Weiterleitung auf bet-at.home.com

MarieJo · 31.05.2013, 20:22

Hallo,

also ich nutze Windows 8 64-Bit und Firefox in der Version 21. Seit einigen Tagen habe ich das Problem, dass ich beim surfen immer mal wieder auf die Seite bet-at.home.com geleitet werde. Z.B. schreibe ich wie hier gerade etwas oder stöbere auf einer x-beliebigen Seite, da wird plötzlich diese Wettseite im Tab geladen. Ob das Problem auf Firefox begrenzt ist, kann ich allerdings nicht mit Sicherheit sagen. Ich nutze den IE nur sehr selten und bisher kam es hier zu keiner Weiterleitung.

Anbei die benötigten Logfiles

Vielen Dank für Eure Hilfe!

cosinus · 31.05.2013, 21:01

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

MarieJo · 31.05.2013, 22:12

Hallo Cosinus,

ich hatte die Logs zuerst in den Beitrag gepostet und erhielt dann die Meldung, dass ich sie in ein Archiv packen und dem Beitrag anhängen soll.

Ein vorhandenes Log von gestern habe ich noch. (Malwarebytes)

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.05.30.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16580
Jörg :: HAUPTRECHNER [Administrator]

30.05.2013 21:00:52
MBAM-log-2013-05-31 (01-50-40).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|M:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1026474
Laufzeit: 4 Stunde(n), 45 Minute(n), 28 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 11
C:\Users\Jörg\Documents\{D20994A2-6F87-4708-A186-3C3993827908}.7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
C:\Users\Jörg\Documents\Parkverbot\{D20994A2-6F87-4708-A186-3C3993827908}.7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
D:\Downloads\produkey_setup.exe (PUP.PSWTool.ProductKey) -> Keine Aktion durchgeführt.
D:\FileHistory\Jörg\HAUPTRECHNER\Data\C\Users\Jörg\Documents\{D20994A2-6F87-4708-A186-3C3993827908} (2013_03_10 14_56_08 UTC).7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
D:\FileHistory\Jörg\HAUPTRECHNER\Data\C\Users\Jörg\Documents\Parkverbot\{D20994A2-6F87-4708-A186-3C3993827908} (2013_03_10 14_56_08 UTC).7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
H:\Users\Jörg\Documents\{D20994A2-6F87-4708-A186-3C3993827908}.7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
H:\Users\Jörg\Documents\Parkverbot\{D20994A2-6F87-4708-A186-3C3993827908}.7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
M:\Boot\pantsoff.exe (PUP.Pantsoff.PasswordFinder) -> Keine Aktion durchgeführt.
M:\Büro 2\Kreditkarte\pantsoff.exe (PUP.Pantsoff.PasswordFinder) -> Keine Aktion durchgeführt.
M:\FileHistory\Jörg\HAUPTRECHNER\Data\C\Users\Jörg\Documents\{D20994A2-6F87-4708-A186-3C3993827908} (2013_01_19 20_12_53 UTC).7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.
M:\FileHistory\Jörg\HAUPTRECHNER\Data\C\Users\Jörg\Documents\Parkverbot\{D20994A2-6F87-4708-A186-3C3993827908} (2013_01_19 20_12_53 UTC).7z (Trojan.P2P.Worm) -> Keine Aktion durchgeführt.


(Ende)

cosinus · 01.06.2013, 00:22

Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten

MBAR (Malwarebytes Anti-Rootkit)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

MarieJo · 17.07.2013, 20:27

Hallo,

hat ein bisschen gedauert. Hier die Logs MBAR und TDSS-Killer.
aswMBR stürzt immer wieder ab, sobald der Service WinDefend c:\Programm Files gescannt wird.

MBAR:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.17.06

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Jörg :: HAUPTRECHNER [administrator]

17.07.2013 19:25:04
mbar-log-2013-07-17 (19-25-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 321850
Time elapsed: 21 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

TDSS-Killer:

Code:

