - ok
13:38:46.0616 2380  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:38:46.0622 2380  WIMMount - ok
13:38:46.0635 2380  WinHttpAutoProxySvc - ok
13:38:46.0667 2380  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:38:46.0707 2380  Winmgmt - ok
13:38:46.0748 2380  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:38:46.0807 2380  WinRM - ok
13:38:46.0854 2380  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:38:46.0880 2380  WinUsb - ok
13:38:46.0913 2380  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:38:46.0993 2380  Wlansvc - ok
13:38:47.0168 2380  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:38:47.0245 2380  wlidsvc - ok
13:38:47.0263 2380  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:38:47.0273 2380  WmiAcpi - ok
13:38:47.0294 2380  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:38:47.0317 2380  wmiApSrv - ok
13:38:47.0333 2380  WMPNetworkSvc - ok
13:38:47.0349 2380  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:38:47.0363 2380  WPCSvc - ok
13:38:47.0370 2380  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:38:47.0386 2380  WPDBusEnum - ok
13:38:47.0398 2380  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:38:47.0430 2380  ws2ifsl - ok
13:38:47.0437 2380  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:38:47.0455 2380  wscsvc - ok
13:38:47.0457 2380  WSearch - ok
13:38:47.0513 2380  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:38:47.0528 2380  WudfPf - ok
13:38:47.0557 2380  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:38:47.0588 2380  WUDFRd - ok
13:38:47.0639 2380  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:38:47.0663 2380  wudfsvc - ok
13:38:47.0720 2380  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:38:47.0739 2380  WwanSvc - ok
13:38:47.0760 2380  ================ Scan global ===============================
13:38:47.0779 2380  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:38:47.0838 2380  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:38:47.0845 2380  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:38:47.0864 2380  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:38:47.0906 2380  [ 50BEA589F7D7958BDD2528A8F69D05CC ] C:\Windows\system32\services.exe
13:38:47.0910 2380  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - infected
13:38:47.0910 2380  C:\Windows\system32\services.exe - detected Virus.Win64.ZAccess.a (0)
13:38:47.0910 2380  ================ Scan MBR ==================================
13:38:47.0939 2380  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:38:48.0135 2380  \Device\Harddisk0\DR0 - ok
13:38:48.0136 2380  ================ Scan VBR ==================================
13:38:48.0138 2380  [ 8F7BE01F6CE49A79B09F95E527F8B1A7 ] \Device\Harddisk0\DR0\Partition1
13:38:48.0140 2380  \Device\Harddisk0\DR0\Partition1 - ok
13:38:48.0141 2380  ============================================================
13:38:48.0141 2380  Scan finished
13:38:48.0141 2380  ============================================================
13:38:48.0152 1000  Detected object count: 4
13:38:48.0152 1000  Actual detected object count: 4
13:39:08.0146 1000  Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:08.0146 1000  Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:08.0147 1000  Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:08.0147 1000  Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:08.0148 1000  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
13:39:08.0148 1000  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:39:08.0161 1000  C:\Windows\system32\services.exe - copied to quarantine
13:39:08.0589 1000  C:\Windows\assembly\GAC_32\desktop.ini - copied to quarantine
13:39:08.0589 1000  C:\Windows\assembly\GAC_64\desktop.ini - copied to quarantine
13:39:08.0623 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\@ - copied to quarantine
13:39:08.0623 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\L\00000004.@ - copied to quarantine
13:39:08.0624 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\L\76603ac3 - copied to quarantine
13:39:08.0624 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000004.@ - copied to quarantine
13:39:08.0625 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000008.@ - copied to quarantine
13:39:08.0625 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\000000cb.@ - copied to quarantine
13:39:08.0626 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000000.@ - copied to quarantine
13:39:08.0626 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000032.@ - copied to quarantine
13:39:08.0626 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000064.@ - copied to quarantine
13:39:23.0157 1000  Backup copy not found, trying to cure infected file..
13:39:23.0157 1000  Cure success, using it..
13:39:23.0193 1000  C:\Windows\assembly\GAC_32\desktop.ini - will be deleted on reboot
13:39:23.0193 1000  C:\Windows\assembly\GAC_64\desktop.ini - will be deleted on reboot
13:39:23.0204 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\@ - will be deleted on reboot
13:39:23.0204 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000004.@ - will be deleted on reboot
13:39:23.0204 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\00000008.@ - will be deleted on reboot
13:39:23.0204 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\000000cb.@ - will be deleted on reboot
13:39:23.0204 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000000.@ - will be deleted on reboot
13:39:23.0205 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000032.@ - will be deleted on reboot
13:39:23.0205 1000  C:\Windows\installer\{cae8288a-d1ba-7b7a-3e2e-4de6e0327536}\U\80000064.@ - will be deleted on reboot
13:39:23.0206 1000  C:\Windows\system32\services.exe - will be cured on reboot
13:39:23.0206 1000  C:\Windows\system32\services.exe ( Virus.Win64.ZAccess.a ) - User select action: Cure 
13:40:09.0747 6428  Deinitialize success

Leider geht zoek immer noch nicht, ich sende im Anhang einen Screenshot von dem, was dann kommt.

smeenk · 23.05.2013, 13:16

Mach erneut ein Scan mit TDSSKiller und poste mir der neue Log.

Diese umbenannte Zoek-Dateien im Zip geben das gleiche Fehlermeldung?: http://www.hijackthis.nl/smeenk/140912/zoek.zip

Florian_Ice · 23.05.2013, 13:22

So hier das Log

Code:

ATTFilter

14:19:37.0312 2896  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:19:37.0574 2896  ============================================================
14:19:37.0574 2896  Current date / time: 2013/05/23 14:19:37.0574
14:19:37.0574 2896  SystemInfo:
14:19:37.0574 2896  
14:19:37.0574 2896  OS Version: 6.1.7601 ServicePack: 1.0
14:19:37.0574 2896  Product type: Workstation
14:19:37.0574 2896  ComputerName: ICESHOCK-PC
14:19:37.0575 2896  UserName: IceShock
14:19:37.0575 2896  Windows directory: C:\Windows
14:19:37.0575 2896  System windows directory: C:\Windows
14:19:37.0575 2896  Running under WOW64
14:19:37.0575 2896  Processor architecture: Intel x64
14:19:37.0575 2896  Number of processors: 4
14:19:37.0575 2896  Page size: 0x1000
14:19:37.0575 2896  Boot type: Normal boot
14:19:37.0575 2896  ============================================================
14:19:38.0136 2896  BG loaded
14:19:38.0351 2896  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:19:38.0354 2896  ============================================================
14:19:38.0354 2896  \Device\Harddisk0\DR0:
14:19:38.0354 2896  MBR partitions:
14:19:38.0354 2896  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
14:19:38.0354 2896  ============================================================
14:19:38.0374 2896  C: <-> \Device\Harddisk0\DR0\Partition1
14:19:38.0374 2896  ============================================================
14:19:38.0374 2896  Initialize success
14:19:38.0374 2896  ============================================================
14:20:06.0943 0676  ============================================================
14:20:06.0943 0676  Scan started
14:20:06.0943 0676  Mode: Manual; SigCheck; TDLFS; 
14:20:06.0943 0676  ============================================================
14:20:07.0373 0676  ================ Scan system memory ========================
14:20:07.0373 0676  System memory - ok
14:20:07.0374 0676  ================ Scan services =============================
14:20:07.0812 0676  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:20:07.0863 0676  1394ohci - ok
14:20:07.0882 0676  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:20:07.0892 0676  ACPI - ok
14:20:07.0903 0676  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:20:07.0919 0676  AcpiPmi - ok
14:20:07.0984 0676  [ F040037B149FD0F5A5044AE563390FA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:20:07.0999 0676  AdobeFlashPlayerUpdateSvc - ok
14:20:08.0046 0676  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
14:20:08.0067 0676  adp94xx - ok
14:20:08.0098 0676  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
14:20:08.0115 0676  adpahci - ok
14:20:08.0124 0676  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
14:20:08.0136 0676  adpu320 - ok
14:20:08.0162 0676  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:20:08.0204 0676  AeLookupSvc - ok
14:20:08.0289 0676  [ 0517E1670A58213E3F206066CD209273 ] AF15BDA         C:\Windows\system32\DRIVERS\AF15BDA.sys
14:20:08.0317 0676  AF15BDA - ok
14:20:08.0348 0676  [ 0D0E5281784C2C526BA43C2ECD374288 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
14:20:08.0367 0676  Afc - ok
14:20:08.0406 0676  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:20:08.0431 0676  AFD - ok
14:20:08.0458 0676  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:20:08.0469 0676  agp440 - ok
14:20:08.0484 0676  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:20:08.0502 0676  ALG - ok
14:20:08.0522 0676  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:20:08.0533 0676  aliide - ok
14:20:08.0595 0676  [ 4EAAAAB8759644D572522FBCDD196A13 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:20:08.0623 0676  AMD External Events Utility - ok
14:20:08.0635 0676  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:20:08.0641 0676  amdide - ok
14:20:08.0653 0676  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
14:20:08.0673 0676  AmdK8 - ok
14:20:08.0849 0676  [ 22A14DF59FB8D0BE918C597988AF4296 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
14:20:08.0938 0676  amdkmdag - ok
14:20:08.0965 0676  [ EE22D3ED6D55A855E709F811CCCA97ED ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
14:20:08.0988 0676  amdkmdap - ok
14:20:09.0001 0676  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
14:20:09.0019 0676  AmdPPM - ok
14:20:09.0043 0676  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:20:09.0057 0676  amdsata - ok
14:20:09.0081 0676  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
14:20:09.0096 0676  amdsbs - ok
14:20:09.0113 0676  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:20:09.0126 0676  amdxata - ok
14:20:09.0142 0676  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:20:09.0182 0676  AppID - ok
14:20:09.0199 0676  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:20:09.0221 0676  AppIDSvc - ok
14:20:09.0290 0676  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
14:20:09.0313 0676  Appinfo - ok
14:20:09.0432 0676  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:20:09.0443 0676  Apple Mobile Device - ok
14:20:09.0479 0676  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:20:09.0503 0676  AppMgmt - ok
14:20:09.0529 0676  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
14:20:09.0541 0676  arc - ok
14:20:09.0566 0676  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
14:20:09.0577 0676  arcsas - ok
14:20:09.0610 0676  [ 10E9A8034C6843CA516BDB79D5D57B02 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
14:20:09.0620 0676  asahci64 - ok
14:20:09.0650 0676  [ 6FE3237C1177E66437E7AD0E8AC1A6E5 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
14:20:09.0673 0676  asmthub3 - ok
14:20:09.0692 0676  [ C4043E39A2ABBC56581CA25DF161E9F7 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
14:20:09.0719 0676  asmtxhci - ok
14:20:09.0812 0676  [ 108FB6DDB69E537A2EA53F425363FAE5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:20:09.0827 0676  aspnet_state - ok
14:20:09.0861 0676  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:20:09.0910 0676  AsyncMac - ok
14:20:09.0933 0676  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:20:09.0939 0676  atapi - ok
14:20:09.0981 0676  [ 437F55435623D4D54D36197F5AD8B435 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
14:20:10.0007 0676  AtiHDAudioService - ok
14:20:10.0046 0676  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:20:10.0113 0676  AudioEndpointBuilder - ok
14:20:10.0123 0676  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:20:10.0154 0676  AudioSrv - ok
14:20:10.0180 0676  [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6a.sys
14:20:10.0190 0676  Avgfwfd - ok
14:20:10.0251 0676  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
14:20:10.0282 0676  avgfws - ok
14:20:10.0423 0676  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:20:10.0481 0676  AVGIDSAgent - ok
14:20:10.0497 0676  [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:20:10.0503 0676  AVGIDSDriver - ok
14:20:10.0520 0676  [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA        C:\Windows\system32\DRIVERS\avgidsha.sys
14:20:10.0525 0676  AVGIDSHA - ok
14:20:10.0531 0676  [ 5989592A91A17587799792A81E1541D4 ] Avgldx64        C:\Windows\system32\DRIVERS\avgldx64.sys
14:20:10.0538 0676  Avgldx64 - ok
14:20:10.0565 0676  [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga         C:\Windows\system32\DRIVERS\avgloga.sys
14:20:10.0572 0676  Avgloga - ok
14:20:10.0626 0676  [ 841C40C193889730848849AC220D9242 ] Avgmfx64        C:\Windows\system32\DRIVERS\avgmfx64.sys
14:20:10.0637 0676  Avgmfx64 - ok
14:20:10.0644 0676  [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] Avgrkx64        C:\Windows\system32\DRIVERS\avgrkx64.sys
14:20:10.0652 0676  Avgrkx64 - ok
14:20:10.0693 0676  [ 6E634525613D48A1D1657FB21F21F3B2 ] Avgtdia         C:\Windows\system32\DRIVERS\avgtdia.sys
14:20:10.0707 0676  Avgtdia - ok
14:20:10.0737 0676  [ 3B5657B6C11CDA87F664DD6F7DD0702D ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
14:20:10.0749 0676  avgtp - ok
14:20:10.0772 0676  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:20:10.0786 0676  avgwd - ok
14:20:10.0814 0676  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:20:10.0854 0676  AxInstSV - ok
14:20:10.0889 0676  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
14:20:10.0914 0676  b06bdrv - ok
14:20:10.0954 0676  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:20:10.0989 0676  b57nd60a - ok
14:20:11.0027 0676  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:20:11.0050 0676  BDESVC - ok
14:20:11.0058 0676  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:20:11.0113 0676  Beep - ok
14:20:11.0158 0676  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:20:11.0210 0676  BFE - ok
14:20:11.0230 0676  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:20:11.0260 0676  blbdrive - ok
14:20:11.0396 0676  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:20:11.0413 0676  Bonjour Service - ok
14:20:11.0445 0676  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:20:11.0467 0676  bowser - ok
14:20:11.0485 0676  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
14:20:11.0507 0676  BrFiltLo - ok
14:20:11.0510 0676  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
14:20:11.0522 0676  BrFiltUp - ok
14:20:11.0548 0676  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:20:11.0574 0676  Browser - ok
14:20:11.0580 0676  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:20:11.0597 0676  Brserid - ok
14:20:11.0599 0676  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:20:11.0615 0676  BrSerWdm - ok
14:20:11.0617 0676  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:20:11.0631 0676  BrUsbMdm - ok
14:20:11.0643 0676  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:20:11.0650 0676  BrUsbSer - ok
14:20:11.0653 0676  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
14:20:11.0667 0676  BTHMODEM - ok
14:20:11.0691 0676  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:20:11.0712 0676  bthserv - ok
14:20:11.0781 0676  [ 555FA105C22B1616094EDAD1CBFB0551 ] cbfs3           C:\Windows\system32\DRIVERS\cbfs3.sys
14:20:11.0794 0676  cbfs3 - ok
14:20:11.0881 0676  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:20:11.0932 0676  cdfs - ok
14:20:11.0956 0676  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:20:11.0968 0676  cdrom - ok
14:20:11.0996 0676  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:20:12.0037 0676  CertPropSvc - ok