ATTFilter

21:10:53.0166 2976  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
21:10:53.0326 2976  ============================================================
21:10:53.0326 2976  Current date / time: 2013/07/17 21:10:53.0326
21:10:53.0326 2976  SystemInfo:
21:10:53.0326 2976  
21:10:53.0326 2976  OS Version: 6.2.9200 ServicePack: 0.0
21:10:53.0326 2976  Product type: Workstation
21:10:53.0326 2976  ComputerName: HAUPTRECHNER
21:10:53.0326 2976  UserName: Jörg
21:10:53.0326 2976  Windows directory: C:\Windows
21:10:53.0326 2976  System windows directory: C:\Windows
21:10:53.0326 2976  Running under WOW64
21:10:53.0326 2976  Processor architecture: Intel x64
21:10:53.0326 2976  Number of processors: 2
21:10:53.0326 2976  Page size: 0x1000
21:10:53.0326 2976  Boot type: Normal boot
21:10:53.0326 2976  ============================================================
21:10:54.0352 2976  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:10:54.0362 2976  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:10:54.0362 2976  ============================================================
21:10:54.0362 2976  \Device\Harddisk0\DR0:
21:10:54.0362 2976  MBR partitions:
21:10:54.0362 2976  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC03D02F
21:10:54.0362 2976  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC03D800, BlocksNum 0xBFDA800
21:10:54.0362 2976  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x18018000, BlocksNum 0x1387FF8
21:10:54.0392 2976  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x193A0800, BlocksNum 0x3E24800
21:10:54.0392 2976  \Device\Harddisk1\DR1:
21:10:54.0392 2976  MBR partitions:
21:10:54.0392 2976  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC02802F
21:10:54.0392 2976  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC028800, BlocksNum 0xBFEF800
21:10:54.0392 2976  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x18018010, BlocksNum 0x3D7710A
21:10:54.0412 2976  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x1BD8F800, BlocksNum 0x14347F8
21:10:54.0412 2976  ============================================================
21:10:54.0432 2976  C: <-> \Device\Harddisk1\DR1\Partition1
21:10:54.0442 2976  D: <-> \Device\Harddisk0\DR0\Partition4
21:10:54.0522 2976  E: <-> \Device\Harddisk1\DR1\Partition4
21:10:54.0562 2976  F: <-> \Device\Harddisk0\DR0\Partition2
21:10:54.0602 2976  G: <-> \Device\Harddisk0\DR0\Partition3
21:10:54.0642 2976  H: <-> \Device\Harddisk1\DR1\Partition2
21:10:54.0672 2976  I: <-> \Device\Harddisk1\DR1\Partition3
21:10:54.0712 2976  M: <-> \Device\Harddisk0\DR0\Partition1
21:10:54.0712 2976  ============================================================
21:10:54.0712 2976  Initialize success
21:10:54.0712 2976  ============================================================
21:10:57.0152 7132  ============================================================
21:10:57.0152 7132  Scan started
21:10:57.0152 7132  Mode: Manual; 
21:10:57.0152 7132  ============================================================
21:10:59.0782 7132  ================ Scan system memory ========================
21:10:59.0782 7132  System memory - ok
21:10:59.0782 7132  ================ Scan services =============================
21:11:00.0002 7132  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
21:11:00.0012 7132  1394ohci - ok
21:11:00.0042 7132  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
21:11:00.0042 7132  3ware - ok
21:11:00.0112 7132  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:11:00.0122 7132  ACPI - ok
21:11:00.0152 7132  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
21:11:00.0152 7132  acpiex - ok
21:11:00.0172 7132  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
21:11:00.0172 7132  acpipagr - ok
21:11:00.0202 7132  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
21:11:00.0202 7132  AcpiPmi - ok
21:11:00.0212 7132  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
21:11:00.0212 7132  acpitime - ok
21:11:00.0292 7132  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
21:11:00.0292 7132  Adobe LM Service - ok
21:11:00.0402 7132  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:11:00.0402 7132  AdobeFlashPlayerUpdateSvc - ok
21:11:00.0432 7132  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:11:00.0442 7132  adp94xx - ok
21:11:00.0462 7132  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:11:00.0462 7132  adpahci - ok
21:11:00.0482 7132  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:11:00.0482 7132  adpu320 - ok
21:11:00.0522 7132  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:11:00.0522 7132  AeLookupSvc - ok
21:11:00.0572 7132  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
21:11:00.0582 7132  AFD - ok
21:11:00.0602 7132  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:11:00.0612 7132  agp440 - ok
21:11:00.0642 7132  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
21:11:00.0642 7132  ALG - ok
21:11:00.0672 7132  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:11:00.0672 7132  AllUserInstallAgent - ok
21:11:00.0702 7132  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
21:11:00.0702 7132  AmdK8 - ok
21:11:00.0742 7132  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
21:11:00.0742 7132  AmdPPM - ok
21:11:00.0752 7132  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:11:00.0752 7132  amdsata - ok
21:11:00.0772 7132  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:11:00.0782 7132  amdsbs - ok
21:11:00.0792 7132  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:11:00.0830 7132  amdxata - ok
21:11:00.0862 7132  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
21:11:00.0862 7132  AppID - ok
21:11:00.0912 7132  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:11:00.0912 7132  AppIDSvc - ok
21:11:00.0962 7132  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
21:11:00.0982 7132  Appinfo - ok
21:11:01.0022 7132  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:11:01.0022 7132  AppMgmt - ok
21:11:01.0042 7132  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
21:11:01.0042 7132  arc - ok
21:11:01.0062 7132  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:11:01.0062 7132  arcsas - ok
21:11:01.0072 7132  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:11:01.0072 7132  AsyncMac - ok
21:11:01.0092 7132  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:11:01.0092 7132  atapi - ok
21:11:01.0132 7132  [ 4ECC791539F23982411864037D1AC8FC ] AthDfu          C:\Windows\System32\Drivers\AthDfu.sys
21:11:01.0132 7132  AthDfu - ok
21:11:01.0162 7132  [ 51B7849747A0582096A41A366454E88E ] AtherosSvc      C:\Windows\system32\AdminService.exe
21:11:01.0162 7132  AtherosSvc - ok
21:11:01.0202 7132  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:11:01.0222 7132  AudioEndpointBuilder - ok
21:11:01.0272 7132  [ 810F30FF8490ED5ED510621DF10DE320 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:11:01.0316 7132  Audiosrv - ok
21:11:01.0347 7132  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:11:01.0350 7132  AxInstSV - ok
21:11:01.0383 7132  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
21:11:01.0403 7132  b06bdrv - ok
21:11:01.0423 7132  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
21:11:01.0423 7132  BasicDisplay - ok
21:11:01.0443 7132  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
21:11:01.0443 7132  BasicRender - ok
21:11:01.0483 7132  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:11:01.0483 7132  BDESVC - ok
21:11:01.0513 7132  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:11:01.0513 7132  Beep - ok
21:11:01.0583 7132  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
21:11:01.0593 7132  BFE - ok
21:11:01.0643 7132  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
21:11:01.0663 7132  BITS - ok
21:11:01.0673 7132  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:11:01.0673 7132  bowser - ok
21:11:01.0693 7132  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:11:01.0703 7132  BrokerInfrastructure - ok
21:11:01.0723 7132  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
21:11:01.0723 7132  Browser - ok
21:11:01.0763 7132  [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
21:11:01.0773 7132  BtFilter - ok
21:11:01.0813 7132  [ F17DEEAC7D51D44CF1BFF8DD4F0A2B6D ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
21:11:01.0813 7132  BthAvrcpTg - ok
21:11:01.0853 7132  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
21:11:01.0863 7132  BthEnum - ok
21:11:01.0883 7132  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
21:11:01.0883 7132  BthHFEnum - ok
21:11:01.0923 7132  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
21:11:01.0923 7132  bthhfhid - ok
21:11:01.0943 7132  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
21:11:01.0943 7132  BTHMODEM - ok
21:11:02.0003 7132  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:11:02.0003 7132  BthPan - ok
21:11:02.0063 7132  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
21:11:02.0153 7132  BTHPORT - ok
21:11:02.0193 7132  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
21:11:02.0223 7132  bthserv - ok
21:11:02.0243 7132  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
21:11:02.0263 7132  BTHUSB - ok
21:11:02.0293 7132  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:11:02.0293 7132  cdfs - ok
21:11:02.0313 7132  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
21:11:02.0323 7132  cdrom - ok
21:11:02.0359 7132  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:11:02.0359 7132  CertPropSvc - ok
21:11:02.0379 7132  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
21:11:02.0379 7132  circlass - ok
21:11:02.0399 7132  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
21:11:02.0409 7132  CLFS - ok
21:11:02.0459 7132  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
21:11:02.0459 7132  CmBatt - ok
21:11:02.0509 7132  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
21:11:02.0519 7132  CNG - ok
21:11:02.0549 7132  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
21:11:02.0549 7132  CompositeBus - ok
21:11:02.0559 7132  COMSysApp - ok
21:11:02.0579 7132  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
21:11:02.0579 7132  condrv - ok
21:11:02.0619 7132  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:11:02.0629 7132  CryptSvc - ok
21:11:02.0699 7132  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\Windows\system32\drivers\csc.sys
21:11:02.0719 7132  CSC - ok
21:11:02.0769 7132  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\Windows\System32\cscsvc.dll
21:11:02.0779 7132  CscService - ok
21:11:02.0819 7132  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
21:11:02.0839 7132  dam - ok
21:11:02.0889 7132  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:11:02.0899 7132  DcomLaunch - ok
21:11:02.0989 7132  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:11:02.0989 7132  defragsvc - ok
21:11:03.0039 7132  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
21:11:03.0039 7132  DeviceAssociationService - ok
21:11:03.0069 7132  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
21:11:03.0069 7132  DeviceInstall - ok
21:11:03.0099 7132  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
21:11:03.0109 7132  Dfsc - ok
21:11:03.0169 7132  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:11:03.0179 7132  Dhcp - ok
21:11:03.0209 7132  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
21:11:03.0209 7132  discache - ok
21:11:03.0229 7132  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
21:11:03.0239 7132  disk - ok
21:11:03.0249 7132  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
21:11:03.0249 7132  dmvsc - ok
21:11:03.0299 7132  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:11:03.0299 7132  Dnscache - ok
21:11:03.0339 7132  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
21:11:03.0349 7132  dot3svc - ok
21:11:03.0369 7132  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
21:11:03.0379 7132  DPS - ok
21:11:03.0409 7132  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:11:03.0409 7132  drmkaud - ok
21:11:03.0459 7132  [ BF48F32EE248C3D371DA5DC93BBEADA7 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
21:11:03.0459 7132  DsmSvc - ok
21:11:03.0519 7132  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:11:03.0539 7132  DXGKrnl - ok
21:11:03.0569 7132  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
21:11:03.0579 7132  Eaphost - ok
21:11:03.0739 7132  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
21:11:03.0789 7132  ebdrv - ok
21:11:03.0819 7132  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
21:11:03.0819 7132  EFS - ok
21:11:03.0849 7132  [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:11:03.0859 7132  ehRecvr - ok
21:11:03.0889 7132  [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched         C:\Windows\ehome\ehsched.exe
21:11:03.0889 7132  ehSched - ok
21:11:03.0929 7132  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
21:11:03.0929 7132  EhStorClass - ok
21:11:03.0939 7132  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:11:03.0949 7132  EhStorTcgDrv - ok
21:11:03.0959 7132  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
21:11:03.0959 7132  ErrDev - ok
21:11:04.0059 7132  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
21:11:04.0069 7132  EventSystem - ok
21:11:04.0089 7132  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:11:04.0089 7132  exfat - ok
21:11:04.0119 7132  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:11:04.0119 7132  fastfat - ok
21:11:04.0159 7132  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
21:11:04.0169 7132  Fax - ok
21:11:04.0199 7132  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
21:11:04.0199 7132  fdc - ok
21:11:04.0229 7132  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
21:11:04.0239 7132  fdPHost - ok
21:11:04.0259 7132  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
21:11:04.0259 7132  FDResPub - ok
21:11:04.0279 7132  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
21:11:04.0319 7132  fhsvc - ok
21:11:04.0339 7132  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:11:04.0339 7132  FileInfo - ok
21:11:04.0349 7132  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:11:04.0349 7132  Filetrace - ok
21:11:04.0359 7132  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
21:11:04.0369 7132  flpydisk - ok
21:11:04.0389 7132  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:11:04.0399 7132  FltMgr - ok
21:11:04.0459 7132  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
21:11:04.0479 7132  FontCache - ok
21:11:04.0579 7132  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:11:04.0599 7132  FontCache3.0.0.0 - ok
21:11:04.0629 7132  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:11:04.0649 7132  FsDepends - ok
21:11:04.0679 7132  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:11:04.0689 7132  Fs_Rec - ok
21:11:04.0819 7132  [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
21:11:04.0909 7132  fussvc - ok
21:11:04.0939 7132  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:11:04.0949 7132  fvevol - ok
21:11:04.0989 7132  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
21:11:04.0989 7132  FxPPM - ok
21:11:05.0019 7132  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:11:05.0019 7132  gagp30kx - ok
21:11:05.0069 7132  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
21:11:05.0069 7132  gencounter - ok
21:11:05.0109 7132  [ 9F5E8645FECD68C0ECC374F5A4AE068A ] gfiark          C:\Windows\system32\drivers\gfiark.sys
21:11:05.0109 7132  gfiark - ok
21:11:05.0139 7132  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\Windows\system32\drivers\gfibto.sys
21:11:05.0159 7132  gfibto - ok
21:11:05.0179 7132  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
21:11:05.0179 7132  GPIOClx0101 - ok
21:11:05.0259 7132  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:11:05.0279 7132  gpsvc - ok
21:11:05.0319 7132  [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon           C:\Windows\system32\drivers\hcmon.sys
21:11:05.0329 7132  hcmon - ok
21:11:05.0349 7132  [ 1B6E0D2B57392C17286D7820C6D91B0E ] HCW88AUD        C:\Windows\system32\drivers\hcw88aud.sys
21:11:05.0379 7132  HCW88AUD - ok
21:11:05.0429 7132  [ 17C6CE4287E38B82483D4ADB17CC5C7B ] hcw88bda        C:\Windows\system32\drivers\hcw88bda.sys
21:11:05.0449 7132  hcw88bda - ok
21:11:05.0469 7132  [ F63230FCBC698B4B09794606C7348BD7 ] hcw88rc5        C:\Windows\System32\Drivers\hcw88rc5.sys
21:11:05.0489 7132  hcw88rc5 - ok
21:11:05.0509 7132  [ 7423815BE41D612E13FD0A66D48B846B ] HCW88TSE        C:\Windows\system32\drivers\hcw88tse.sys
21:11:05.0529 7132  HCW88TSE - ok
21:11:05.0559 7132  [ 167B7E198C6E80C525DE500E0670D0CE ] hcw88vid        C:\Windows\system32\drivers\hcw88vid.sys
21:11:05.0579 7132  hcw88vid - ok
21:11:05.0599 7132  [ 0698CC6B0559882BEAFF425B7086B7A2 ] HCW88XBAR       C:\Windows\system32\drivers\HCW88BAR.sys
21:11:05.0619 7132  HCW88XBAR - ok
21:11:05.0659 7132  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:11:05.0669 7132  HdAudAddService - ok
21:11:05.0689 7132  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
21:11:05.0689 7132  HDAudBus - ok
21:11:05.0709 7132  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
21:11:05.0709 7132  HidBatt - ok
21:11:05.0749 7132  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
21:11:05.0759 7132  HidBth - ok
21:11:05.0789 7132  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
21:11:05.0809 7132  hidi2c - ok
21:11:05.0839 7132  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
21:11:05.0839 7132  HidIr - ok
21:11:05.0859 7132  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
21:11:05.0859 7132  hidserv - ok
21:11:05.0899 7132  [ 012C354B4AB48E9A7A657DF39E3A2073 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
21:11:05.0909 7132  HidUsb - ok
21:11:05.0939 7132  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:11:05.0939 7132  hkmsvc - ok
21:11:05.0989 7132  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:11:05.0989 7132  HomeGroupListener - ok
21:11:06.0019 7132  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:11:06.0019 7132  HomeGroupProvider - ok
21:11:06.0049 7132  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:11:06.0049 7132  HpSAMD - ok
21:11:06.0099 7132  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:11:06.0149 7132  HTTP - ok
21:11:06.0159 7132  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:11:06.0159 7132  hwpolicy - ok
21:11:06.0179 7132  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
21:11:06.0179 7132  hyperkbd - ok