14:20:12.0048 0676  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
14:20:12.0063 0676  circlass - ok
14:20:12.0091 0676  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:20:12.0101 0676  CLFS - ok
14:20:12.0166 0676  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:20:12.0177 0676  clr_optimization_v2.0.50727_32 - ok
14:20:12.0209 0676  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:20:12.0219 0676  clr_optimization_v2.0.50727_64 - ok
14:20:12.0299 0676  [ 6D7C8A951AF6AD6835C029B3CB88D333 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:20:12.0314 0676  clr_optimization_v4.0.30319_32 - ok
14:20:12.0324 0676  [ 86329C35FF23CFEF0FB6C0023BA06BCE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:20:12.0338 0676  clr_optimization_v4.0.30319_64 - ok
14:20:12.0358 0676  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
14:20:12.0378 0676  CmBatt - ok
14:20:12.0390 0676  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:20:12.0402 0676  cmdide - ok
14:20:12.0439 0676  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:20:12.0465 0676  CNG - ok
14:20:12.0477 0676  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
14:20:12.0483 0676  Compbatt - ok
14:20:12.0496 0676  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
14:20:12.0516 0676  CompositeBus - ok
14:20:12.0524 0676  COMSysApp - ok
14:20:12.0535 0676  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
14:20:12.0541 0676  crcdisk - ok
14:20:12.0570 0676  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:20:12.0594 0676  CryptSvc - ok
14:20:12.0621 0676  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:20:12.0644 0676  CSC - ok
14:20:12.0663 0676  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:20:12.0676 0676  CscService - ok
14:20:12.0700 0676  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:20:12.0743 0676  DcomLaunch - ok
14:20:12.0768 0676  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:20:12.0808 0676  defragsvc - ok
14:20:12.0818 0676  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:20:12.0852 0676  DfsC - ok
14:20:12.0870 0676  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:20:12.0885 0676  Dhcp - ok
14:20:12.0906 0676  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:20:12.0949 0676  discache - ok
14:20:12.0971 0676  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
14:20:12.0978 0676  Disk - ok
14:20:13.0012 0676  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
14:20:13.0026 0676  dmvsc - ok
14:20:13.0047 0676  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:20:13.0071 0676  Dnscache - ok
14:20:13.0098 0676  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:20:13.0154 0676  dot3svc - ok
14:20:13.0167 0676  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:20:13.0213 0676  DPS - ok
14:20:13.0233 0676  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:20:13.0261 0676  drmkaud - ok
14:20:13.0288 0676  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
14:20:13.0303 0676  dtsoftbus01 - ok
14:20:13.0306 0676  dump_wmimmc - ok
14:20:13.0379 0676  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:20:13.0403 0676  DXGKrnl - ok
14:20:13.0411 0676  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:20:13.0451 0676  EapHost - ok
14:20:13.0515 0676  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
14:20:13.0553 0676  ebdrv - ok
14:20:13.0583 0676  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:20:13.0591 0676  EFS - ok
14:20:13.0632 0676  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:20:13.0667 0676  ehRecvr - ok
14:20:13.0685 0676  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:20:13.0711 0676  ehSched - ok
14:20:13.0745 0676  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
14:20:13.0761 0676  elxstor - ok
14:20:13.0775 0676  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:20:13.0793 0676  ErrDev - ok
14:20:13.0824 0676  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:20:13.0866 0676  EventSystem - ok
14:20:13.0889 0676  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:20:13.0913 0676  exfat - ok
14:20:13.0930 0676  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:20:13.0956 0676  fastfat - ok
14:20:13.0985 0676  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:20:14.0007 0676  Fax - ok
14:20:14.0010 0676  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
14:20:14.0023 0676  fdc - ok
14:20:14.0045 0676  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:20:14.0067 0676  fdPHost - ok
14:20:14.0077 0676  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:20:14.0111 0676  FDResPub - ok
14:20:14.0144 0676  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:20:14.0156 0676  FileInfo - ok
14:20:14.0165 0676  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:20:14.0211 0676  Filetrace - ok
14:20:14.0219 0676  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
14:20:14.0226 0676  flpydisk - ok
14:20:14.0241 0676  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:20:14.0249 0676  FltMgr - ok
14:20:14.0427 0676  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
14:20:14.0451 0676  FontCache - ok
14:20:14.0478 0676  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:20:14.0484 0676  FontCache3.0.0.0 - ok
14:20:14.0499 0676  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:20:14.0505 0676  FsDepends - ok
14:20:14.0528 0676  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:20:14.0534 0676  Fs_Rec - ok
14:20:14.0559 0676  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:20:14.0569 0676  fvevol - ok
14:20:14.0584 0676  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
14:20:14.0591 0676  gagp30kx - ok
14:20:14.0666 0676  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:20:14.0675 0676  GEARAspiWDM - ok
14:20:14.0703 0676  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:20:14.0748 0676  gpsvc - ok
14:20:14.0786 0676  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:20:14.0791 0676  gupdate - ok
14:20:14.0803 0676  [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:20:14.0808 0676  gupdatem - ok
14:20:14.0878 0676  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:20:14.0888 0676  hamachi - ok
14:20:14.0971 0676  [ DBCF8F2EA9111510B5B86E1EE9CD8816 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:20:15.0004 0676  Hamachi2Svc - ok
14:20:15.0023 0676  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:20:15.0034 0676  hcw85cir - ok
14:20:15.0063 0676  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:20:15.0081 0676  HdAudAddService - ok
14:20:15.0099 0676  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
14:20:15.0123 0676  HDAudBus - ok
14:20:15.0126 0676  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
14:20:15.0142 0676  HidBatt - ok
14:20:15.0145 0676  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
14:20:15.0162 0676  HidBth - ok
14:20:15.0179 0676  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
14:20:15.0188 0676  HidIr - ok
14:20:15.0198 0676  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:20:15.0220 0676  hidserv - ok
14:20:15.0240 0676  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:20:15.0247 0676  HidUsb - ok
14:20:15.0267 0676  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:20:15.0318 0676  hkmsvc - ok
14:20:15.0337 0676  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:20:15.0350 0676  HomeGroupListener - ok
14:20:15.0364 0676  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:20:15.0379 0676  HomeGroupProvider - ok
14:20:15.0394 0676  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:20:15.0400 0676  HpSAMD - ok
14:20:15.0430 0676  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:20:15.0464 0676  HTTP - ok
14:20:15.0474 0676  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:20:15.0479 0676  hwpolicy - ok
14:20:15.0489 0676  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:20:15.0497 0676  i8042prt - ok
14:20:15.0523 0676  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:20:15.0532 0676  iaStorV - ok
14:20:15.0570 0676  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:20:15.0583 0676  idsvc - ok
14:20:15.0607 0676  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
14:20:15.0613 0676  iirsp - ok
14:20:15.0651 0676  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:20:15.0695 0676  IKEEXT - ok
14:20:15.0770 0676  [ 254FAAE42AFC641C0BE628DE123EA9DE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:20:15.0811 0676  IntcAzAudAddService - ok
14:20:15.0824 0676  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:20:15.0829 0676  intelide - ok
14:20:15.0842 0676  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:20:15.0860 0676  intelppm - ok
14:20:15.0875 0676  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:20:15.0905 0676  IPBusEnum - ok
14:20:15.0912 0676  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:20:15.0941 0676  IpFilterDriver - ok
14:20:15.0949 0676  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:20:15.0963 0676  IPMIDRV - ok
14:20:15.0977 0676  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:20:16.0005 0676  IPNAT - ok
14:20:16.0082 0676  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:20:16.0102 0676  iPod Service - ok
14:20:16.0130 0676  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:20:16.0152 0676  IRENUM - ok
14:20:16.0191 0676  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:20:16.0203 0676  isapnp - ok
14:20:16.0274 0676  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:20:16.0291 0676  iScsiPrt - ok
14:20:16.0385 0676  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:20:16.0398 0676  kbdclass - ok
14:20:16.0404 0676  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:20:16.0425 0676  kbdhid - ok
14:20:16.0447 0676  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:20:16.0461 0676  KeyIso - ok
14:20:16.0478 0676  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:20:16.0491 0676  KSecDD - ok
14:20:16.0500 0676  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:20:16.0515 0676  KSecPkg - ok
14:20:16.0675 0676  [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
14:20:16.0690 0676  KSS - ok
14:20:16.0727 0676  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:20:16.0771 0676  ksthunk - ok
14:20:16.0792 0676  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:20:16.0839 0676  KtmRm - ok
14:20:16.0882 0676  [ 305BB2AC00D46542E0A653AB63F4ABB1 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
14:20:16.0899 0676  LADF_CaptureOnly - ok
14:20:16.0918 0676  [ 28CDDC7D478A6313F55077416DCBD0DE ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
14:20:16.0925 0676  LADF_RenderOnly - ok
14:20:16.0945 0676  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:20:16.0977 0676  LanmanServer - ok
14:20:16.0999 0676  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:20:17.0023 0676  LanmanWorkstation - ok
14:20:17.0079 0676  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
14:20:17.0089 0676  LGBusEnum - ok
14:20:17.0115 0676  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
14:20:17.0124 0676  LGVirHid - ok
14:20:17.0152 0676  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:20:17.0195 0676  lltdio - ok
14:20:17.0232 0676  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:20:17.0283 0676  lltdsvc - ok
14:20:17.0295 0676  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:20:17.0327 0676  lmhosts - ok
14:20:17.0357 0676  [ DF86570FFC4F8A7E38595CC072B19A5B ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:20:17.0373 0676  LMS - ok
14:20:17.0401 0676  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
14:20:17.0409 0676  LSI_FC - ok
14:20:17.0421 0676  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
14:20:17.0429 0676  LSI_SAS - ok
14:20:17.0440 0676  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
14:20:17.0447 0676  LSI_SAS2 - ok
14:20:17.0463 0676  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
14:20:17.0470 0676  LSI_SCSI - ok
14:20:17.0491 0676  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:20:17.0520 0676  luafv - ok
14:20:17.0539 0676  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:20:17.0560 0676  Mcx2Svc - ok
14:20:17.0563 0676  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
14:20:17.0569 0676  megasas - ok
14:20:17.0584 0676  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
14:20:17.0593 0676  MegaSR - ok
14:20:17.0632 0676  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
14:20:17.0643 0676  MEIx64 - ok
14:20:17.0681 0676  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:20:17.0731 0676  MMCSS - ok
14:20:17.0747 0676  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:20:17.0780 0676  Modem - ok
14:20:17.0795 0676  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:20:17.0814 0676  monitor - ok
14:20:17.0831 0676  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:20:17.0838 0676  mouclass - ok
14:20:17.0856 0676  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:20:17.0873 0676  mouhid - ok
14:20:17.0896 0676  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:20:17.0903 0676  mountmgr - ok
14:20:17.0956 0676  [ 7EDBBB9351A38C6BB0FE98CFD44DB430 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:20:17.0969 0676  MozillaMaintenance - ok
14:20:17.0989 0676  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:20:18.0003 0676  mpio - ok
14:20:18.0017 0676  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:20:18.0052 0676  mpsdrv - ok
14:20:18.0076 0676  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:20:18.0101 0676  MpsSvc - ok
14:20:18.0117 0676  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:20:18.0136 0676  MRxDAV - ok
14:20:18.0152 0676  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:20:18.0173 0676  mrxsmb - ok
14:20:18.0189 0676  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:20:18.0197 0676  mrxsmb10 - ok
14:20:18.0205 0676  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:20:18.0212 0676  mrxsmb20 - ok
14:20:18.0238 0676  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:20:18.0243 0676  msahci - ok
14:20:18.0259 0676  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:20:18.0266 0676  msdsm - ok
14:20:18.0276 0676  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:20:18.0294 0676  MSDTC - ok
14:20:18.0318 0676  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:20:18.0359 0676  Msfs - ok
14:20:18.0382 0676  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:20:18.0418 0676  mshidkmdf - ok
14:20:18.0433 0676  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:20:18.0441 0676  msisadrv - ok
14:20:18.0461 0676  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:20:18.0495 0676  MSiSCSI - ok
14:20:18.0497 0676  msiserver - ok
14:20:18.0515 0676  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:20:18.0554 0676  MSKSSRV - ok
14:20:18.0566 0676  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:20:18.0596 0676  MSPCLOCK - ok
14:20:18.0607 0676  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:20:18.0638 0676  MSPQM - ok
14:20:18.0648 0676  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:20:18.0657 0676  MsRPC - ok
14:20:18.0669 0676  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
14:20:18.0675 0676  mssmbios - ok
14:20:18.0685 0676  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:20:18.0717 0676  MSTEE - ok
14:20:18.0728 0676  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
14:20:18.0736 0676  MTConfig - ok
14:20:18.0745 0676  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:20:18.0751 0676  Mup - ok
14:20:18.0768 0676  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:20:18.0798 0676  napagent - ok
14:20:18.0820 0676  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:20:18.0840 0676  NativeWifiP - ok
14:20:18.0880 0676  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:20:18.0895 0676  NDIS - ok
14:20:18.0915 0676  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:20:18.0937 0676  NdisCap - ok
14:20:18.0944 0676  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:20:18.0966 0676  NdisTapi - ok
14:20:18.0979 0676  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:20:19.0009 0676  Ndisuio - ok
14:20:19.0018 0676  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:20:19.0048 0676  NdisWan - ok
14:20:19.0063 0676  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:20:19.0084 0676  NDProxy - ok
14:20:19.0091 0676  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:20:19.0117 0676  NetBIOS - ok
14:20:19.0127 0676  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:20:19.0149 0676  NetBT - ok
14:20:19.0169 0676  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:20:19.0177 0676  Netlogon - ok
14:20:19.0202 0676  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:20:19.0247 0676  Netman - ok
14:20:19.0303 0676  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:20:19.0318 0676  NetMsmqActivator - ok
14:20:19.0323 0676  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:20:19.0336 0676  NetPipeActivator - ok
14:20:19.0371 0676  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:20:19.0413 0676  netprofm - ok
14:20:19.0417 0676  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:20:19.0427 0676  NetTcpActivator - ok
14:20:19.0430 0676  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:20:19.0440 0676  NetTcpPortSharing - ok
14:20:19.0470 0676  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
14:20:19.0479 0676  nfrd960 - ok
14:20:19.0540 0676  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:20:19.0565 0676  NlaSvc - ok
14:20:19.0579 0676  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:20:19.0614 0676  Npfs - ok
14:20:19.0616 0676  npggsvc - ok
14:20:19.0618 0676  NPPTNT2 - ok
14:20:19.0640 0676  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:20:19.0662 0676  nsi - ok
14:20:19.0668 0676  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:20:19.0704 0676  nsiproxy - ok
14:20:19.0783 0676  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:20:19.0813 0676  Ntfs - ok
14:20:19.0826 0676  NTIOLib_1_0_C - ok
14:20:19.0834 0676  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:20:19.0880 0676  Null - ok
14:20:19.0908 0676  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:20:19.0915 0676  nvraid - ok
14:20:19.0945 0676  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:20:19.0952 0676  nvstor - ok
14:20:19.0962 0676  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:20:19.0969 0676  nv_agp - ok
14:20:19.0972 0676  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:20:19.0994 0676  ohci1394 - ok
14:20:20.0013 0676  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:20:20.0033 0676  p2pimsvc - ok
14:20:20.0054 0676  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:20:20.0074 0676  p2psvc - ok
14:20:20.0092 0676  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:20:20.0108 0676  Parport - ok
14:20:20.0125 0676  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:20:20.0133 0676  partmgr - ok
14:20:20.0146 0676  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:20:20.0164 0676  PcaSvc - ok
14:20:20.0175 0676  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:20:20.0184 0676  pci - ok
14:20:20.0193 0676  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:20:20.0200 0676  pciide - ok
14:20:20.0221 0676  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
14:20:20.0230 0676  pcmcia - ok
14:20:20.0243 0676  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:20:20.0250 0676  pcw - ok
14:20:20.0265 0676  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:20:20.0302 0676  PEAUTH - ok
14:20:20.0337 0676  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:20:20.0359 0676  PeerDistSvc - ok
14:20:20.0412 0676  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:20:20.0438 0676  PerfHost - ok
14:20:20.0482 0676  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:20:20.0533 0676  pla - ok
14:20:20.0571 0676  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:20:20.0598 0676  PlugPlay - ok
14:20:20.0614 0676  PnkBstrA - ok
14:20:20.0624 0676  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:20:20.0643 0676  PNRPAutoReg - ok
14:20:20.0654 0676  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:20:20.0668 0676  PNRPsvc - ok
14:20:20.0699 0676  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:20:20.0744 0676  PolicyAgent - ok
14:20:20.0770 0676  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:20:20.0813 0676  Power - ok
14:20:20.0839 0676  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:20:20.0867 0676  PptpMiniport - ok
14:20:20.0876 0676  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
14:20:20.0894 0676  Processor - ok
14:20:20.0936 0676  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:20:20.0958 0676  ProfSvc - ok