21:11:06.0199 7132  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
21:11:06.0199 7132  HyperVideo - ok
21:11:06.0239 7132  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
21:11:06.0259 7132  i8042prt - ok
21:11:06.0289 7132  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:11:06.0299 7132  iaStorV - ok
21:11:06.0319 7132  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:11:06.0319 7132  iirsp - ok
21:11:06.0369 7132  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:11:06.0389 7132  IKEEXT - ok
21:11:06.0399 7132  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:11:06.0409 7132  intelide - ok
21:11:06.0449 7132  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
21:11:06.0449 7132  intelppm - ok
21:11:06.0469 7132  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:11:06.0489 7132  IpFilterDriver - ok
21:11:06.0549 7132  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:11:06.0569 7132  iphlpsvc - ok
21:11:06.0579 7132  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
21:11:06.0579 7132  IPMIDRV - ok
21:11:06.0609 7132  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:11:06.0609 7132  IPNAT - ok
21:11:06.0629 7132  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:11:06.0629 7132  IRENUM - ok
21:11:06.0649 7132  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:11:06.0649 7132  isapnp - ok
21:11:06.0689 7132  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
21:11:06.0709 7132  iScsiPrt - ok
21:11:06.0729 7132  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
21:11:06.0749 7132  kbdclass - ok
21:11:06.0779 7132  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
21:11:06.0789 7132  kbdhid - ok
21:11:06.0809 7132  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
21:11:06.0809 7132  kdnic - ok
21:11:06.0829 7132  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
21:11:06.0829 7132  KeyIso - ok
21:11:06.0859 7132  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:11:06.0859 7132  KSecDD - ok
21:11:06.0899 7132  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:11:06.0899 7132  KSecPkg - ok
21:11:06.0909 7132  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:11:06.0909 7132  ksthunk - ok
21:11:06.0949 7132  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:11:06.0949 7132  KtmRm - ok
21:11:06.0999 7132  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:11:06.0999 7132  LanmanServer - ok
21:11:07.0019 7132  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:11:07.0019 7132  LanmanWorkstation - ok
21:11:07.0039 7132  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:11:07.0049 7132  lltdio - ok
21:11:07.0079 7132  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:11:07.0079 7132  lltdsvc - ok
21:11:07.0109 7132  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:11:07.0109 7132  lmhosts - ok
21:11:07.0139 7132  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:11:07.0139 7132  LSI_SAS - ok
21:11:07.0159 7132  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:11:07.0159 7132  LSI_SAS2 - ok
21:11:07.0179 7132  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:11:07.0179 7132  LSI_SCSI - ok
21:11:07.0199 7132  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
21:11:07.0199 7132  LSI_SSS - ok
21:11:07.0249 7132  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
21:11:07.0259 7132  LSM - ok
21:11:07.0269 7132  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:11:07.0269 7132  luafv - ok
21:11:07.0299 7132  mbamswissarmy - ok
21:11:07.0319 7132  [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:11:07.0329 7132  Mcx2Svc - ok
21:11:07.0349 7132  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
21:11:07.0349 7132  megasas - ok
21:11:07.0379 7132  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:11:07.0389 7132  MegaSR - ok
21:11:07.0429 7132  Microsoft SharePoint Workspace Audit Service - ok
21:11:07.0449 7132  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
21:11:07.0449 7132  MMCSS - ok
21:11:07.0469 7132  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
21:11:07.0469 7132  Modem - ok
21:11:07.0499 7132  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
21:11:07.0519 7132  monitor - ok
21:11:07.0549 7132  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
21:11:07.0549 7132  mouclass - ok
21:11:07.0569 7132  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
21:11:07.0579 7132  mouhid - ok
21:11:07.0609 7132  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:11:07.0619 7132  mountmgr - ok
21:11:07.0659 7132  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:11:07.0669 7132  MozillaMaintenance - ok
21:11:07.0699 7132  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:11:07.0719 7132  mpsdrv - ok
21:11:07.0839 7132  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:11:07.0859 7132  MpsSvc - ok
21:11:07.0879 7132  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:11:07.0879 7132  MRxDAV - ok
21:11:07.0949 7132  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:11:07.0959 7132  mrxsmb - ok
21:11:08.0019 7132  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:11:08.0019 7132  mrxsmb10 - ok
21:11:08.0089 7132  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:11:08.0089 7132  mrxsmb20 - ok
21:11:08.0119 7132  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
21:11:08.0119 7132  MsBridge - ok
21:11:08.0169 7132  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
21:11:08.0169 7132  MSDTC - ok
21:11:08.0199 7132  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:11:08.0219 7132  Msfs - ok
21:11:08.0239 7132  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
21:11:08.0239 7132  msgpiowin32 - ok
21:11:08.0269 7132  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:11:08.0279 7132  mshidkmdf - ok
21:11:08.0299 7132  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
21:11:08.0299 7132  mshidumdf - ok
21:11:08.0309 7132  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:11:08.0309 7132  msisadrv - ok
21:11:08.0339 7132  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:11:08.0349 7132  MSiSCSI - ok
21:11:08.0349 7132  msiserver - ok
21:11:08.0369 7132  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:11:08.0379 7132  MSKSSRV - ok
21:11:08.0399 7132  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
21:11:08.0399 7132  MsLldp - ok
21:11:08.0419 7132  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:11:08.0429 7132  MSPCLOCK - ok
21:11:08.0439 7132  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:11:08.0439 7132  MSPQM - ok
21:11:08.0469 7132  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:11:08.0479 7132  MsRPC - ok
21:11:08.0489 7132  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
21:11:08.0489 7132  mssmbios - ok
21:11:08.0519 7132  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:11:08.0529 7132  MSTEE - ok
21:11:08.0539 7132  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
21:11:08.0539 7132  MTConfig - ok
21:11:08.0559 7132  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:11:08.0569 7132  Mup - ok
21:11:08.0589 7132  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
21:11:08.0589 7132  mvumis - ok
21:11:08.0629 7132  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
21:11:08.0639 7132  napagent - ok
21:11:08.0659 7132  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:11:08.0669 7132  NativeWifiP - ok
21:11:08.0689 7132  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
21:11:08.0689 7132  NcaSvc - ok
21:11:08.0719 7132  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
21:11:08.0719 7132  NcdAutoSetup - ok
21:11:08.0799 7132  [ 03CFE4108D1DE16D6C59455B5C73319C ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:11:08.0819 7132  NDIS - ok
21:11:08.0839 7132  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:11:08.0839 7132  NdisCap - ok
21:11:08.0859 7132  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:11:08.0859 7132  NdisImPlatform - ok
21:11:08.0889 7132  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:11:08.0909 7132  NdisTapi - ok
21:11:08.0939 7132  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:11:08.0939 7132  Ndisuio - ok
21:11:08.0969 7132  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:08.0979 7132  NdisWan - ok
21:11:08.0989 7132  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
21:11:08.0989 7132  NDISWANLEGACY - ok
21:11:09.0019 7132  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:11:09.0039 7132  NDProxy - ok
21:11:09.0049 7132  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
21:11:09.0059 7132  Ndu - ok
21:11:09.0069 7132  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:11:09.0069 7132  NetBIOS - ok
21:11:09.0089 7132  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:11:09.0099 7132  NetBT - ok
21:11:09.0109 7132  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
21:11:09.0109 7132  Netlogon - ok
21:11:09.0139 7132  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
21:11:09.0149 7132  Netman - ok
21:11:09.0209 7132  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
21:11:09.0219 7132  netprofm - ok
21:11:09.0269 7132  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:11:09.0269 7132  NetTcpPortSharing - ok
21:11:09.0309 7132  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:11:09.0319 7132  nfrd960 - ok
21:11:09.0359 7132  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:11:09.0399 7132  NlaSvc - ok
21:11:09.0419 7132  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:11:09.0419 7132  Npfs - ok
21:11:09.0449 7132  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
21:11:09.0449 7132  npsvctrig - ok
21:11:09.0479 7132  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
21:11:09.0489 7132  nsi - ok
21:11:09.0489 7132  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:11:09.0499 7132  nsiproxy - ok
21:11:09.0569 7132  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:11:09.0599 7132  Ntfs - ok
21:11:09.0629 7132  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
21:11:09.0629 7132  Null - ok
21:11:10.0279 7132  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:11:10.0539 7132  nvlddmkm - ok
21:11:10.0589 7132  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:11:10.0589 7132  nvraid - ok
21:11:10.0629 7132  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:11:10.0629 7132  nvstor - ok
21:11:10.0679 7132  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:11:10.0689 7132  nvsvc - ok
21:11:10.0739 7132  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
21:11:10.0749 7132  nvUpdatusService - ok
21:11:10.0779 7132  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:11:10.0779 7132  nv_agp - ok
21:11:10.0819 7132  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:11:10.0819 7132  ose - ok
21:11:11.0079 7132  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:11:11.0129 7132  osppsvc - ok
21:11:11.0179 7132  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:11:11.0189 7132  p2pimsvc - ok
21:11:11.0209 7132  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:11:11.0219 7132  p2psvc - ok
21:11:11.0279 7132  [ A6645E6CC84D55A783EA5F2F58B9B523 ] Panasonic Local Printer Service C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
21:11:11.0669 7132  Panasonic Local Printer Service - ok
21:11:11.0739 7132  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
21:11:11.0739 7132  Parport - ok
21:11:11.0779 7132  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:11:11.0779 7132  partmgr - ok
21:11:11.0819 7132  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:11:11.0829 7132  PcaSvc - ok
21:11:11.0859 7132  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
21:11:11.0859 7132  pci - ok
21:11:11.0879 7132  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:11:11.0879 7132  pciide - ok
21:11:11.0909 7132  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:11:11.0909 7132  pcmcia - ok
21:11:11.0939 7132  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:11:11.0939 7132  pcw - ok
21:11:11.0969 7132  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
21:11:11.0969 7132  pdc - ok
21:11:12.0049 7132  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:11:12.0079 7132  PEAUTH - ok
21:11:12.0169 7132  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:11:12.0199 7132  PeerDistSvc - ok
21:11:12.0269 7132  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:11:12.0279 7132  PerfHost - ok
21:11:12.0369 7132  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
21:11:12.0379 7132  pla - ok
21:11:12.0419 7132  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:11:12.0419 7132  PlugPlay - ok
21:11:12.0449 7132  [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:11:12.0459 7132  Pml Driver HPZ12 - ok
21:11:12.0489 7132  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:11:12.0499 7132  PNRPAutoReg - ok
21:11:12.0529 7132  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:11:12.0539 7132  PNRPsvc - ok
21:11:12.0579 7132  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:11:12.0579 7132  PolicyAgent - ok
21:11:12.0609 7132  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
21:11:12.0619 7132  Power - ok
21:11:12.0629 7132  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:11:12.0629 7132  PptpMiniport - ok
21:11:12.0739 7132  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:11:12.0769 7132  PrintNotify - ok
21:11:12.0809 7132  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
21:11:12.0809 7132  Processor - ok
21:11:12.0849 7132  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
21:11:12.0859 7132  ProfSvc - ok
21:11:12.0889 7132  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:11:12.0899 7132  Psched - ok
21:11:12.0929 7132  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
21:11:12.0929 7132  QWAVE - ok
21:11:12.0949 7132  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:11:12.0949 7132  QWAVEdrv - ok
21:11:12.0969 7132  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:11:12.0989 7132  RasAcd - ok
21:11:13.0009 7132  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:11:13.0009 7132  RasAgileVpn - ok
21:11:13.0039 7132  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:11:13.0039 7132  RasAuto - ok
21:11:13.0049 7132  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:11:13.0059 7132  Rasl2tp - ok
21:11:13.0089 7132  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
21:11:13.0089 7132  RasMan - ok
21:11:13.0129 7132  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:11:13.0129 7132  RasPppoe - ok
21:11:13.0149 7132  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:11:13.0149 7132  RasSstp - ok
21:11:13.0199 7132  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:11:13.0219 7132  rdbss - ok
21:11:13.0239 7132  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
21:11:13.0259 7132  rdpbus - ok
21:11:13.0289 7132  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:11:13.0289 7132  RDPDR - ok
21:11:13.0339 7132  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:11:13.0339 7132  RdpVideoMiniport - ok
21:11:13.0369 7132  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:11:13.0369 7132  RDPWD - ok
21:11:13.0399 7132  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:11:13.0399 7132  rdyboost - ok
21:11:13.0419 7132  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:11:13.0429 7132  RemoteAccess - ok
21:11:13.0459 7132  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:11:13.0469 7132  RemoteRegistry - ok
21:11:13.0509 7132  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
21:11:13.0519 7132  RFCOMM - ok
21:11:13.0549 7132  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:11:13.0549 7132  RpcEptMapper - ok
21:11:13.0589 7132  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
21:11:13.0589 7132  RpcLocator - ok
21:11:13.0649 7132  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
21:11:13.0659 7132  RpcSs - ok
21:11:13.0669 7132  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:11:13.0669 7132  rspndr - ok
21:11:13.0709 7132  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
21:11:13.0719 7132  RTL8168 - ok
21:11:13.0739 7132  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
21:11:13.0739 7132  s3cap - ok
21:11:13.0749 7132  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
21:11:13.0749 7132  SamSs - ok
21:11:13.0819 7132  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\WNt500x64\Sandra.sys
21:11:13.0829 7132  SANDRA - ok
21:11:13.0849 7132  [ 6CF0FBAB2C0E791566AB3282D3B52227 ] SandraAgentSrv  f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\RpcAgentSrv.exe
21:11:13.0889 7132  SandraAgentSrv - ok
21:11:13.0929 7132  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:11:13.0929 7132  sbp2port - ok
21:11:13.0969 7132  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:11:13.0979 7132  SCardSvr - ok
21:11:13.0999 7132  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:11:14.0009 7132  scfilter - ok
21:11:14.0069 7132  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
21:11:14.0119 7132  Schedule - ok
21:11:14.0139 7132  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:11:14.0139 7132  SCPolicySvc - ok
21:11:14.0179 7132  [ 047315E75392CEA447ACC86257824C16 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
21:11:14.0179 7132  sdbus - ok
21:11:14.0209 7132  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:11:14.0209 7132  SDRSVC - ok
21:11:14.0249 7132  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
21:11:14.0269 7132  sdstor - ok
21:11:14.0289 7132  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:11:14.0289 7132  secdrv - ok
21:11:14.0319 7132  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
21:11:14.0329 7132  seclogon - ok
21:11:14.0369 7132  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
21:11:14.0369 7132  SENS - ok
21:11:14.0389 7132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
21:11:14.0399 7132  SensorsSimulatorDriver - ok
21:11:14.0419 7132  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:11:14.0439 7132  SensrSvc - ok
21:11:14.0549 7132  [ 2437720D4480523562360B2B6B5864A7 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
21:11:14.0569 7132  Ser2pl - ok
21:11:14.0609 7132  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
21:11:14.0609 7132  SerCx - ok
21:11:14.0629 7132  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
21:11:14.0629 7132  Serenum - ok
21:11:14.0659 7132  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
21:11:14.0659 7132  Serial - ok
21:11:14.0719 7132  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