14:20:20.0967 0676  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:20:20.0977 0676  ProtectedStorage - ok
14:20:20.0995 0676  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:20:21.0034 0676  Psched - ok
14:20:21.0090 0676  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
14:20:21.0118 0676  ql2300 - ok
14:20:21.0130 0676  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
14:20:21.0138 0676  ql40xx - ok
14:20:21.0166 0676  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:20:21.0179 0676  QWAVE - ok
14:20:21.0186 0676  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:20:21.0207 0676  QWAVEdrv - ok
14:20:21.0222 0676  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:20:21.0245 0676  RasAcd - ok
14:20:21.0270 0676  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:20:21.0292 0676  RasAgileVpn - ok
14:20:21.0299 0676  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:20:21.0330 0676  RasAuto - ok
14:20:21.0341 0676  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:20:21.0368 0676  Rasl2tp - ok
14:20:21.0405 0676  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:20:21.0442 0676  RasMan - ok
14:20:21.0451 0676  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:20:21.0484 0676  RasPppoe - ok
14:20:21.0493 0676  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:20:21.0522 0676  RasSstp - ok
14:20:21.0536 0676  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:20:21.0568 0676  rdbss - ok
14:20:21.0589 0676  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:20:21.0598 0676  rdpbus - ok
14:20:21.0606 0676  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:20:21.0628 0676  RDPCDD - ok
14:20:21.0652 0676  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:20:21.0660 0676  RDPDR - ok
14:20:21.0687 0676  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:20:21.0738 0676  RDPENCDD - ok
14:20:21.0761 0676  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:20:21.0782 0676  RDPREFMP - ok
14:20:21.0802 0676  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:20:21.0815 0676  RDPWD - ok
14:20:21.0831 0676  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:20:21.0838 0676  rdyboost - ok
14:20:21.0873 0676  [ EA569D48B2E755AF6D96F03F3335D98A ] Realtek11nSU    C:\Program Files (x86)\Realtek\11n USB Wireless LAN Utility\RtlService.exe
14:20:21.0884 0676  Realtek11nSU ( UnsignedFile.Multi.Generic ) - warning
14:20:21.0884 0676  Realtek11nSU - detected UnsignedFile.Multi.Generic (1)
14:20:21.0927 0676  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:20:21.0969 0676  RemoteAccess - ok
14:20:21.0993 0676  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:20:22.0040 0676  RemoteRegistry - ok
14:20:22.0051 0676  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:20:22.0082 0676  RpcEptMapper - ok
14:20:22.0093 0676  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:20:22.0106 0676  RpcLocator - ok
14:20:22.0123 0676  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:20:22.0147 0676  RpcSs - ok
14:20:22.0171 0676  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:20:22.0192 0676  rspndr - ok
14:20:22.0233 0676  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:20:22.0244 0676  RTL8167 - ok
14:20:22.0287 0676  [ B3F36B4B3F192EA87DDC119F3A0B3E45 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
14:20:22.0306 0676  RTL8192su - ok
14:20:22.0318 0676  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:20:22.0337 0676  s3cap - ok
14:20:22.0390 0676  [ 77A84B1FB7B5E492A560B97564AE6499 ] Said1109        C:\Windows\system32\DRIVERS\Said1109.sys
14:20:22.0402 0676  Said1109 - ok
14:20:22.0473 0676  [ 46B351B789DE0D95FE6B8B7318D5B4DF ] SaiK1109        C:\Windows\system32\DRIVERS\SaiK1109.sys
14:20:22.0487 0676  SaiK1109 - ok
14:20:22.0546 0676  [ CA2ED6629C654AA00B033E3675A4F13D ] SaiK1713        C:\Windows\system32\DRIVERS\SaiK1713.sys
14:20:22.0560 0676  SaiK1713 - ok
14:20:22.0631 0676  [ A7CEE5D110C7F07B20490398E673E4EA ] SaiMini         C:\Windows\system32\DRIVERS\SaiMini.sys
14:20:22.0643 0676  SaiMini - ok
14:20:22.0654 0676  [ 86BDC00D124A611F1ECA5681D5123E26 ] SaiNtBus        C:\Windows\system32\drivers\SaiBus.sys
14:20:22.0664 0676  SaiNtBus - ok
14:20:22.0699 0676  [ 2510B192A970122C7E7FAAE97CA51B29 ] SaiU1713        C:\Windows\system32\DRIVERS\SaiU1713.sys
14:20:22.0710 0676  SaiU1713 - ok
14:20:22.0715 0676  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:20:22.0728 0676  SamSs - ok
14:20:22.0742 0676  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:20:22.0753 0676  sbp2port - ok
14:20:22.0780 0676  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:20:22.0816 0676  SCardSvr - ok
14:20:22.0833 0676  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:20:22.0859 0676  scfilter - ok
14:20:22.0881 0676  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:20:22.0909 0676  Schedule - ok
14:20:22.0927 0676  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:20:22.0948 0676  SCPolicySvc - ok
14:20:22.0961 0676  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:20:22.0970 0676  SDRSVC - ok
14:20:23.0039 0676  [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
14:20:23.0060 0676  SDScannerService - ok
14:20:23.0100 0676  [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
14:20:23.0117 0676  SDUpdateService - ok
14:20:23.0126 0676  [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
14:20:23.0133 0676  SDWSCService - ok
14:20:23.0160 0676  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:20:23.0207 0676  secdrv - ok
14:20:23.0217 0676  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:20:23.0238 0676  seclogon - ok
14:20:23.0251 0676  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:20:23.0283 0676  SENS - ok
14:20:23.0293 0676  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:20:23.0310 0676  SensrSvc - ok
14:20:23.0381 0676  [ FA4C17148ED9AD06E27533E096B407A5 ] Sentinel        C:\Program Files (x86)\Mad Catz\Sentinel\Sentinel.exe
14:20:23.0392 0676  Sentinel ( UnsignedFile.Multi.Generic ) - warning
14:20:23.0392 0676  Sentinel - detected UnsignedFile.Multi.Generic (1)
14:20:23.0404 0676  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:20:23.0429 0676  Serenum - ok
14:20:23.0450 0676  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:20:23.0472 0676  Serial - ok
14:20:23.0502 0676  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
14:20:23.0515 0676  sermouse - ok
14:20:23.0537 0676  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:20:23.0571 0676  SessionEnv - ok
14:20:23.0574 0676  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:20:23.0585 0676  sffdisk - ok
14:20:23.0588 0676  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:20:23.0597 0676  sffp_mmc - ok
14:20:23.0600 0676  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:20:23.0612 0676  sffp_sd - ok
14:20:23.0614 0676  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
14:20:23.0621 0676  sfloppy - ok
14:20:23.0657 0676  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:20:23.0700 0676  ShellHWDetection - ok
14:20:23.0715 0676  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
14:20:23.0722 0676  SiSRaid2 - ok
14:20:23.0733 0676  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
14:20:23.0739 0676  SiSRaid4 - ok
14:20:23.0855 0676  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:20:23.0867 0676  SkypeUpdate - ok
14:20:23.0888 0676  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:20:23.0956 0676  Smb - ok
14:20:24.0001 0676  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:20:24.0029 0676  SNMPTRAP - ok
14:20:24.0041 0676  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:20:24.0053 0676  spldr - ok
14:20:24.0079 0676  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:20:24.0101 0676  Spooler - ok
14:20:24.0163 0676  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:20:24.0220 0676  sppsvc - ok
14:20:24.0232 0676  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:20:24.0257 0676  sppuinotify - ok
14:20:24.0299 0676  sptd - ok
14:20:24.0325 0676  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:20:24.0357 0676  srv - ok
14:20:24.0419 0676  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:20:24.0449 0676  srv2 - ok
14:20:24.0467 0676  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:20:24.0482 0676  srvnet - ok
14:20:24.0515 0676  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:20:24.0541 0676  SSDPSRV - ok
14:20:24.0552 0676  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:20:24.0574 0676  SstpSvc - ok
14:20:24.0628 0676  Steam Client Service - ok
14:20:24.0668 0676  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
14:20:24.0678 0676  stexstor - ok
14:20:24.0708 0676  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:20:24.0743 0676  stisvc - ok
14:20:24.0760 0676  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:20:24.0770 0676  storflt - ok
14:20:24.0792 0676  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
14:20:24.0813 0676  StorSvc - ok
14:20:24.0825 0676  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:20:24.0835 0676  storvsc - ok
14:20:24.0857 0676  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
14:20:24.0866 0676  swenum - ok
14:20:25.0008 0676  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
14:20:25.0035 0676  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
14:20:25.0036 0676  SwitchBoard - detected UnsignedFile.Multi.Generic (1)
14:20:25.0063 0676  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:20:25.0099 0676  swprv - ok
14:20:25.0131 0676  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:20:25.0159 0676  SysMain - ok
14:20:25.0171 0676  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:20:25.0183 0676  TabletInputService - ok
14:20:25.0187 0676  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:20:25.0210 0676  TapiSrv - ok
14:20:25.0216 0676  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:20:25.0239 0676  TBS - ok
14:20:25.0322 0676  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:20:25.0359 0676  Tcpip - ok
14:20:25.0405 0676  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:20:25.0437 0676  TCPIP6 - ok
14:20:25.0486 0676  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:20:25.0500 0676  tcpipreg - ok
14:20:25.0521 0676  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:20:25.0545 0676  TDPIPE - ok
14:20:25.0559 0676  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:20:25.0582 0676  TDTCP - ok