21:11:14.0739 7132  sermouse - ok
21:11:14.0839 7132  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
21:11:14.0849 7132  SessionEnv - ok
21:11:14.0879 7132  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
21:11:14.0879 7132  sfloppy - ok
21:11:14.0949 7132  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:11:14.0959 7132  SharedAccess - ok
21:11:15.0069 7132  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:11:15.0079 7132  ShellHWDetection - ok
21:11:15.0099 7132  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:11:15.0099 7132  SiSRaid2 - ok
21:11:15.0109 7132  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:11:15.0109 7132  SiSRaid4 - ok
21:11:15.0149 7132  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:11:15.0149 7132  SNMPTRAP - ok
21:11:15.0229 7132  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
21:11:15.0259 7132  spaceport - ok
21:11:15.0289 7132  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
21:11:15.0299 7132  SpbCx - ok
21:11:15.0349 7132  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
21:11:15.0359 7132  Spooler - ok
21:11:15.0629 7132  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:11:15.0679 7132  sppsvc - ok
21:11:15.0709 7132  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:11:15.0729 7132  srv - ok
21:11:15.0769 7132  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:11:15.0809 7132  srv2 - ok
21:11:15.0849 7132  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:11:15.0869 7132  srvnet - ok
21:11:15.0909 7132  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:11:15.0909 7132  SSDPSRV - ok
21:11:15.0939 7132  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:11:15.0949 7132  SstpSvc - ok
21:11:15.0979 7132  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:11:15.0979 7132  stexstor - ok
21:11:16.0019 7132  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
21:11:16.0029 7132  stisvc - ok
21:11:16.0059 7132  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
21:11:16.0059 7132  storahci - ok
21:11:16.0079 7132  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
21:11:16.0079 7132  storflt - ok
21:11:16.0099 7132  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
21:11:16.0099 7132  StorSvc - ok
21:11:16.0119 7132  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:11:16.0129 7132  storvsc - ok
21:11:16.0159 7132  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\Windows\System32\drivers\storvsp.sys
21:11:16.0169 7132  storvsp - ok
21:11:16.0189 7132  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
21:11:16.0199 7132  svsvc - ok
21:11:16.0229 7132  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
21:11:16.0239 7132  swenum - ok
21:11:16.0319 7132  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
21:11:16.0329 7132  swprv - ok
21:11:16.0409 7132  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
21:11:16.0429 7132  SysMain - ok
21:11:16.0469 7132  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:11:16.0479 7132  SystemEventsBroker - ok
21:11:16.0489 7132  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
21:11:16.0499 7132  TabletInputService - ok
21:11:16.0519 7132  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:11:16.0529 7132  TapiSrv - ok
21:11:16.0619 7132  [ D750CE2A52F1B95E654CF2904C88EF1F ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:11:16.0639 7132  Tcpip - ok
21:11:16.0699 7132  [ D750CE2A52F1B95E654CF2904C88EF1F ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:11:16.0719 7132  TCPIP6 - ok
21:11:16.0759 7132  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:11:16.0759 7132  tcpipreg - ok
21:11:16.0779 7132  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:11:16.0779 7132  tdx - ok
21:11:16.0869 7132  [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
21:11:16.0899 7132  Te.Service - ok
21:11:16.0919 7132  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
21:11:16.0919 7132  terminpt - ok
21:11:16.0949 7132  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
21:11:16.0969 7132  TermService - ok
21:11:16.0989 7132  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
21:11:16.0999 7132  Themes - ok
21:11:17.0059 7132  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:11:17.0059 7132  THREADORDER - ok
21:11:17.0099 7132  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
21:11:17.0099 7132  TimeBroker - ok
21:11:17.0139 7132  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
21:11:17.0139 7132  TPM - ok
21:11:17.0179 7132  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
21:11:17.0189 7132  TrkWks - ok
21:11:17.0259 7132  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:11:17.0269 7132  TrustedInstaller - ok
21:11:17.0299 7132  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:11:17.0309 7132  TsUsbFlt - ok
21:11:17.0329 7132  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
21:11:17.0329 7132  TsUsbGD - ok
21:11:17.0349 7132  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:11:17.0349 7132  tunnel - ok
21:11:17.0369 7132  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:11:17.0379 7132  uagp35 - ok
21:11:17.0389 7132  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
21:11:17.0399 7132  UASPStor - ok
21:11:17.0439 7132  [ 7C33D8B8A5EA2321B84A1B6653CBD0DB ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
21:11:17.0439 7132  UCX01000 - ok
21:11:17.0469 7132  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:11:17.0479 7132  udfs - ok
21:11:17.0509 7132  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:11:17.0509 7132  UI0Detect - ok
21:11:17.0539 7132  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:11:17.0549 7132  uliagpkx - ok
21:11:17.0579 7132  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
21:11:17.0579 7132  umbus - ok
21:11:17.0589 7132  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
21:11:17.0599 7132  UmPass - ok
21:11:17.0619 7132  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
21:11:17.0629 7132  UmRdpService - ok
21:11:17.0669 7132  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
21:11:17.0669 7132  upnphost - ok
21:11:17.0689 7132  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
21:11:17.0699 7132  usbccgp - ok
21:11:17.0709 7132  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
21:11:17.0719 7132  usbcir - ok
21:11:17.0769 7132  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
21:11:17.0769 7132  usbehci - ok
21:11:17.0859 7132  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
21:11:17.0879 7132  usbhub - ok
21:11:17.0979 7132  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
21:11:17.0979 7132  USBHUB3 - ok
21:11:18.0009 7132  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
21:11:18.0019 7132  usbohci - ok
21:11:18.0029 7132  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
21:11:18.0029 7132  usbprint - ok
21:11:18.0059 7132  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:11:18.0069 7132  usbscan - ok
21:11:18.0099 7132  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
21:11:18.0099 7132  USBSTOR - ok
21:11:18.0119 7132  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
21:11:18.0119 7132  usbuhci - ok
21:11:18.0149 7132  [ 11C0CF143D246E2F0E9BDBF17A0CC70B ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
21:11:18.0159 7132  USBXHCI - ok
21:11:18.0169 7132  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
21:11:18.0179 7132  VaultSvc - ok
21:11:18.0189 7132  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:11:18.0209 7132  vdrvroot - ok
21:11:18.0309 7132  [ 8A8CDA9E3CF2E0B4C6CC19FBC6FB9A71 ] vds             C:\Windows\System32\vds.exe
21:11:18.0319 7132  vds - ok
21:11:18.0339 7132  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
21:11:18.0349 7132  VerifierExt - ok
21:11:18.0379 7132  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
21:11:18.0389 7132  vhdmp - ok
21:11:18.0409 7132  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
21:11:18.0409 7132  viaide - ok
21:11:18.0429 7132  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\Windows\System32\drivers\Vid.sys
21:11:18.0429 7132  Vid - ok
21:11:18.0489 7132  [ A942813405C51998DD2C2B86A08394D5 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
21:11:18.0519 7132  VMAuthdService - ok
21:11:18.0549 7132  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:11:18.0559 7132  vmbus - ok
21:11:18.0589 7132  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
21:11:18.0599 7132  VMBusHID - ok
21:11:18.0629 7132  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
21:11:18.0639 7132  vmbusr - ok
21:11:18.0689 7132  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\drivers\vmci.sys
21:11:18.0689 7132  vmci - ok
21:11:18.0719 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
21:11:18.0729 7132  vmicheartbeat - ok
21:11:18.0749 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:11:18.0749 7132  vmickvpexchange - ok
21:11:18.0759 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
21:11:18.0759 7132  vmicrdv - ok
21:11:18.0769 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
21:11:18.0779 7132  vmicshutdown - ok
21:11:18.0789 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
21:11:18.0789 7132  vmictimesync - ok
21:11:18.0809 7132  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
21:11:18.0819 7132  vmicvss - ok
21:11:18.0839 7132  [ DE8F365C4C038AFE02F6E3B18ECAED33 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
21:11:18.0839 7132  vmkbd - ok
21:11:18.0869 7132  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
21:11:18.0869 7132  VMnetAdapter - ok
21:11:18.0899 7132  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
21:11:18.0899 7132  VMnetBridge - ok
21:11:18.0909 7132  VMnetDHCP - ok
21:11:18.0929 7132  [ 36EDBFE2C2405081620ADEF7B691ED89 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
21:11:18.0929 7132  VMnetuserif - ok
21:11:18.0939 7132  [ 55D5AFEB5FE5F3B111317A421E5F3666 ] VMparport       C:\Windows\system32\drivers\VMparport.sys
21:11:18.0949 7132  VMparport - ok
21:11:18.0979 7132  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\System32\Drivers\vmusb.sys
21:11:18.0979 7132  vmusb - ok
21:11:19.0029 7132  [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
21:11:19.0039 7132  VMUSBArbService - ok
21:11:19.0059 7132  VMware NAT Service - ok
21:11:19.0079 7132  [ 0E6ACC0257C6EFBB41E9FF4CD2A88B7F ] vmx86           C:\Windows\system32\drivers\vmx86.sys
21:11:19.0079 7132  vmx86 - ok
21:11:19.0089 7132  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:11:19.0089 7132  volmgr - ok
21:11:19.0109 7132  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:11:19.0119 7132  volmgrx - ok
21:11:19.0139 7132  [ 2FB3CDFD5EAF4CD9D4AFAF96877D13AE ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:11:19.0149 7132  volsnap - ok
21:11:19.0179 7132  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
21:11:19.0189 7132  vpci - ok
21:11:19.0209 7132  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
21:11:19.0209 7132  vpcivsp - ok
21:11:19.0239 7132  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:11:19.0239 7132  vsmraid - ok
21:11:19.0259 7132  [ EF1E48D431223F670CFFD6169B1A136F ] vsock           C:\Windows\system32\drivers\vsock.sys
21:11:19.0259 7132  vsock - ok
21:11:19.0329 7132  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
21:11:19.0349 7132  VSS - ok
21:11:19.0369 7132  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
21:11:19.0379 7132  VSTXRAID - ok
21:11:19.0429 7132  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:11:19.0459 7132  vwifibus - ok
21:11:19.0499 7132  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
21:11:19.0499 7132  W32Time - ok
21:11:19.0529 7132  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
21:11:19.0529 7132  WacomPen - ok
21:11:19.0559 7132  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
21:11:19.0599 7132  Wanarp - ok
21:11:19.0609 7132  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:11:19.0609 7132  Wanarpv6 - ok
21:11:19.0739 7132  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
21:11:19.0759 7132  wbengine - ok
21:11:19.0789 7132  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:11:19.0799 7132  WbioSrvc - ok
21:11:19.0829 7132  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
21:11:19.0839 7132  Wcmsvc - ok
21:11:19.0879 7132  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:11:19.0889 7132  wcncsvc - ok
21:11:19.0919 7132  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:11:19.0949 7132  WcsPlugInService - ok
21:11:19.0969 7132  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
21:11:19.0979 7132  Wd - ok
21:11:20.0009 7132  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
21:11:20.0009 7132  WdBoot - ok
21:11:20.0059 7132  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:11:20.0069 7132  Wdf01000 - ok
21:11:20.0109 7132  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
21:11:20.0119 7132  WdFilter - ok
21:11:20.0159 7132  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:11:20.0159 7132  WdiServiceHost - ok
21:11:20.0169 7132  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:11:20.0169 7132  WdiSystemHost - ok
21:11:20.0239 7132  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
21:11:20.0239 7132  WebClient - ok
21:11:20.0259 7132  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:11:20.0259 7132  Wecsvc - ok
21:11:20.0289 7132  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:11:20.0299 7132  wercplsupport - ok
21:11:20.0339 7132  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:11:20.0339 7132  WerSvc - ok
21:11:20.0369 7132  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
21:11:20.0369 7132  WFPLWFS - ok
21:11:20.0399 7132  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
21:11:20.0399 7132  WiaRpc - ok
21:11:20.0419 7132  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:11:20.0419 7132  WIMMount - ok
21:11:20.0449 7132  WinDefend - ok
21:11:20.0509 7132  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:11:20.0519 7132  WinHttpAutoProxySvc - ok
21:11:20.0569 7132  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:11:20.0579 7132  Winmgmt - ok
21:11:20.0649 7132  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
21:11:20.0679 7132  WinRM - ok
21:11:20.0749 7132  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
21:11:20.0769 7132  WlanSvc - ok
21:11:20.0849 7132  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
21:11:20.0869 7132  wlidsvc - ok
21:11:20.0899 7132  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
21:11:20.0899 7132  WmiAcpi - ok
21:11:20.0959 7132  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:11:20.0969 7132  wmiApSrv - ok
21:11:20.0999 7132  WMPNetworkSvc - ok
21:11:21.0029 7132  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
21:11:21.0029 7132  wpcfltr - ok
21:11:21.0059 7132  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:11:21.0059 7132  WPCSvc - ok
21:11:21.0089 7132  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:11:21.0109 7132  WPDBusEnum - ok
21:11:21.0129 7132  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
21:11:21.0129 7132  WpdUpFltr - ok
21:11:21.0169 7132  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:11:21.0169 7132  ws2ifsl - ok
21:11:21.0199 7132  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
21:11:21.0229 7132  wscsvc - ok
21:11:21.0239 7132  WSearch - ok
21:11:21.0349 7132  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
21:11:21.0379 7132  WSService - ok
21:11:21.0479 7132  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
21:11:21.0519 7132  wuauserv - ok
21:11:21.0549 7132  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:11:21.0559 7132  WudfPf - ok
21:11:21.0579 7132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
21:11:21.0579 7132  WUDFRd - ok
21:11:21.0589 7132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
21:11:21.0589 7132  WUDFSensorLP - ok
21:11:21.0629 7132  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:11:21.0629 7132  wudfsvc - ok
21:11:21.0639 7132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
21:11:21.0639 7132  WUDFWpdFs - ok
21:11:21.0679 7132  [ F9D8D2E6ECE08B278621D5BF3A7240A6 ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:11:21.0689 7132  WwanSvc - ok
21:11:21.0719 7132  ================ Scan global ===============================
21:11:21.0759 7132  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
21:11:21.0809 7132  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
21:11:21.0849 7132  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
21:11:21.0879 7132  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
21:11:21.0879 7132  [Global] - ok
21:11:21.0889 7132  ================ Scan MBR ==================================
21:11:21.0889 7132  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:11:22.0089 7132  \Device\Harddisk0\DR0 - ok
21:11:22.0119 7132  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk1\DR1
21:11:22.0309 7132  \Device\Harddisk1\DR1 - ok
21:11:22.0309 7132  ================ Scan VBR ==================================
21:11:22.0309 7132  [ C500D789C916B94A9547DE4032FEB4D2 ] \Device\Harddisk0\DR0\Partition1
21:11:22.0309 7132  \Device\Harddisk0\DR0\Partition1 - ok
21:11:22.0319 7132  [ EC03346EC4EF3C1ABE056ACC13E5A6A1 ] \Device\Harddisk0\DR0\Partition2
21:11:22.0319 7132  \Device\Harddisk0\DR0\Partition2 - ok
21:11:22.0319 7132  [ D71CD7BF88C03594D1CE12E523966CDC ] \Device\Harddisk0\DR0\Partition3
21:11:22.0329 7132  \Device\Harddisk0\DR0\Partition3 - ok
21:11:22.0329 7132  [ 049327D02C37AB22D9D19E20AF1CCD4F ] \Device\Harddisk0\DR0\Partition4
21:11:22.0339 7132  \Device\Harddisk0\DR0\Partition4 - ok
21:11:22.0339 7132  [ 770033275B056C4025CAC50D54A14FD9 ] \Device\Harddisk1\DR1\Partition1
21:11:22.0349 7132  \Device\Harddisk1\DR1\Partition1 - ok
21:11:22.0359 7132  [ 491508800FF1D8C254AEDD5908F4BD29 ] \Device\Harddisk1\DR1\Partition2
21:11:22.0359 7132  \Device\Harddisk1\DR1\Partition2 - ok
21:11:22.0389 7132  [ 665E719F8D99EBA02D7E7AB0F5BDC793 ] \Device\Harddisk1\DR1\Partition3
21:11:22.0389 7132  \Device\Harddisk1\DR1\Partition3 - ok
21:11:22.0399 7132  [ 0176D19593A0361CD32DF3421606E45B ] \Device\Harddisk1\DR1\Partition4
21:11:22.0399 7132  \Device\Harddisk1\DR1\Partition4 - ok
21:11:22.0409 7132  ============================================================
21:11:22.0409 7132  Scan finished
21:11:22.0409 7132  ============================================================
21:11:22.0429 0436  Detected object count: 0
21:11:22.0429 0436  Actual detected object count: 0

cosinus · 18.07.2013, 02:17

Zitat:

21:10:57.0152 7132 Scan started
21:10:57.0152 7132 Mode: Manual;

Bitte den tdsskiller richtig nach Anweisungen ausführen

MarieJo · 19.07.2013, 00:49

Oh Tschuldigung. Hier nun der richtige Scan.

Code:

ATTFilter

01:42:58.0255 0624  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
01:42:58.0415 0624  ============================================================
01:42:58.0415 0624  Current date / time: 2013/07/19 01:42:58.0415
01:42:58.0415 0624  SystemInfo:
01:42:58.0415 0624  
01:42:58.0415 0624  OS Version: 6.2.9200 ServicePack: 0.0
01:42:58.0415 0624  Product type: Workstation
01:42:58.0415 0624  ComputerName: HAUPTRECHNER
01:42:58.0415 0624  UserName: Jörg
01:42:58.0415 0624  Windows directory: C:\Windows
01:42:58.0415 0624  System windows directory: C:\Windows
01:42:58.0415 0624  Running under WOW64
01:42:58.0415 0624  Processor architecture: Intel x64
01:42:58.0415 0624  Number of processors: 2
01:42:58.0415 0624  Page size: 0x1000
01:42:58.0415 0624  Boot type: Normal boot
01:42:58.0415 0624  ============================================================
01:42:59.0405 0624  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:42:59.0415 0624  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:42:59.0415 0624  ============================================================
01:42:59.0415 0624  \Device\Harddisk1\DR1:
01:42:59.0415 0624  MBR partitions:
01:42:59.0415 0624  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC03D02F
01:42:59.0415 0624  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xC03D800, BlocksNum 0xBFDA800
01:42:59.0415 0624  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x18018000, BlocksNum 0x1387FF8
01:42:59.0445 0624  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x193A0800, BlocksNum 0x3E24800
01:42:59.0445 0624  \Device\Harddisk0\DR0:
01:42:59.0445 0624  MBR partitions:
01:42:59.0445 0624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC02802F
01:42:59.0445 0624  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC028800, BlocksNum 0xBFEF800
01:42:59.0445 0624  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x18018010, BlocksNum 0x3D7710A
01:42:59.0465 0624  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1BD8F800, BlocksNum 0x14347F8
01:42:59.0465 0624  ============================================================
01:42:59.0485 0624  C: <-> \Device\Harddisk0\DR0\Partition1
01:42:59.0535 0624  D: <-> \Device\Harddisk1\DR1\Partition4
01:42:59.0575 0624  E: <-> \Device\Harddisk0\DR0\Partition4
01:42:59.0615 0624  F: <-> \Device\Harddisk1\DR1\Partition2
01:42:59.0655 0624  G: <-> \Device\Harddisk1\DR1\Partition3
01:42:59.0695 0624  H: <-> \Device\Harddisk0\DR0\Partition2
01:42:59.0735 0624  I: <-> \Device\Harddisk0\DR0\Partition3
01:42:59.0775 0624  M: <-> \Device\Harddisk1\DR1\Partition1
01:42:59.0775 0624  ============================================================
01:42:59.0775 0624  Initialize success
01:42:59.0775 0624  ============================================================
01:43:20.0655 2724  ============================================================
01:43:20.0665 2724  Scan started
01:43:20.0665 2724  Mode: Manual; SigCheck; TDLFS; 
01:43:20.0665 2724  ============================================================
01:43:21.0755 2724  ================ Scan system memory ========================
01:43:21.0755 2724  System memory - ok
01:43:21.0755 2724  ================ Scan services =============================
01:43:21.0895 2724  [ E890C46E4754F0DF51BAFCC8D2E07498 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
01:43:21.0985 2724  1394ohci - ok
01:43:22.0025 2724  [ 4F18D4C7EA14F11A7211F60D553C03DB ] 3ware           C:\Windows\system32\drivers\3ware.sys
01:43:22.0035 2724  3ware - ok
01:43:22.0065 2724  [ 975AABEB243B800C23626D6B652C5A9C ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:43:22.0095 2724  ACPI - ok
01:43:22.0115 2724  [ DC968C37822117E576B933F34A2D130C ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
01:43:22.0135 2724  acpiex - ok
01:43:22.0155 2724  [ 0CA9F7C3A78227C21A0A7854E245CFB2 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
01:43:22.0185 2724  acpipagr - ok
01:43:22.0215 2724  [ 8EB8DA03B142D3DD1EB9ED8107A76C43 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
01:43:22.0245 2724  AcpiPmi - ok
01:43:22.0265 2724  [ CBCE725C5D86ABA7D2604E22951AA9B8 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
01:43:22.0285 2724  acpitime - ok
01:43:22.0355 2724  [ 8B46D5A1D3EF08232C04D0EAFB871FB2 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
01:43:22.0375 2724  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
01:43:22.0375 2724  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
01:43:22.0455 2724  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:43:22.0465 2724  AdobeFlashPlayerUpdateSvc - ok
01:43:22.0495 2724  [ 93C6388592B99925C1D1576E465BC80F ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
01:43:22.0515 2724  adp94xx - ok
01:43:22.0535 2724  [ D27763E0247292654E7F7D16444C7C72 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
01:43:22.0555 2724  adpahci - ok
01:43:22.0575 2724  [ 67B90070FF48F794AF19F9FCF0080D75 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
01:43:22.0585 2724  adpu320 - ok
01:43:22.0625 2724  [ 974AE60BF5B90E31412D93596C968E5B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:43:22.0655 2724  AeLookupSvc - ok
01:43:22.0705 2724  [ 36D6A3201721558A8AFBCC09C2DA4C2C ] AFD             C:\Windows\system32\drivers\afd.sys
01:43:22.0735 2724  AFD - ok
01:43:22.0755 2724  [ 01590377A5AB19E792528C628A2A68F9 ] agp440          C:\Windows\system32\drivers\agp440.sys
01:43:22.0775 2724  agp440 - ok
01:43:22.0805 2724  [ D1BE8E6E5B3AF23A4393AF1BF867977A ] ALG             C:\Windows\System32\alg.exe
01:43:22.0845 2724  ALG - ok
01:43:22.0875 2724  [ 025E8C755BE293E50854D26D1BBE5133 ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
01:43:22.0905 2724  AllUserInstallAgent - ok
01:43:22.0935 2724  [ 5A81054B824004B1ECC04F0034A1CDF9 ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
01:43:22.0965 2724  AmdK8 - ok
01:43:22.0995 2724  [ B849D453E644FAB9BC8EF6DC8CA9C4C6 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
01:43:23.0015 2724  AmdPPM - ok
01:43:23.0025 2724  [ 35A0EB5AECB0FA3C41A2FB514A562304 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:43:23.0045 2724  amdsata - ok
01:43:23.0065 2724  [ 00452671904F5EE94B50BF0219C97164 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:43:23.0085 2724  amdsbs - ok
01:43:23.0105 2724  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:43:23.0115 2724  amdxata - ok
01:43:23.0155 2724  [ 83B3682CE922FB0F415734B26D9D6233 ] AppID           C:\Windows\system32\drivers\appid.sys
01:43:23.0185 2724  AppID - ok
01:43:23.0215 2724  [ CE2BEAD7F31816FF0AC490D048C969F9 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:43:23.0255 2724  AppIDSvc - ok
01:43:23.0285 2724  [ 4F750B7EFCB6520AE01E01D082D7D476 ] Appinfo         C:\Windows\System32\appinfo.dll
01:43:23.0305 2724  Appinfo - ok
01:43:23.0335 2724  [ 2D14788C5D0836292BEB27BBE109BE56 ] AppMgmt         C:\Windows\System32\appmgmts.dll
01:43:23.0375 2724  AppMgmt - ok
01:43:23.0395 2724  [ E933401B392387F4BE34DE8BAF1722A7 ] arc             C:\Windows\system32\drivers\arc.sys
01:43:23.0415 2724  arc - ok
01:43:23.0425 2724  [ 07CA323EF2E8247A568AB0F3662AD644 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:43:23.0445 2724  arcsas - ok
01:43:23.0455 2724  [ 74DBAEC35366C4EE7670428808715A6A ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:43:23.0495 2724  AsyncMac - ok
01:43:23.0515 2724  [ A721FF570C2387E383BDDEA9632863C9 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:43:23.0535 2724  atapi - ok
01:43:23.0555 2724  [ 4ECC791539F23982411864037D1AC8FC ] AthDfu          C:\Windows\System32\Drivers\AthDfu.sys
01:43:23.0575 2724  AthDfu - ok
01:43:23.0605 2724  [ 51B7849747A0582096A41A366454E88E ] AtherosSvc      C:\Windows\system32\AdminService.exe
01:43:23.0625 2724  AtherosSvc - ok
01:43:23.0655 2724  [ BCD7A47EF587DC00DD61D12D9C2D1E44 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
01:43:23.0685 2724  AudioEndpointBuilder - ok
01:43:23.0725 2724  [ 599B3F685A263A114FFAF3BE29C49C75 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
01:43:23.0765 2724  Audiosrv - ok
01:43:23.0805 2724  [ 89491EF71D5EA011127832C588002853 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:43:23.0825 2724  AxInstSV - ok
01:43:23.0865 2724  [ 87AB5BB072A3F128541D5B815F82FFDD ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
01:43:23.0885 2724  b06bdrv - ok
01:43:23.0915 2724  [ 81703BC5D68DEDBB086C2368FBE7B334 ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
01:43:23.0955 2724  BasicDisplay - ok
01:43:23.0965 2724  [ 5EC68164E14D25675C98BBB5F09E8606 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
01:43:23.0995 2724  BasicRender - ok
01:43:24.0025 2724  [ 89143A7BA7850F5C7E61B43BB44B6418 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:43:24.0055 2724  BDESVC - ok
01:43:24.0085 2724  [ 9E7AEA59776D904607985AFFE7E5E183 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:43:24.0125 2724  Beep - ok
01:43:24.0165 2724  [ 9E6A544F465C582AB42444A217CF04DC ] BFE             C:\Windows\System32\bfe.dll
01:43:24.0195 2724  BFE - ok
01:43:24.0235 2724  [ D598C44A7072D3108D8D8102EC5E07F7 ] BITS            C:\Windows\System32\qmgr.dll
01:43:24.0275 2724  BITS - ok
01:43:24.0295 2724  [ B17AC10B47C7FCB44D22A1F06415840E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:43:24.0325 2724  bowser - ok
01:43:24.0365 2724  [ 038FA1B55531E7020DB705B42FCCE373 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
01:43:24.0395 2724  BrokerInfrastructure - ok
01:43:24.0415 2724  [ 310068BDA80B1D55C36580FD8A873FAF ] Browser         C:\Windows\System32\browser.dll
01:43:24.0445 2724  Browser - ok
01:43:24.0475 2724  [ 8C816EBE14B24CD9CFBE94254D92A89A ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
01:43:24.0505 2724  BtFilter - ok
01:43:24.0535 2724  [ 6695200F455E251F0BCC9CE4D0978D59 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
01:43:24.0565 2724  BthAvrcpTg - ok
01:43:24.0605 2724  [ A8B20D852B07AE19A13B5D47EC4E4C3B ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
01:43:24.0635 2724  BthEnum - ok
01:43:24.0665 2724  [ 616EB8748C988AEE98D93DA141C3D3B4 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
01:43:24.0705 2724  BthHFEnum - ok
01:43:24.0735 2724  [ DCB4EBD928A6FB368BE6CAE522412DE1 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
01:43:24.0775 2724  bthhfhid - ok
01:43:24.0795 2724  [ 033916CE8784A848B9A3D686B7F66D97 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
01:43:24.0825 2724  BTHMODEM - ok
01:43:24.0855 2724  [ 091BB978E9504D0AD14586929431A957 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
01:43:24.0875 2724  BthPan - ok
01:43:24.0925 2724  [ 13795CAA34239D97A7211E7F9D96E012 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
01:43:24.0985 2724  BTHPORT - ok
01:43:25.0005 2724  [ A4387C3D271959313E2577DB7BE8BA7A ] bthserv         C:\Windows\system32\bthserv.dll
01:43:25.0035 2724  bthserv - ok
01:43:25.0055 2724  [ 1F715957F5236D30B6020A19A4271F6A ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
01:43:25.0085 2724  BTHUSB - ok
01:43:25.0105 2724  [ 990B1BABE6E81FB18E65A87EBEFB1772 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:43:25.0145 2724  cdfs - ok
01:43:25.0165 2724  [ 339BFF85D788268752DA8C9644B188EE ] cdrom           C:\Windows\System32\drivers\cdrom.sys
01:43:25.0205 2724  cdrom - ok
01:43:25.0295 2724  [ BAF8F0F55BC300E5F882E521F054E345 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:43:25.0335 2724  CertPropSvc - ok
01:43:25.0365 2724  [ F64B7D1A37CC1D5F421D5359EEC81E2E ] circlass        C:\Windows\System32\drivers\circlass.sys
01:43:25.0405 2724  circlass - ok
01:43:25.0435 2724  [ 9905168708DB68849B879B5548F68AB3 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
01:43:25.0455 2724  CLFS - ok
01:43:25.0495 2724  [ 2DC8538A2260647484A6C921CA837313 ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
01:43:25.0525 2724  CmBatt - ok
01:43:25.0565 2724  [ E708BFF0473EC6B271EA46B65B16CA56 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:43:25.0595 2724  CNG - ok
01:43:25.0605 2724  [ 0E5B1E9E7122EDAAF1F6CE047965CA92 ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
01:43:25.0645 2724  CompositeBus - ok
01:43:25.0655 2724  COMSysApp - ok
01:43:25.0675 2724  [ D9CB0782AF819548072AA45B70F8B22D ] condrv          C:\Windows\system32\drivers\condrv.sys
01:43:25.0705 2724  condrv - ok
01:43:25.0735 2724  [ AFA426B0E7975CEB21F8B6711EFA8945 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:43:25.0755 2724  CryptSvc - ok
01:43:25.0795 2724  [ F2C69C3D98249DE14D4B2832516D4FD5 ] CSC             C:\Windows\system32\drivers\csc.sys
01:43:25.0825 2724  CSC - ok
01:43:25.0875 2724  [ 22CCB6AFF617AAC6121DF6CDA5ABF3F4 ] CscService      C:\Windows\System32\cscsvc.dll
01:43:25.0905 2724  CscService - ok
01:43:25.0945 2724  [ C4D01BD86D6B207275FC143EEA951D75 ] dam             C:\Windows\system32\drivers\dam.sys
01:43:25.0955 2724  dam - ok
01:43:25.0995 2724  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:43:26.0045 2724  DcomLaunch - ok
01:43:26.0085 2724  [ C8650D1F61149AA546BDBC99172EBBC1 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:43:26.0125 2724  defragsvc - ok
01:43:26.0155 2724  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16 ] DeviceAssociationService C:\Windows\system32\das.dll
01:43:26.0205 2724  DeviceAssociationService - ok
01:43:26.0245 2724  [ 799BE46D45D486704CE0F37CA5385262 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
01:43:26.0275 2724  DeviceInstall - ok
01:43:26.0295 2724  [ 09D9EB9E7898F8E6561473A20CC808B9 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
01:43:26.0315 2724  Dfsc - ok
01:43:26.0345 2724  [ 9E0E72222264745ADEB0E5AC680B0ED6 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:43:26.0365 2724  Dhcp - ok
01:43:26.0395 2724  [ 3C736FAE17BA6F91BA37594AAB139CD0 ] discache        C:\Windows\system32\drivers\discache.sys
01:43:26.0415 2724  discache - ok
01:43:26.0445 2724  [ 560495FF4CA22E1D9B1972FA18F43B6F ] disk            C:\Windows\system32\drivers\disk.sys
01:43:26.0465 2724  disk - ok
01:43:26.0475 2724  [ 82A7C72593793FE1EADA7A305BD1567A ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
01:43:26.0495 2724  dmvsc - ok
01:43:26.0535 2724  [ 066B9710B36AB550E01EEFCA52155968 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:43:26.0565 2724  Dnscache - ok