14:20:25.0608 0676  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:20:25.0643 0676  tdx - ok
14:20:25.0648 0676  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
14:20:25.0655 0676  TermDD - ok
14:20:25.0680 0676  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:20:25.0721 0676  TermService - ok
14:20:25.0737 0676  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:20:25.0749 0676  Themes - ok
14:20:25.0772 0676  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:20:25.0798 0676  THREADORDER - ok
14:20:25.0807 0676  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:20:25.0834 0676  TrkWks - ok
14:20:25.0878 0676  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:20:25.0911 0676  TrustedInstaller - ok
14:20:25.0929 0676  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:20:25.0961 0676  tssecsrv - ok
14:20:25.0976 0676  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:20:25.0984 0676  TsUsbFlt - ok
14:20:25.0995 0676  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
14:20:26.0002 0676  TsUsbGD - ok
14:20:26.0017 0676  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:20:26.0050 0676  tunnel - ok
14:20:26.0053 0676  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
14:20:26.0059 0676  uagp35 - ok
14:20:26.0073 0676  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:20:26.0104 0676  udfs - ok
14:20:26.0119 0676  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:20:26.0139 0676  UI0Detect - ok
14:20:26.0146 0676  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:20:26.0152 0676  uliagpkx - ok
14:20:26.0164 0676  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:20:26.0183 0676  umbus - ok
14:20:26.0193 0676  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
14:20:26.0211 0676  UmPass - ok
14:20:26.0234 0676  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:20:26.0255 0676  UmRdpService - ok
14:20:26.0324 0676  [ 1D2596FE2D7CF36C6F5F0D6B71E90E1E ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:20:26.0353 0676  UNS - ok
14:20:26.0369 0676  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:20:26.0402 0676  upnphost - ok
14:20:26.0430 0676  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:20:26.0436 0676  USBAAPL64 - ok
14:20:26.0455 0676  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:20:26.0475 0676  usbaudio - ok
14:20:26.0505 0676  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:20:26.0512 0676  usbccgp - ok
14:20:26.0543 0676  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:20:26.0552 0676  usbcir - ok
14:20:26.0565 0676  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
14:20:26.0578 0676  usbehci - ok
14:20:26.0600 0676  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:20:26.0614 0676  usbhub - ok
14:20:26.0628 0676  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:20:26.0642 0676  usbohci - ok
14:20:26.0649 0676  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\drivers\usbprint.sys
14:20:26.0662 0676  usbprint - ok
14:20:26.0673 0676  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:20:26.0687 0676  USBSTOR - ok
14:20:26.0699 0676  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
14:20:26.0717 0676  usbuhci - ok
14:20:26.0739 0676  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:20:26.0772 0676  UxSms - ok
14:20:26.0786 0676  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:20:26.0792 0676  VaultSvc - ok
14:20:26.0818 0676  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:20:26.0823 0676  vdrvroot - ok
14:20:26.0837 0676  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:20:26.0861 0676  vds - ok
14:20:26.0872 0676  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:20:26.0880 0676  vga - ok
14:20:26.0882 0676  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:20:26.0915 0676  VgaSave - ok
14:20:26.0923 0676  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:20:26.0931 0676  vhdmp - ok
14:20:26.0943 0676  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:20:26.0949 0676  viaide - ok
14:20:26.0974 0676  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:20:26.0981 0676  vmbus - ok
14:20:26.0993 0676  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:20:27.0011 0676  VMBusHID - ok
14:20:27.0023 0676  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:20:27.0030 0676  volmgr - ok
14:20:27.0041 0676  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:20:27.0050 0676  volmgrx - ok
14:20:27.0059 0676  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:20:27.0067 0676  volsnap - ok
14:20:27.0089 0676  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
14:20:27.0096 0676  vsmraid - ok
14:20:27.0141 0676  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:20:27.0184 0676  VSS - ok
14:20:27.0281 0676  [ 4B817450226F93C31ADD5BCC27FED27A ] vToolbarUpdater15.2.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
14:20:27.0304 0676  vToolbarUpdater15.2.0 - ok
14:20:27.0329 0676  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
14:20:27.0342 0676  vwifibus - ok
14:20:27.0357 0676  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
14:20:27.0379 0676  vwififlt - ok
14:20:27.0419 0676  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:20:27.0465 0676  W32Time - ok
14:20:27.0474 0676  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
14:20:27.0481 0676  WacomPen - ok
14:20:27.0506 0676  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:20:27.0533 0676  WANARP - ok
14:20:27.0541 0676  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:20:27.0563 0676  Wanarpv6 - ok
14:20:27.0592 0676  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:20:27.0615 0676  wbengine - ok
14:20:27.0629 0676  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:20:27.0640 0676  WbioSrvc - ok
14:20:27.0645 0676  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:20:27.0666 0676  wcncsvc - ok
14:20:27.0680 0676  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:20:27.0694 0676  WcsPlugInService - ok
14:20:27.0711 0676  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
14:20:27.0723 0676  Wd - ok
14:20:27.0747 0676  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:20:27.0768 0676  Wdf01000 - ok
14:20:27.0777 0676  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:20:27.0807 0676  WdiServiceHost - ok
14:20:27.0809 0676  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:20:27.0819 0676  WdiSystemHost - ok
14:20:27.0830 0676  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:20:27.0853 0676  WebClient - ok
14:20:27.0870 0676  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:20:27.0902 0676  Wecsvc - ok
14:20:27.0925 0676  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:20:27.0948 0676  wercplsupport - ok
14:20:27.0983 0676  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:20:28.0005 0676  WerSvc - ok
14:20:28.0039 0676  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:20:28.0074 0676  WfpLwf - ok
14:20:28.0084 0676  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:20:28.0091 0676  WIMMount - ok
14:20:28.0103 0676  WinHttpAutoProxySvc - ok
14:20:28.0135 0676  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:20:28.0162 0676  Winmgmt - ok
14:20:28.0200 0676  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:20:28.0240 0676  WinRM - ok
14:20:28.0288 0676  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:20:28.0315 0676  WinUsb - ok
14:20:28.0350 0676  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:20:28.0394 0676  Wlansvc - ok
14:20:28.0578 0676  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:20:28.0616 0676  wlidsvc - ok
14:20:28.0648 0676  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:20:28.0658 0676  WmiAcpi - ok
14:20:28.0679 0676  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:20:28.0702 0676  wmiApSrv - ok
14:20:28.0718 0676  WMPNetworkSvc - ok
14:20:28.0733 0676  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:20:28.0748 0676  WPCSvc - ok
14:20:28.0755 0676  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:20:28.0772 0676  WPDBusEnum - ok
14:20:28.0783 0676  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:20:28.0819 0676  ws2ifsl - ok
14:20:28.0830 0676  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:20:28.0849 0676  wscsvc - ok
14:20:28.0851 0676  WSearch - ok
14:20:28.0906 0676  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:20:28.0920 0676  WudfPf - ok
14:20:28.0950 0676  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:20:28.0969 0676  WUDFRd - ok
14:20:29.0024 0676  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:20:29.0047 0676  wudfsvc - ok
14:20:29.0105 0676  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:20:29.0123 0676  WwanSvc - ok
14:20:29.0147 0676  ================ Scan global ===============================
14:20:29.0172 0676  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:20:29.0231 0676  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:20:29.0239 0676  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:20:29.0257 0676  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:20:29.0299 0676  [ 2F46C1760C531EB2B181F9076E552E8A ] C:\Windows\system32\services.exe
14:20:29.0304 0676  [Global] - ok
14:20:29.0305 0676  ================ Scan MBR ==================================
14:20:29.0332 0676  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:20:29.0545 0676  \Device\Harddisk0\DR0 - ok
14:20:29.0546 0676  ================ Scan VBR ==================================
14:20:29.0548 0676  [ 8F7BE01F6CE49A79B09F95E527F8B1A7 ] \Device\Harddisk0\DR0\Partition1
14:20:29.0550 0676  \Device\Harddisk0\DR0\Partition1 - ok
14:20:29.0550 0676  ============================================================
14:20:29.0550 0676  Scan finished
14:20:29.0550 0676  ============================================================
14:20:29.0562 5744  Detected object count: 3
14:20:29.0562 5744  Actual detected object count: 3
14:20:36.0539 5744  Realtek11nSU ( UnsignedFile.Multi.Generic ) - skipped by user
14:20:36.0539 5744  Realtek11nSU ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:20:36.0541 5744  Sentinel ( UnsignedFile.Multi.Generic ) - skipped by user
14:20:36.0541 5744  Sentinel ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:20:36.0542 5744  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
14:20:36.0542 5744  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:20:43.0219 3116  Deinitialize success

Nein leider passiert bei den anderen zoek's überhaupt nichts

Ich wollte ja eigentlich nichts alleine Unternehmen aber ich habe einmal sicherheitshalber die services.exe mit AVG überprüft und AVG meldet jetzt nichts mehr... also schonmal Danke soweit

smeenk · 23.05.2013, 13:32

Die Log von TDSSKiller sieht jetzt auch sauber aus

Ich versuche immer Fehler zu verstehen, aber dieses mal bei Zoek.exe habe ich keine ahnung.

Setzen wir etwas anderes ein:

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Florian_Ice · 23.05.2013, 14:05

So, hier das Malwarebytes Log

Code:

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.23.05

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
IceShock :: ICESHOCK-PC [Administrator]

Schutz: Aktiviert

23.05.2013 14:42:27
mbam-log-2013-05-23 (14-42-27).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 220876
Laufzeit: 4 Minute(n), 56 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\IceShock\AppData\Local\Temp\msimg32.dll (Trojan.Injector.HE) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\IceShock\Downloads\2012.exe (PUP.Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)

Und hier das vom AdwCleaner

Code:

ATTFilter

# AdwCleaner v2.301 - Datei am 23/05/2013 um 14:56:49 erstellt
# Aktualisiert am 16/05/2013 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : IceShock - ICESHOCK-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\IceShock\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\searchplugins\delta.xml
Gelöscht mit Neustart : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\IceShock\AppData\Local\AVG Secure Search
Ordner Gelöscht : C:\Users\IceShock\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\IceShock\AppData\LocalLow\AVG Secure Search
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\extensions\plugin@yontoo.com
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\jetpack
Ordner Gelöscht : C:\Users\IceShock\AppData\Roaming\Yontoo

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5f578bd1b23cb810
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Yontoo Desktop]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{acaa314b-eeba-48e4-ad47-84e31c44796c}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16576

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www1.delta-search.com/?affID=119781&tt=gc_&babsrc=HP_ss&mntrId=4AE88C89A58334B8 --> hxxp://www.google.com

-\\ Mozilla Firefox v20.0.1 (de)

Datei : C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\prefs.js

C:\Users\IceShock\AppData\Roaming\Mozilla\Firefox\Profiles\ym4wpztj.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "en");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "4ae860da0000000000008c89a58334b8");
Gelöscht : user_pref("extensions.delta.instlDay", "15842");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.0");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.020:14:41");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.0");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119781&tt=gc_");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Gelöscht : user_pref("extentions.y2layers.installId", "bbe40e77-1c56-4922-8cec-bc402e8f5467");

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\IceShock\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[S1].txt - [13049 octets] - [23/05/2013 14:56:49]

########## EOF - C:\AdwCleaner[S1].txt - [13110 octets] ##########

smeenk · 23.05.2013, 14:32

Da wurde noch einiges gelöscht bei die beiden Tools

Downloade Dir diese Anhang: http://www.trojaner-board.de/attachm...1&d=1369315540
Speichere es auf dem Desktop.
Rechtsklicke check.bat und wähle "als Administrator ausführen"
Warte bis ein Log öffnet und poste mir das Log zur kontrolle.

Florian_Ice · 23.05.2013, 14:42

So, hier ist das Log

Code:

ATTFilter

 Volume in Laufwerk C: hat keine Bezeichnung.
 Volumeseriennummer: 4AE8-60DA

 Verzeichnis von C:\

14.07.2009  07:08    <VERBINDUNG>   Documents and Settings [C:\Users]
08.11.2012  17:29    <VERBINDUNG>   Dokumente und Einstellungen [C:\Users]
08.11.2012  17:29    <VERBINDUNG>   Programme [C:\Program Files]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Program Files

08.11.2012  17:29    <VERBINDUNG>   Gemeinsame Dateien [C:\Program Files\Common Files]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Program Files\Windows Defender

12.04.2011  09:43    <SYMLINKD>     de-DE [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpAsDesc.dll [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpClient.dll [c:\windows\system32\config]
14.07.2009  03:39    <SYMLINK>      MpCmdRun.exe [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpCommu.dll [c:\windows\system32\config]
14.07.2009  03:29    <SYMLINK>      MpEvMsg.dll [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpOAV.dll [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpRTP.dll [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MpSvc.dll [c:\windows\system32\config]
14.07.2009  03:39    <SYMLINK>      MSASCui.exe [c:\windows\system32\config]
21.11.2010  05:24    <SYMLINK>      MsMpCom.dll [c:\windows\system32\config]
14.07.2009  03:29    <SYMLINK>      MsMpLics.dll [c:\windows\system32\config]
14.07.2009  03:41    <SYMLINK>      MsMpRes.dll [c:\windows\system32\config]
              12 Datei(en),      3.919.360 Bytes

 Verzeichnis von C:\Program Files\Windows NT

08.11.2012  17:29    <VERBINDUNG>   Zubeh”r [C:\Program Files\Windows NT\Accessories]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\ProgramData

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\ProgramData]
14.07.2009  07:08    <VERBINDUNG>   Application Data [C:\ProgramData]
14.07.2009  07:08    <VERBINDUNG>   Desktop [C:\Users\Public\Desktop]
14.07.2009  07:08    <VERBINDUNG>   Documents [C:\Users\Public\Documents]
08.11.2012  17:29    <VERBINDUNG>   Dokumente [C:\Users\Public\Documents]
08.11.2012  17:29    <VERBINDUNG>   Favoriten [C:\Users\Public\Favorites]
14.07.2009  07:08    <VERBINDUNG>   Favorites [C:\Users\Public\Favorites]
14.07.2009  07:08    <VERBINDUNG>   Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08.11.2012  17:29    <VERBINDUNG>   Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009  07:08    <VERBINDUNG>   Templates [C:\ProgramData\Microsoft\Windows\Templates]
08.11.2012  17:29    <VERBINDUNG>   Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\ProgramData\Microsoft\Windows\Start Menu

08.11.2012  17:29    <VERBINDUNG>   Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users

14.07.2009  07:08    <SYMLINKD>     All Users [C:\ProgramData]
14.07.2009  07:08    <VERBINDUNG>   Default User [C:\Users\Default]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\All Users