01:43:26.0595 2724  [ 9949AD2ABA168A618D46C799D6CC898C ] dot3svc         C:\Windows\System32\dot3svc.dll
01:43:26.0635 2724  dot3svc - ok
01:43:26.0665 2724  [ 109FC3F80BF4F4DC5A071058074F13C1 ] DPS             C:\Windows\system32\dps.dll
01:43:26.0685 2724  DPS - ok
01:43:26.0715 2724  [ 9C7C183F937951AE17C5B8B3259CF3FF ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:43:26.0745 2724  drmkaud - ok
01:43:26.0785 2724  [ F87F4AAAF6664906248D11D5E579A53B ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
01:43:26.0805 2724  DsmSvc - ok
01:43:26.0865 2724  [ 6D1B8A9A2C0BD4851D8AF1AB43E67AD9 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:43:26.0925 2724  DXGKrnl - ok
01:43:26.0945 2724  [ 58BA473DD88F5FC1932282BA683AA03E ] Eaphost         C:\Windows\System32\eapsvc.dll
01:43:26.0985 2724  Eaphost - ok
01:43:27.0085 2724  [ 5AB97B3282D7D6114949D1EB5C8598E4 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
01:43:27.0175 2724  ebdrv - ok
01:43:27.0205 2724  [ F702AB6181513303AB0FC8D59E52708B ] EFS             C:\Windows\System32\lsass.exe
01:43:27.0235 2724  EFS - ok
01:43:27.0295 2724  [ 4B84E647C934EDFF7F28C4B91A5C0864 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:43:27.0325 2724  ehRecvr - ok
01:43:27.0365 2724  [ 72781EC7A97E44B9651550D7A83D1B96 ] ehSched         C:\Windows\ehome\ehsched.exe
01:43:27.0375 2724  ehSched - ok
01:43:27.0405 2724  [ 66D60BD9A4C05616ABECA2A901475098 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
01:43:27.0415 2724  EhStorClass - ok
01:43:27.0435 2724  [ A61D0F543024E458C0FE32352E1978E2 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
01:43:27.0445 2724  EhStorTcgDrv - ok
01:43:27.0465 2724  [ D790D058D67582DB9C84C2D33695FE6B ] ErrDev          C:\Windows\System32\drivers\errdev.sys
01:43:27.0485 2724  ErrDev - ok
01:43:27.0535 2724  [ F9E01C2D9F8BC049E04CF5DC24A5F638 ] EventSystem     C:\Windows\system32\es.dll
01:43:27.0575 2724  EventSystem - ok
01:43:27.0595 2724  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:43:27.0625 2724  exfat - ok
01:43:27.0655 2724  [ 60996602A7111FD2D086E803F33E4282 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:43:27.0675 2724  fastfat - ok
01:43:27.0705 2724  [ F0E7F8382ED5E138B0DFA4CB5058BCFE ] Fax             C:\Windows\system32\fxssvc.exe
01:43:27.0745 2724  Fax - ok
01:43:27.0775 2724  [ 73B2D11DF0B6E03A0CB0323218ACB3E4 ] fdc             C:\Windows\System32\drivers\fdc.sys
01:43:27.0805 2724  fdc - ok
01:43:27.0835 2724  [ 0828E3E7BD77C89149EAD3232BFD38DB ] fdPHost         C:\Windows\system32\fdPHost.dll
01:43:27.0855 2724  fdPHost - ok
01:43:27.0885 2724  [ 872506AAB591E8908DF4461475AF92DF ] FDResPub        C:\Windows\system32\fdrespub.dll
01:43:27.0925 2724  FDResPub - ok
01:43:27.0965 2724  [ 0588950D93A426F97C7AAADB1A9B0458 ] fhsvc           C:\Windows\system32\fhsvc.dll
01:43:27.0975 2724  fhsvc - ok
01:43:28.0005 2724  [ 88A9EBACD1058ABB237A6B4E96E7F397 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:43:28.0025 2724  FileInfo - ok
01:43:28.0045 2724  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:43:28.0075 2724  Filetrace - ok
01:43:28.0095 2724  [ B1D4C168FF7B8579E3745888658FFB1D ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
01:43:28.0115 2724  flpydisk - ok
01:43:28.0145 2724  [ B33EC133AE4E6C1881D2302D93D2467D ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:43:28.0165 2724  FltMgr - ok
01:43:28.0225 2724  [ 0BCDC0FF11B984162B0CF0FF6E9E0146 ] FontCache       C:\Windows\system32\FntCache.dll
01:43:28.0275 2724  FontCache - ok
01:43:28.0375 2724  [ 0B56259F5611787222A04A8F254E51D4 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:43:28.0385 2724  FontCache3.0.0.0 - ok
01:43:28.0405 2724  [ A5F7873A39E4E9FAAAE59B7E9E36B705 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:43:28.0415 2724  FsDepends - ok
01:43:28.0425 2724  [ A6DD7D491F587F4BC13FB972977DC8E8 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:43:28.0445 2724  Fs_Rec - ok
01:43:28.0515 2724  [ 895BA1CFF25E867CE5A52073E905C93B ] fussvc          C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe
01:43:28.0585 2724  fussvc ( UnsignedFile.Multi.Generic ) - warning
01:43:28.0585 2724  fussvc - detected UnsignedFile.Multi.Generic (1)
01:43:28.0615 2724  [ FA228F4BB10DC7ED7E7D131C034E2331 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:43:28.0645 2724  fvevol - ok
01:43:28.0675 2724  [ A969D92973DFA895E7776B4BFE36DBB2 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
01:43:28.0705 2724  FxPPM - ok
01:43:28.0725 2724  [ 52BC441E07A827EBAB70CDC7EAEDB28D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:43:28.0745 2724  gagp30kx - ok
01:43:28.0775 2724  [ 721F8EEF5E9747F32670DEFF7FB92541 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
01:43:28.0785 2724  gencounter - ok
01:43:28.0815 2724  [ 9F5E8645FECD68C0ECC374F5A4AE068A ] gfiark          C:\Windows\system32\drivers\gfiark.sys
01:43:28.0825 2724  gfiark - ok
01:43:28.0865 2724  [ 14908F4F9005C29DE8F5587E271390EE ] gfibto          C:\Windows\system32\drivers\gfibto.sys
01:43:28.0865 2724  gfibto - ok
01:43:28.0885 2724  [ CA18ECFCFFDD638ECE80799A9056B238 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
01:43:28.0905 2724  GPIOClx0101 - ok
01:43:28.0945 2724  [ 5358678C6370F2ADC5291849F6503262 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:43:28.0995 2724  gpsvc - ok
01:43:29.0025 2724  [ 3CC07DAD48FA53193AE2F85DD8200B5E ] hcmon           C:\Windows\system32\drivers\hcmon.sys
01:43:29.0035 2724  hcmon - ok
01:43:29.0055 2724  [ 1B6E0D2B57392C17286D7820C6D91B0E ] HCW88AUD        C:\Windows\system32\drivers\hcw88aud.sys
01:43:29.0105 2724  HCW88AUD - ok
01:43:29.0145 2724  [ 17C6CE4287E38B82483D4ADB17CC5C7B ] hcw88bda        C:\Windows\system32\drivers\hcw88bda.sys
01:43:29.0205 2724  hcw88bda - ok
01:43:29.0215 2724  [ F63230FCBC698B4B09794606C7348BD7 ] hcw88rc5        C:\Windows\System32\Drivers\hcw88rc5.sys
01:43:29.0265 2724  hcw88rc5 - ok
01:43:29.0285 2724  [ 7423815BE41D612E13FD0A66D48B846B ] HCW88TSE        C:\Windows\system32\drivers\hcw88tse.sys
01:43:29.0325 2724  HCW88TSE - ok
01:43:29.0355 2724  [ 167B7E198C6E80C525DE500E0670D0CE ] hcw88vid        C:\Windows\system32\drivers\hcw88vid.sys
01:43:29.0425 2724  hcw88vid - ok
01:43:29.0435 2724  [ 0698CC6B0559882BEAFF425B7086B7A2 ] HCW88XBAR       C:\Windows\system32\drivers\HCW88BAR.sys
01:43:29.0455 2724  HCW88XBAR - ok
01:43:29.0495 2724  [ C2504AA983B5D411F7D31402E8B57725 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:43:29.0525 2724  HdAudAddService - ok
01:43:29.0545 2724  [ 7D87B5B6C7188D553E11B59DC7F0B111 ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
01:43:29.0565 2724  HDAudBus - ok
01:43:29.0575 2724  [ 3F76BBA53D65E85A7F53E7A71082082C ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
01:43:29.0605 2724  HidBatt - ok
01:43:29.0645 2724  [ 085F150D002B7F0153D3C06DDF33A143 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
01:43:29.0685 2724  HidBth - ok
01:43:29.0715 2724  [ CC4A07E51D89575CAB6F4EB590D87CD4 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
01:43:29.0745 2724  hidi2c - ok
01:43:29.0775 2724  [ DC96F7DACB777CDEAEF9958A50BFDA06 ] HidIr           C:\Windows\System32\drivers\hidir.sys
01:43:29.0815 2724  HidIr - ok
01:43:29.0845 2724  [ FAC37D7B3D6354A5A5E19A45B50B4008 ] hidserv         C:\Windows\system32\hidserv.dll
01:43:29.0865 2724  hidserv - ok
01:43:29.0895 2724  [ 9E11EE0F2E117B2D5A835B2B91752827 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
01:43:29.0935 2724  HidUsb - ok
01:43:29.0975 2724  [ 43F884B61A24377567CD0FEB35236334 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:43:30.0005 2724  hkmsvc - ok
01:43:30.0045 2724  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:43:30.0075 2724  HomeGroupListener - ok
01:43:30.0105 2724  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:43:30.0125 2724  HomeGroupProvider - ok
01:43:30.0155 2724  [ 64DB7A8D97CA53DCCF93D0A1E08342CF ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:43:30.0175 2724  HpSAMD - ok
01:43:30.0225 2724  [ F4A91D985EB9D1D2717D538F3424603C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:43:30.0295 2724  HTTP - ok
01:43:30.0315 2724  [ 2A98301068801700906C06649860FE94 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:43:30.0325 2724  hwpolicy - ok
01:43:30.0335 2724  [ DC76901D82097C9E297F20C287CB9A27 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
01:43:30.0365 2724  hyperkbd - ok
01:43:30.0385 2724  [ 716413AB3CA12DE0A7222D28C1C9352C ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
01:43:30.0395 2724  HyperVideo - ok
01:43:30.0425 2724  [ C9E9CBF73AFFBFE3E801EFB516787BA3 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
01:43:30.0475 2724  i8042prt - ok
01:43:30.0505 2724  [ 5E394EBD26FD68AA9300332C46BEDD62 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:43:30.0525 2724  iaStorV - ok
01:43:30.0545 2724  [ 24847A06B84339FEEDE5CABF3D27D320 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
01:43:30.0555 2724  iirsp - ok
01:43:30.0615 2724  [ 531B5A98145DA689741A0AC18F14EA94 ] IKEEXT          C:\Windows\System32\ikeext.dll
01:43:30.0655 2724  IKEEXT - ok
01:43:30.0685 2724  [ 4F37726CF764CA18A8A84F85EF3A7F24 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:43:30.0705 2724  intelide - ok
01:43:30.0735 2724  [ E15CDF68DD73423F15D4AC404793AF0D ] intelppm        C:\Windows\System32\drivers\intelppm.sys
01:43:30.0765 2724  intelppm - ok
01:43:30.0785 2724  [ 8FCA66234A0933D796BB780B7953BAB9 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:43:30.0795 2724  IpFilterDriver - ok
01:43:30.0845 2724  [ C217B8D2E58C57A319B16125C3D4B69C ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:43:30.0905 2724  iphlpsvc - ok
01:43:30.0925 2724  [ 6E98A046A12AA113F8898AA5D612BD6E ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
01:43:30.0955 2724  IPMIDRV - ok
01:43:30.0975 2724  [ 3969B9C218DD3FAA9F4ED2FFC3651C02 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:43:31.0005 2724  IPNAT - ok
01:43:31.0025 2724  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:43:31.0055 2724  IRENUM - ok
01:43:31.0085 2724  [ D940C5BB9DC92E588533C19ABCC3D2C2 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:43:31.0095 2724  isapnp - ok
01:43:31.0135 2724  [ 69C8BF0BC2B0EA10F130F4D3104DC2EF ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
01:43:31.0155 2724  iScsiPrt - ok
01:43:31.0185 2724  [ 8FBD94B69D6423E20ABCD59D86368B21 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
01:43:31.0195 2724  kbdclass - ok
01:43:31.0225 2724  [ E88C932ABDF8185A62C8F2FC7B051FB6 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
01:43:31.0265 2724  kbdhid - ok
01:43:31.0285 2724  [ FB6C185092E18011EF49989425C2AA87 ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
01:43:31.0315 2724  kdnic - ok
01:43:31.0325 2724  [ F702AB6181513303AB0FC8D59E52708B ] KeyIso          C:\Windows\system32\lsass.exe
01:43:31.0345 2724  KeyIso - ok
01:43:31.0375 2724  [ DFA480F6DED551464F3A5B959F437800 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:43:31.0385 2724  KSecDD - ok
01:43:31.0425 2724  [ 127FB0AAD232BAAD2C9BBACD374F4FC5 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:43:31.0445 2724  KSecPkg - ok
01:43:31.0455 2724  [ 81492FEEBF2F26455B00EE8DBAE8A1B0 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:43:31.0485 2724  ksthunk - ok
01:43:31.0525 2724  [ 5825DBACEDC3812B5CF8D40B997BF210 ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:43:31.0545 2724  KtmRm - ok
01:43:31.0585 2724  [ 256EE31588257E8A555DBFAA13F1908E ] LanmanServer    C:\Windows\system32\srvsvc.dll
01:43:31.0605 2724  LanmanServer - ok
01:43:31.0625 2724  [ 16650912BE5A94B40E0B3B4C39652B56 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:43:31.0665 2724  LanmanWorkstation - ok
01:43:31.0695 2724  [ CEEFD29FC551F289810B0B9381B321DC ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:43:31.0725 2724  lltdio - ok
01:43:31.0755 2724  [ BCF53485E0A94722CDE3C4A93CD8EB8C ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:43:31.0785 2724  lltdsvc - ok
01:43:31.0805 2724  [ 5A2F7F1CBC2E631A497DAD16164E06D2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:43:31.0825 2724  lmhosts - ok
01:43:31.0855 2724  [ 022CDD12161B063D7852B1075BF3FFF2 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
01:43:31.0865 2724  LSI_SAS - ok
01:43:31.0895 2724  [ 07AD59D669B996F29F91817F0ECFA34F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:43:31.0915 2724  LSI_SAS2 - ok
01:43:31.0945 2724  [ 216FB796AA4E252ACCE93B1BCB80B5EC ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:43:31.0965 2724  LSI_SCSI - ok
01:43:31.0985 2724  [ 5E80530AF37102488EE980B4A92AF99F ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
01:43:31.0995 2724  LSI_SSS - ok
01:43:32.0035 2724  [ A57BA284F5996FFD32DCDBC41A4657DB ] LSM             C:\Windows\System32\lsm.dll
01:43:32.0075 2724  LSM - ok
01:43:32.0095 2724  [ 2BDC5D711FA61307CE6190D47C956368 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:43:32.0125 2724  luafv - ok
01:43:32.0145 2724  [ 4448CCEA974F0B15A00EA33FCEDFC062 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:43:32.0175 2724  Mcx2Svc - ok
01:43:32.0195 2724  [ 9B0D829C3BE4E7472DB9DD2B79908E3C ] megasas         C:\Windows\system32\drivers\megasas.sys
01:43:32.0205 2724  megasas - ok
01:43:32.0225 2724  [ ECC3F54C7AFC318271C4F0B4606D8DB0 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:43:32.0245 2724  MegaSR - ok
01:43:32.0285 2724  Microsoft SharePoint Workspace Audit Service - ok
01:43:32.0315 2724  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] MMCSS           C:\Windows\system32\mmcss.dll
01:43:32.0335 2724  MMCSS - ok
01:43:32.0355 2724  [ 780098AD5DA8A4822E2563984C85EF7B ] Modem           C:\Windows\system32\drivers\modem.sys
01:43:32.0375 2724  Modem - ok
01:43:32.0415 2724  [ EA8EAD3F5B762F889CC7F3966625B48B ] monitor         C:\Windows\System32\drivers\monitor.sys
01:43:32.0465 2724  monitor - ok
01:43:32.0485 2724  [ 618446B98C79776654340CE27C73485E ] mouclass        C:\Windows\System32\drivers\mouclass.sys
01:43:32.0505 2724  mouclass - ok
01:43:32.0515 2724  [ C0ADEBED913295803B579ED288936CBB ] mouhid          C:\Windows\System32\drivers\mouhid.sys
01:43:32.0535 2724  mouhid - ok
01:43:32.0565 2724  [ 89D263DBF08119CE16273991C120D6DD ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:43:32.0575 2724  mountmgr - ok
01:43:32.0615 2724  [ 528A5C2570F468155A1B3CF0A2FF5EBD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:43:32.0625 2724  MozillaMaintenance - ok