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\ProgramData]
14.07.2009  07:08    <VERBINDUNG>   Application Data [C:\ProgramData]
14.07.2009  07:08    <VERBINDUNG>   Desktop [C:\Users\Public\Desktop]
14.07.2009  07:08    <VERBINDUNG>   Documents [C:\Users\Public\Documents]
08.11.2012  17:29    <VERBINDUNG>   Dokumente [C:\Users\Public\Documents]
08.11.2012  17:29    <VERBINDUNG>   Favoriten [C:\Users\Public\Favorites]
14.07.2009  07:08    <VERBINDUNG>   Favorites [C:\Users\Public\Favorites]
14.07.2009  07:08    <VERBINDUNG>   Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
08.11.2012  17:29    <VERBINDUNG>   Startmen [C:\ProgramData\Microsoft\Windows\Start Menu]
14.07.2009  07:08    <VERBINDUNG>   Templates [C:\ProgramData\Microsoft\Windows\Templates]
08.11.2012  17:29    <VERBINDUNG>   Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\All Users\Microsoft\Windows\Start Menu

08.11.2012  17:29    <VERBINDUNG>   Programme [C:\ProgramData\Microsoft\Windows\Start Menu\Programs]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Default

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\Users\Default\AppData\Roaming]
14.07.2009  07:08    <VERBINDUNG>   Application Data [C:\Users\Default\AppData\Roaming]
14.07.2009  07:08    <VERBINDUNG>   Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
08.11.2012  17:29    <VERBINDUNG>   Druckumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08.11.2012  17:29    <VERBINDUNG>   Eigene Dateien [C:\Users\Default\Documents]
14.07.2009  07:08    <VERBINDUNG>   Local Settings [C:\Users\Default\AppData\Local]
08.11.2012  17:29    <VERBINDUNG>   Lokale Einstellungen [C:\Users\Default\AppData\Local]
14.07.2009  07:08    <VERBINDUNG>   My Documents [C:\Users\Default\Documents]
14.07.2009  07:08    <VERBINDUNG>   NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08.11.2012  17:29    <VERBINDUNG>   Netzwerkumgebung [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
14.07.2009  07:08    <VERBINDUNG>   PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
14.07.2009  07:08    <VERBINDUNG>   Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
14.07.2009  07:08    <VERBINDUNG>   SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
14.07.2009  07:08    <VERBINDUNG>   Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
08.11.2012  17:29    <VERBINDUNG>   Startmen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
14.07.2009  07:08    <VERBINDUNG>   Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
08.11.2012  17:29    <VERBINDUNG>   Vorlagen [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Default\AppData\Local

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\Users\Default\AppData\Local]
14.07.2009  07:08    <VERBINDUNG>   Application Data [C:\Users\Default\AppData\Local]
14.07.2009  07:08    <VERBINDUNG>   History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
14.07.2009  07:08    <VERBINDUNG>   Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
08.11.2012  17:29    <VERBINDUNG>   Verlauf [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu

08.11.2012  17:29    <VERBINDUNG>   Programme [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Default\Documents

08.11.2012  17:29    <VERBINDUNG>   Eigene Bilder [C:\Users\Default\Pictures]
08.11.2012  17:29    <VERBINDUNG>   Eigene Musik [C:\Users\Default\Music]
08.11.2012  17:29    <VERBINDUNG>   Eigene Videos [C:\Users\Default\Videos]
14.07.2009  07:08    <VERBINDUNG>   My Music [C:\Users\Default\Music]
14.07.2009  07:08    <VERBINDUNG>   My Pictures [C:\Users\Default\Pictures]
14.07.2009  07:08    <VERBINDUNG>   My Videos [C:\Users\Default\Videos]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\IceShock

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\Users\IceShock\AppData\Roaming]
08.11.2012  17:29    <VERBINDUNG>   Cookies [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Cookies]
08.11.2012  17:29    <VERBINDUNG>   Druckumgebung [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08.11.2012  17:29    <VERBINDUNG>   Eigene Dateien [C:\Users\IceShock\Documents]
08.11.2012  17:29    <VERBINDUNG>   Lokale Einstellungen [C:\Users\IceShock\AppData\Local]
08.11.2012  17:29    <VERBINDUNG>   Netzwerkumgebung [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08.11.2012  17:29    <VERBINDUNG>   Recent [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Recent]
08.11.2012  17:29    <VERBINDUNG>   SendTo [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\SendTo]
08.11.2012  17:29    <VERBINDUNG>   Startmen [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu]
08.11.2012  17:29    <VERBINDUNG>   Vorlagen [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Templates]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\IceShock\AppData\Local

08.11.2012  17:29    <VERBINDUNG>   Anwendungsdaten [C:\Users\IceShock\AppData\Local]
08.11.2012  17:29    <VERBINDUNG>   Temporary Internet Files [C:\Users\IceShock\AppData\Local\Microsoft\Windows\Temporary Internet Files]
08.11.2012  17:29    <VERBINDUNG>   Verlauf [C:\Users\IceShock\AppData\Local\Microsoft\Windows\History]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu

08.11.2012  17:29    <VERBINDUNG>   Programme [C:\Users\IceShock\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\IceShock\Documents

08.11.2012  17:29    <VERBINDUNG>   Eigene Bilder [C:\Users\IceShock\Pictures]
08.11.2012  17:29    <VERBINDUNG>   Eigene Musik [C:\Users\IceShock\Music]
08.11.2012  17:29    <VERBINDUNG>   Eigene Videos [C:\Users\IceShock\Videos]
               0 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Public\Documents

08.11.2012  17:29    <VERBINDUNG>   Eigene Bilder [C:\Users\Public\Pictures]
08.11.2012  17:29    <VERBINDUNG>   Eigene Musik [C:\Users\Public\Music]
08.11.2012  17:29    <VERBINDUNG>   Eigene Videos [C:\Users\Public\Videos]
14.07.2009  07:08    <VERBINDUNG>   My Music [C:\Users\Public\Music]
14.07.2009  07:08    <VERBINDUNG>   My Pictures [C:\Users\Public\Pictures]
14.07.2009  07:08    <VERBINDUNG>   My Videos [C:\Users\Public\Videos]
               0 Datei(en),              0 Bytes

     Anzahl der angezeigten Dateien:
              12 Datei(en),      3.919.360 Bytes
              84 Verzeichnis(se), 75.091.283.968 Bytes frei

smeenk · 23.05.2013, 14:55

Mach jetzt folgendes:

Downloade Dir diese Anhang: http://www.trojaner-board.de/attachm...1&d=1369317313
Speichere es auf dem Desktop.
Rechtsklicke fixit.bat und wähle "als Administrator ausführen"
Warte bis ein Log öffnet und poste mir das Log zur kontrolle.

22.05.2013, 19:50	#5
smeenk /// Malwareteam / Visitor	$C:\Windows\System32\services.exe Infiziert! - Standard$ C:\Windows\System32\services.exe Infiziert! Starte TDSSKiler nochmals und wahle Cure bei untenstehende Fund: ( Virus.Win64.ZAccess.a ) Poste mir die neue Log-Datei zur Kontrolle. Versuch Zoek.exe nochmals zu starten aber jetzt mit Doppelklick, vielleicht geht es dann

22.05.2013, 19:59	#7
smeenk /// Malwareteam / Visitor	$C:\Windows\System32\services.exe Infiziert! - Standard$ C:\Windows\System32\services.exe Infiziert! OK bis morgen Du kannst eventuell diese Zip-Datei nochmal versuchen: http://www.hijackthis.nl/smeenk/140912/zoek.zip Das sind umbenannte versionen von Zoek.exe Manchmal klappt so etwas dann doch.

23.05.2013, 13:16	#9
smeenk /// Malwareteam / Visitor	$C:\Windows\System32\services.exe Infiziert! - Standard$ C:\Windows\System32\services.exe Infiziert! Mach erneut ein Scan mit TDSSKiller und poste mir der neue Log. Diese umbenannte Zoek-Dateien im Zip geben das gleiche Fehlermeldung?: http://www.hijackthis.nl/smeenk/140912/zoek.zip

C:\Windows\System32\services.exe Infiziert!

Plagegeister aller Art und deren Bekämpfung: C:\Windows\System32\services.exe Infiziert!