01:43:32.0655 2724  [ 0D1609DD82C7440F5D5BF21A9D4D5C0C ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:43:32.0685 2724  mpsdrv - ok
01:43:32.0745 2724  [ 3031573A739DBEE8923851929D0AF423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:43:32.0785 2724  MpsSvc - ok
01:43:32.0825 2724  [ 3D70147F55F1EC84EB9139ED7FFE48BC ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:43:32.0855 2724  MRxDAV - ok
01:43:32.0895 2724  [ 93179D48066918323628CB016D8C94DC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:43:32.0915 2724  mrxsmb - ok
01:43:32.0945 2724  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:43:32.0965 2724  mrxsmb10 - ok
01:43:32.0995 2724  [ 5C7DD2E5759FFCCD2C7341C1B90F2B26 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:43:33.0015 2724  mrxsmb20 - ok
01:43:33.0035 2724  [ 98487487D6B3797CA927E9D7B030AE13 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
01:43:33.0065 2724  MsBridge - ok
01:43:33.0095 2724  [ 4A07458EB4F17573BD39F22029A991C1 ] MSDTC           C:\Windows\System32\msdtc.exe
01:43:33.0135 2724  MSDTC - ok
01:43:33.0165 2724  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:43:33.0195 2724  Msfs - ok
01:43:33.0225 2724  [ C32A7A39B960A42BA9D4FBE47213CA03 ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
01:43:33.0235 2724  msgpiowin32 - ok
01:43:33.0265 2724  [ D3857A767B91A061B408CCAB02DA4F40 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:43:33.0295 2724  mshidkmdf - ok
01:43:33.0315 2724  [ 839B48910FB1E887635C48F3EC11A05E ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
01:43:33.0345 2724  mshidumdf - ok
01:43:33.0365 2724  [ 55C0DB741E3AB7463242B185B1C2997C ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:43:33.0375 2724  msisadrv - ok
01:43:33.0415 2724  [ 216C6B035A4BA5560E1255BD8E5BB89F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:43:33.0445 2724  MSiSCSI - ok
01:43:33.0445 2724  msiserver - ok
01:43:33.0465 2724  [ 509809566E49F4411055864EA8D437CD ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:43:33.0495 2724  MSKSSRV - ok
01:43:33.0515 2724  [ 63145201D6458E4958E572E7D6FC2604 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
01:43:33.0525 2724  MsLldp - ok
01:43:33.0555 2724  [ 99D526E803DB6D7FF290FD98B6204641 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:43:33.0565 2724  MSPCLOCK - ok
01:43:33.0575 2724  [ 06FA77C3E2A491ADCD704C5E73006269 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:43:33.0605 2724  MSPQM - ok
01:43:33.0645 2724  [ E134EC4DE11CF78CB01432D180710D84 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:43:33.0665 2724  MsRPC - ok
01:43:33.0685 2724  [ B5AECF12F09DEE97C9FCAA5BA016CE1E ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
01:43:33.0695 2724  mssmbios - ok
01:43:33.0725 2724  [ 72D66A05E0F99F2528F6C6204FD22AA1 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:43:33.0745 2724  MSTEE - ok
01:43:33.0755 2724  [ 8AAAE399FC255FA105D4158CBA289001 ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
01:43:33.0765 2724  MTConfig - ok
01:43:33.0795 2724  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:43:33.0805 2724  Mup - ok
01:43:33.0835 2724  [ 3A1E095277BBD406CEA8EA6B76950664 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
01:43:33.0845 2724  mvumis - ok
01:43:33.0885 2724  [ 4B18840511D720BA118D3017E8165875 ] napagent        C:\Windows\system32\qagentRT.dll
01:43:33.0915 2724  napagent - ok
01:43:33.0935 2724  [ 43D7388A90A4C6EA346A4D6FF0377479 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:43:33.0955 2724  NativeWifiP - ok
01:43:33.0985 2724  [ 6A0C3996DA7DAE6D6939676D786EEEC4 ] NcaSvc          C:\Windows\System32\ncasvc.dll
01:43:33.0995 2724  NcaSvc - ok
01:43:34.0035 2724  [ C982FE4CC91DECE2259F494FCEB4030F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
01:43:34.0065 2724  NcdAutoSetup - ok
01:43:34.0115 2724  [ A10E176F3B2BF83EDE7B5C4658C93B66 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:43:34.0165 2724  NDIS - ok
01:43:34.0185 2724  [ 39C8A1D9D46F5E83A016BCAB72455284 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:43:34.0215 2724  NdisCap - ok
01:43:34.0235 2724  [ 762941932B7E4C588E48A577BA9D6440 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
01:43:34.0275 2724  NdisImPlatform - ok
01:43:34.0305 2724  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:43:34.0335 2724  NdisTapi - ok
01:43:34.0355 2724  [ 79AB68BB3FFF974AD4F41FA559F4EC67 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:43:34.0365 2724  Ndisuio - ok
01:43:34.0405 2724  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:43:34.0435 2724  NdisWan - ok
01:43:34.0445 2724  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8 ] NDISWANLEGACY   C:\Windows\system32\DRIVERS\ndiswan.sys
01:43:34.0465 2724  NDISWANLEGACY - ok
01:43:34.0495 2724  [ 3730942D7DB2F8BB5F84542B7FF6F650 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:43:34.0545 2724  NDProxy - ok
01:43:34.0565 2724  [ D3F60A4345FCA9C1BE68AD7D0D6DE770 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
01:43:34.0595 2724  Ndu - ok
01:43:34.0615 2724  [ 7C203A76394F9AE68F69EEE5F9612C4A ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:43:34.0635 2724  NetBIOS - ok
01:43:34.0655 2724  [ 7CEC25C682D319D484630B3952C31A11 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:43:34.0695 2724  NetBT - ok
01:43:34.0715 2724  [ F702AB6181513303AB0FC8D59E52708B ] Netlogon        C:\Windows\system32\lsass.exe
01:43:34.0725 2724  Netlogon - ok
01:43:34.0765 2724  [ 89519D29CBEC2121CA65CC29C4D345E0 ] Netman          C:\Windows\System32\netman.dll
01:43:34.0795 2724  Netman - ok
01:43:34.0835 2724  [ 79FA9393C67EBBF92A56923592CF7A7C ] netprofm        C:\Windows\System32\netprofmsvc.dll
01:43:34.0865 2724  netprofm - ok
01:43:34.0905 2724  [ 5243CFC2E7161C91C2B355240035B9E4 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:43:34.0925 2724  NetTcpPortSharing - ok
01:43:34.0955 2724  [ 12DD2800E4EEA37DC9AE256AD62423B4 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
01:43:34.0975 2724  nfrd960 - ok
01:43:35.0005 2724  [ 80ABCD4C2DE9FD832477303AE0CA3BE5 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:43:35.0045 2724  NlaSvc - ok
01:43:35.0065 2724  [ 17E19A742FB30C002F8B43575451DBE1 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:43:35.0075 2724  Npfs - ok
01:43:35.0095 2724  [ 8ED299C30792544264E558BEA79F0947 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
01:43:35.0125 2724  npsvctrig - ok
01:43:35.0155 2724  [ 832B5FDF0B5577713FD7F2465FCD0ACE ] nsi             C:\Windows\system32\nsisvc.dll
01:43:35.0175 2724  nsi - ok
01:43:35.0175 2724  [ 689B3B1E95C70ABF7AFF29F9406EF1E0 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:43:35.0205 2724  nsiproxy - ok
01:43:35.0285 2724  [ 76929F4A69E425911A63B407E26C2589 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:43:35.0345 2724  Ntfs - ok
01:43:35.0355 2724  [ 4163ADE07DB51843AE31F65B94F5398D ] Null            C:\Windows\system32\drivers\Null.sys
01:43:35.0385 2724  Null - ok
01:43:35.0755 2724  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:43:36.0035 2724  nvlddmkm - ok
01:43:36.0085 2724  [ D6D34118263412D3AAA8348A9572B7F2 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:43:36.0105 2724  nvraid - ok
01:43:36.0135 2724  [ 27AFC428D1D32ABD04A86763A4EDDEA9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:43:36.0155 2724  nvstor - ok
01:43:36.0205 2724  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:43:36.0235 2724  nvsvc - ok
01:43:36.0285 2724  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:43:36.0325 2724  nvUpdatusService - ok
01:43:36.0345 2724  [ 051CFB5107BAAE510419BDC41F8C4036 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:43:36.0365 2724  nv_agp - ok
01:43:36.0395 2724  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:43:36.0405 2724  ose - ok
01:43:36.0575 2724  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:43:36.0685 2724  osppsvc - ok
01:43:36.0785 2724  [ AB76700D764A342D7475FB8F47CAB18C ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:43:36.0805 2724  p2pimsvc - ok
01:43:36.0825 2724  [ 4319FD931DCD796435ECB5DB4A04FBA5 ] p2psvc          C:\Windows\system32\p2psvc.dll
01:43:36.0865 2724  p2psvc - ok
01:43:36.0895 2724  [ A6645E6CC84D55A783EA5F2F58B9B523 ] Panasonic Local Printer Service C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe
01:43:36.0895 2724  Panasonic Local Printer Service ( UnsignedFile.Multi.Generic ) - warning
01:43:36.0895 2724  Panasonic Local Printer Service - detected UnsignedFile.Multi.Generic (1)
01:43:36.0915 2724  [ 4563DAF8C6A740AD7F501E219BD10766 ] Parport         C:\Windows\System32\drivers\parport.sys
01:43:36.0945 2724  Parport - ok
01:43:36.0975 2724  [ D6ACCF9F2EEEEA711C14EFD976E573F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:43:36.0985 2724  partmgr - ok
01:43:37.0015 2724  [ 4811D9EC53649105A5A8BEA661B0F936 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:43:37.0055 2724  PcaSvc - ok
01:43:37.0095 2724  [ 4A003E8F718C1E6A2050CA98CD53E3E2 ] pci             C:\Windows\system32\drivers\pci.sys
01:43:37.0115 2724  pci - ok
01:43:37.0125 2724  [ F9908D274D458220F91E89B54D78D837 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:43:37.0135 2724  pciide - ok
01:43:37.0175 2724  [ 84D19CB6102627932DCB5DFDF89FE269 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:43:37.0205 2724  pcmcia - ok
01:43:37.0225 2724  [ CEBBAD5391C2644560C55628A40BFD27 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:43:37.0235 2724  pcw - ok
01:43:37.0265 2724  [ 0698DEDEAD6A00AD0D468C687D830FBF ] pdc             C:\Windows\system32\drivers\pdc.sys
01:43:37.0285 2724  pdc - ok
01:43:37.0335 2724  [ 61FE70659CD43E07F94DA4DC31DEC493 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:43:37.0385 2724  PEAUTH - ok
01:43:37.0455 2724  [ DF0D9BDCB600913F40FF125BF8CE1979 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
01:43:37.0525 2724  PeerDistSvc - ok
01:43:37.0595 2724  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:43:37.0625 2724  PerfHost - ok
01:43:37.0705 2724  [ 6E84BFF58F7643499277F29DFA2F8C8D ] pla             C:\Windows\system32\pla.dll
01:43:37.0745 2724  pla - ok
01:43:37.0775 2724  [ 799BE46D45D486704CE0F37CA5385262 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:43:37.0795 2724  PlugPlay - ok
01:43:37.0835 2724  [ 64CA1485214340CACC315FFDFDED73EF ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
01:43:37.0845 2724  Pml Driver HPZ12 - ok
01:43:37.0875 2724  [ 8E2414E818C26C4A9C70CB2B8567F04F ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:43:37.0895 2724  PNRPAutoReg - ok
01:43:37.0925 2724  [ AB76700D764A342D7475FB8F47CAB18C ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:43:37.0945 2724  PNRPsvc - ok
01:43:37.0975 2724  [ 0108C8E5176D590F242701EF5A62CC26 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:43:38.0005 2724  PolicyAgent - ok
01:43:38.0045 2724  [ F1E067F56373F11EA4B785CAE823740A ] Power           C:\Windows\system32\umpo.dll
01:43:38.0055 2724  Power - ok
01:43:38.0075 2724  [ 362D47E5B4D67270DE4B8606036F4ADD ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:43:38.0095 2724  PptpMiniport - ok
01:43:38.0215 2724  [ C2D3B3D0060619D5E03E696BD56FF59F ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
01:43:38.0285 2724  PrintNotify - ok
01:43:38.0315 2724  [ DD979EB6A7212F60E4AFBE96EDC7AE6D ] Processor       C:\Windows\System32\drivers\processr.sys
01:43:38.0345 2724  Processor - ok
01:43:38.0365 2724  [ 429E8502AD2227CF88F8840FC5BD590D ] ProfSvc         C:\Windows\system32\profsvc.dll
01:43:38.0395 2724  ProfSvc - ok
01:43:38.0425 2724  [ EB8034147D4820CD31BFCB11A2A652DF ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:43:38.0465 2724  Psched - ok
01:43:38.0505 2724  [ 0AFBF333B6F87A2F598EAB379AF100B8 ] QWAVE           C:\Windows\system32\qwave.dll
01:43:38.0535 2724  QWAVE - ok
01:43:38.0555 2724  [ 13D47BB0CCA2FC51BD15F8E85C6A078E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:43:38.0575 2724  QWAVEdrv - ok
01:43:38.0615 2724  [ 873C60F8178100557740A832FCE10B5F ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:43:38.0625 2724  RasAcd - ok
01:43:38.0645 2724  [ 69B93F623B130976243ECA3D84CC99CA ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:43:38.0685 2724  RasAgileVpn - ok
01:43:38.0725 2724  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0 ] RasAuto         C:\Windows\System32\rasauto.dll
01:43:38.0745 2724  RasAuto - ok
01:43:38.0755 2724  [ A14D625C5AEE5FFE0F47D1A1D419FAAE ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:43:38.0775 2724  Rasl2tp - ok
01:43:38.0805 2724  [ C923C785A2DE0B396AD6D13ACAFF2DE9 ] RasMan          C:\Windows\System32\rasmans.dll
01:43:38.0845 2724  RasMan - ok
01:43:38.0865 2724  [ 00695B9C2DB6111064499C529E90C042 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:43:38.0885 2724  RasPppoe - ok
01:43:38.0905 2724  [ A7F24D8CD1956B0A1FDCB86CC5114DE4 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:43:38.0915 2724  RasSstp - ok
01:43:38.0955 2724  [ CA03D642ACE58E1BA54E4B383F91CD69 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:43:39.0025 2724  rdbss - ok
01:43:39.0045 2724  [ CA7DF5EC95D8DE0DD24BE7FF97369F68 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
01:43:39.0085 2724  rdpbus - ok
01:43:39.0125 2724  [ B2A3AD74FF2E2FFA73AF2567108231B3 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
01:43:39.0155 2724  RDPDR - ok
01:43:39.0195 2724  [ 57F4787E4602A3FCA719C0A33137C6DA ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:43:39.0205 2724  RdpVideoMiniport - ok
01:43:39.0235 2724  [ B3CB0721E81E30419CE7D837EF4EA151 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:43:39.0245 2724  RDPWD - ok
01:43:39.0275 2724  [ 62C1F8A0685FE07E998AA296C4F697C4 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:43:39.0285 2724  rdyboost - ok
01:43:39.0325 2724  [ 3663CCF243EE0C04E9F6F91ED1737273 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:43:39.0345 2724  RemoteAccess - ok
01:43:39.0365 2724  [ E80DD61E52EDFFF9DA1ED7260A68855B ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:43:39.0405 2724  RemoteRegistry - ok
01:43:39.0445 2724  [ CCBFCABDFE2BC22F0645CEAADDB36004 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
01:43:39.0485 2724  RFCOMM - ok
01:43:39.0535 2724  [ 73F2E030B5C24E4E41401B5F0D59E6FD ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:43:39.0545 2724  RpcEptMapper - ok
01:43:39.0575 2724  [ 10B21284B3D964AB3DC45490E57D422E ] RpcLocator      C:\Windows\system32\locator.exe
01:43:39.0605 2724  RpcLocator - ok
01:43:39.0655 2724  [ 1EC6E533C954BDDF2A37E7851A7E58FD ] RpcSs           C:\Windows\system32\rpcss.dll
01:43:39.0675 2724  RpcSs - ok
01:43:39.0695 2724  [ E04E770DD198B9399640717145E79EBF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:43:39.0725 2724  rspndr - ok
01:43:39.0765 2724  [ 15923AA360F7675D3D43C9669316A0BA ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
01:43:39.0805 2724  RTL8168 - ok
01:43:39.0835 2724  [ 752EC7DCD2F96871A3857EEE6AFE965A ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
01:43:39.0845 2724  s3cap - ok
01:43:39.0865 2724  [ F702AB6181513303AB0FC8D59E52708B ] SamSs           C:\Windows\system32\lsass.exe
01:43:39.0875 2724  SamSs - ok
01:43:39.0955 2724  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\WNt500x64\Sandra.sys
01:43:39.0955 2724  SANDRA - ok
01:43:39.0975 2724  [ 6CF0FBAB2C0E791566AB3282D3B52227 ] SandraAgentSrv  f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\RpcAgentSrv.exe
01:43:39.0985 2724  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
01:43:39.0985 2724  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
01:43:40.0015 2724  [ 9C7B28CE0D136DB226E24DB3BC817F92 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:43:40.0035 2724  sbp2port - ok
01:43:40.0065 2724  [ 14316954FCE79C9DE5A0AFF9D42C83AA ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:43:40.0085 2724  SCardSvr - ok
01:43:40.0125 2724  [ 5D7733A12756B267FCA021672B26BC9E ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:43:40.0165 2724  scfilter - ok
01:43:40.0265 2724  [ ED40ED9A65F3E79A8C43DD50C5FDADBF ] Schedule        C:\Windows\system32\schedsvc.dll
01:43:40.0305 2724  Schedule - ok
01:43:40.0335 2724  [ BAF8F0F55BC300E5F882E521F054E345 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:43:40.0355 2724  SCPolicySvc - ok
01:43:40.0395 2724  [ 98636FB2973B8876A7F0BECD076CF109 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
01:43:40.0415 2724  sdbus - ok
01:43:40.0445 2724  [ 92968277ED491E4B3DDA361E3952361E ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:43:40.0455 2724  SDRSVC - ok
01:43:40.0495 2724  [ BB107AA9980B0DA4E19A3A90C3BD4460 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
01:43:40.0505 2724  sdstor - ok
01:43:40.0535 2724  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:43:40.0545 2724  secdrv - ok
01:43:40.0555 2724  [ CD282626738B6BC92B6E7CD0AAE95B63 ] seclogon        C:\Windows\system32\seclogon.dll
01:43:40.0595 2724  seclogon - ok
01:43:40.0625 2724  [ 9C51620998F0763039DFA6BF68E475ED ] SENS            C:\Windows\System32\sens.dll
01:43:40.0655 2724  SENS - ok
01:43:40.0675 2724  [ DDA4CAF29D8C0A297F886BFE561E6659 ] SensorsSimulatorDriver C:\Windows\system32\DRIVERS\WUDFRd.sys
01:43:40.0705 2724  SensorsSimulatorDriver - ok
01:43:40.0735 2724  [ 0D50B4B860DAB65241628D04CD33ACAE ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:43:40.0755 2724  SensrSvc - ok
01:43:40.0795 2724  [ 2437720D4480523562360B2B6B5864A7 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
01:43:40.0825 2724  Ser2pl - ok
01:43:40.0845 2724  [ 87C46B239A7EEF30FDFDD5E9BD46130C ] SerCx           C:\Windows\system32\drivers\SerCx.sys
01:43:40.0875 2724  SerCx - ok
01:43:40.0915 2724  [ 7A1F9347C85FD55E39B8A76B3A25C5AD ] Serenum         C:\Windows\System32\drivers\serenum.sys
01:43:40.0935 2724  Serenum - ok
01:43:40.0955 2724  [ F640A0A218BBF857F1D04A15D7D939F6 ] Serial          C:\Windows\System32\drivers\serial.sys
01:43:40.0975 2724  Serial - ok
01:43:40.0995 2724  [ F1A5F56B2620B862CC28FF96A0A6DAAB ] sermouse        C:\Windows\System32\drivers\sermouse.sys
01:43:41.0035 2724  sermouse - ok
01:43:41.0075 2724  [ CB60A60340788C8D6DE2A269D28086AB ] SessionEnv      C:\Windows\system32\sessenv.dll
01:43:41.0105 2724  SessionEnv - ok
01:43:41.0135 2724  [ 7EE65419B29302C795714FF8073969A1 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
01:43:41.0145 2724  sfloppy - ok
01:43:41.0175 2724  [ 090AE16F79C8EAD04E6031F863DA85F3 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:43:41.0215 2724  SharedAccess - ok
01:43:41.0285 2724  [ A77F3ABE13FCC698511E5DEC7ACEBD5F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:43:41.0335 2724  ShellHWDetection - ok
01:43:41.0365 2724  [ 2560721D6F16D5B611C36A3A9D28C1B2 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:43:41.0375 2724  SiSRaid2 - ok
01:43:41.0395 2724  [ 3AA8FDE1DBF65BB8B88B053529554A0D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:43:41.0415 2724  SiSRaid4 - ok
01:43:41.0445 2724  [ E660156A4588A84305CB772FD2C0DB21 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:43:41.0465 2724  SNMPTRAP - ok
01:43:41.0505 2724  [ FD3AF5575B99871BADB94E7699DBCE08 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
01:43:41.0535 2724  spaceport - ok
01:43:41.0565 2724  [ 3D8679C8DF52EB26EB7583A4E0A29202 ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
01:43:41.0595 2724  SpbCx - ok
01:43:41.0635 2724  [ 3F215BF2D4D8D6756298B25B579772C2 ] Spooler         C:\Windows\System32\spoolsv.exe
01:43:41.0665 2724  Spooler - ok
01:43:41.0795 2724  [ EC84D961501054F87A6878EC5D53388F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:43:41.0905 2724  sppsvc - ok
01:43:41.0935 2724  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:43:41.0965 2724  srv - ok
01:43:42.0005 2724  [ 56218A571ECF8D55E0CDFF8DF2546CF1 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:43:42.0075 2724  srv2 - ok
01:43:42.0105 2724  [ 14FC338B80CFF7E04215133B568D15C4 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:43:42.0165 2724  srvnet - ok
01:43:42.0195 2724  [ 7A20882D76D4A78240A5AC9F2C2EBA21 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:43:42.0225 2724  SSDPSRV - ok
01:43:42.0245 2724  [ D233B16999A8E626F6004BD7814C57EC ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:43:42.0265 2724  SstpSvc - ok
01:43:42.0285 2724  [ 4E85355B94CFCB67C135F6521A4895A7 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:43:42.0305 2724  stexstor - ok
01:43:42.0335 2724  [ BAC8A721736AECC55A4F71523AEAB65F ] stisvc          C:\Windows\System32\wiaservc.dll
01:43:42.0365 2724  stisvc - ok
01:43:42.0395 2724  [ B240874B2CA0CD02E8CD11E140B14C57 ] storahci        C:\Windows\system32\drivers\storahci.sys
01:43:42.0415 2724  storahci - ok
01:43:42.0445 2724  [ F74DBC95A57B1EE866D3732EB5F79BE2 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
01:43:42.0465 2724  storflt - ok
01:43:42.0475 2724  [ 5337E138B49ED1F44CCBA4073BC35C20 ] StorSvc         C:\Windows\system32\storsvc.dll
01:43:42.0495 2724  StorSvc - ok
01:43:42.0525 2724  [ 543CD3CC0E05B8D8815E0D4F040B6F59 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
01:43:42.0535 2724  storvsc - ok
01:43:42.0575 2724  [ 1A36AC469140F87CDE62D7F8524E270C ] storvsp         C:\Windows\System32\drivers\storvsp.sys
01:43:42.0595 2724  storvsp - ok
01:43:42.0615 2724  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A ] svsvc           C:\Windows\system32\svsvc.dll
01:43:42.0655 2724  svsvc - ok
01:43:42.0675 2724  [ 4AFD66AAE74FFB5986BC240744DC5FC9 ] swenum          C:\Windows\System32\drivers\swenum.sys
01:43:42.0695 2724  swenum - ok
01:43:42.0735 2724  [ 502F9488540051F3E6C39889ECFA76BB ] swprv           C:\Windows\System32\swprv.dll
01:43:42.0785 2724  swprv - ok
01:43:42.0855 2724  [ A06CB9269D29EE3D0F3F5630ABB660B8 ] SysMain         C:\Windows\system32\sysmain.dll
01:43:42.0955 2724  SysMain - ok
01:43:43.0005 2724  [ 6FB88606C4A71E1BFAF97D63A676C673 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
01:43:43.0025 2724  SystemEventsBroker - ok
01:43:43.0065 2724  [ A6C06C45C44AD06C70AF8899AEC15BDC ] TabletInputService C:\Windows\System32\TabSvc.dll
01:43:43.0085 2724  TabletInputService - ok
01:43:43.0115 2724  [ 88B7721AB551C4325036B25A34A2BF7B ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:43:43.0145 2724  TapiSrv - ok
01:43:43.0265 2724  [ 0D05E0147C1329C53AAF97882DEDD96A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:43:43.0345 2724  Tcpip - ok
01:43:43.0375 2724  [ 0D05E0147C1329C53AAF97882DEDD96A ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:43:43.0435 2724  TCPIP6 - ok
01:43:43.0475 2724  [ 8F2A13A5DF99D72FDDE87F502A66F989 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:43:43.0495 2724  tcpipreg - ok
01:43:43.0515 2724  [ 73DC722CE5DF26D7638CE2446F2655C7 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:43:43.0545 2724  tdx - ok
01:43:43.0625 2724  [ BB676D2C7AD5E7131D12417E4691F9B9 ] Te.Service      C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe
01:43:43.0655 2724  Te.Service ( UnsignedFile.Multi.Generic ) - warning
01:43:43.0655 2724  Te.Service - detected UnsignedFile.Multi.Generic (1)
01:43:43.0675 2724  [ F7C8AB5D8AFFAA318D6A21093D139BF4 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
01:43:43.0695 2724  terminpt - ok
01:43:43.0725 2724  [ 541EE228D0DEF392F7B2DFD885DD021B ] TermService     C:\Windows\System32\termsrv.dll
01:43:43.0765 2724  TermService - ok
01:43:43.0805 2724  [ 519A6F672FFF56B7D8EE8C730CEC8ECD ] Themes          C:\Windows\system32\themeservice.dll
01:43:43.0825 2724  Themes - ok
01:43:43.0855 2724  [ EEE908BE7143FCA48CF0CB87214E2AB8 ] THREADORDER     C:\Windows\system32\mmcss.dll
01:43:43.0865 2724  THREADORDER - ok
01:43:43.0905 2724  [ 4515B9E4140F04FB3907692DF89FCA87 ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
01:43:43.0945 2724  TimeBroker - ok
01:43:43.0975 2724  [ 6F0BFF80EE2A5BC841286A51F893CBAD ] TPM             C:\Windows\system32\drivers\tpm.sys
01:43:43.0995 2724  TPM - ok
01:43:44.0025 2724  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA ] TrkWks          C:\Windows\System32\trkwks.dll
01:43:44.0055 2724  TrkWks - ok
01:43:44.0115 2724  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:43:44.0135 2724  TrustedInstaller - ok
01:43:44.0165 2724  [ 4E7C5FB10A50435523DE0CAA37DE2BD3 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:43:44.0185 2724  TsUsbFlt - ok
01:43:44.0205 2724  [ 16D684A820872EE54F6370703AC0B513 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
01:43:44.0235 2724  TsUsbGD - ok
01:43:44.0265 2724  [ 78C9EE193AC2B4CBDBC48B620314D740 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:43:44.0285 2724  tunnel - ok
01:43:44.0305 2724  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:43:44.0315 2724  uagp35 - ok
01:43:44.0335 2724  [ 6FD6D03B7752C78712E5CFF29A305026 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
01:43:44.0355 2724  UASPStor - ok
01:43:44.0395 2724  [ 4834158B8D06A153FADAB6B85320FBBE ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
01:43:44.0415 2724  UCX01000 - ok
01:43:44.0445 2724  [ DC5A461591C71AF7F19DC048A81E3F88 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:43:44.0475 2724  udfs - ok
01:43:44.0505 2724  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:43:44.0545 2724  UI0Detect - ok
01:43:44.0565 2724  [ 07FEBCDF24FABA0D47B635D85A0FFB7A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:43:44.0575 2724  uliagpkx - ok
01:43:44.0595 2724  [ 02CEB3FE6152668A7BA420B93B664860 ] umbus           C:\Windows\System32\drivers\umbus.sys
01:43:44.0625 2724  umbus - ok
01:43:44.0645 2724  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09 ] UmPass          C:\Windows\System32\drivers\umpass.sys
01:43:44.0675 2724  UmPass - ok
01:43:44.0715 2724  [ 43FEFB040A0CC30F795FBF544169594D ] UmRdpService    C:\Windows\System32\umrdp.dll
01:43:44.0755 2724  UmRdpService - ok
01:43:44.0805 2724  [ 14D22C411854AA2560AFC94CD2D5E61F ] upnphost        C:\Windows\System32\upnphost.dll
01:43:44.0835 2724  upnphost - ok
01:43:44.0855 2724  [ 2AF9F0E16D75B8F783A1ACE74EF51C9B ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
01:43:44.0885 2724  usbccgp - ok
01:43:44.0895 2724  [ B395B62B62F28106218FA6FB17F4C797 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
01:43:44.0925 2724  usbcir - ok
01:43:44.0965 2724  [ 52F267AEE8CA5AA5CEB88C6A71EE1E86 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
01:43:44.0975 2724  usbehci - ok
01:43:45.0025 2724  [ ADBF89B8E0BB372FEFE2E4B84E1E20AE ] usbhub          C:\Windows\System32\drivers\usbhub.sys
01:43:45.0055 2724  usbhub - ok
01:43:45.0105 2724  [ EA040D4C6C94F315A85F3D0EAA884B37 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
01:43:45.0135 2724  USBHUB3 - ok
01:43:45.0175 2724  [ 325F6179009B5A7F6118951A5BA422AB ] usbohci         C:\Windows\System32\drivers\usbohci.sys
01:43:45.0205 2724  usbohci - ok
01:43:45.0235 2724  [ BA3ABE0CD1C14B3295BAD0F076B84CAC ] usbprint        C:\Windows\System32\drivers\usbprint.sys
01:43:45.0245 2724  usbprint - ok
01:43:45.0295 2724  [ A9858597B6DB695F78A37F6755A6FF98 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
01:43:45.0315 2724  usbscan - ok
01:43:45.0345 2724  [ F77177F6C95B2116EE7AD23B5EF57007 ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
01:43:45.0365 2724  USBSTOR - ok
01:43:45.0385 2724  [ D25EF4A6EC244C5DE85D88A05B7C149D ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
01:43:45.0415 2724  usbuhci - ok
01:43:45.0455 2724  [ 1ADCF0A490C2845637B334626669CD6F ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
01:43:45.0485 2724  USBXHCI - ok
01:43:45.0505 2724  [ F702AB6181513303AB0FC8D59E52708B ] VaultSvc        C:\Windows\system32\lsass.exe
01:43:45.0525 2724  VaultSvc - ok
01:43:45.0545 2724  [ BACECBFF9C97F7627A60B0E0F1FE7EE8 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:43:45.0555 2724  vdrvroot - ok
01:43:45.0595 2724  [ 1B4488988E5E7512E6C5CD1255E9E973 ] vds             C:\Windows\System32\vds.exe
01:43:45.0635 2724  vds - ok
01:43:45.0655 2724  [ 74FA2D4368DE6F6CE14393EDF1F342BE ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
01:43:45.0675 2724  VerifierExt - ok
01:43:45.0705 2724  [ 500BE6B2E49883720D0AE8BB859ED7A3 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
01:43:45.0745 2724  vhdmp - ok
01:43:45.0785 2724  [ F5B4A14B00E89250C50982AC762DDD1D ] viaide          C:\Windows\system32\drivers\viaide.sys
01:43:45.0795 2724  viaide - ok
01:43:45.0815 2724  [ 0E43886F01C85B47BA0A3157274BCF59 ] Vid             C:\Windows\System32\drivers\Vid.sys
01:43:45.0845 2724  Vid - ok
01:43:45.0905 2724  [ A942813405C51998DD2C2B86A08394D5 ] VMAuthdService  C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
01:43:45.0945 2724  VMAuthdService ( UnsignedFile.Multi.Generic ) - warning
01:43:45.0945 2724  VMAuthdService - detected UnsignedFile.Multi.Generic (1)
01:43:45.0965 2724  [ 78DB50F7329F6D1311658DABFFFC8BE0 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
01:43:45.0985 2724  vmbus - ok
01:43:45.0995 2724  [ ECFEE2F2BA3932C7880D1A8F67D68F91 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
01:43:46.0015 2724  VMBusHID - ok
01:43:46.0045 2724  [ B4F432A51826FFC66F4DF72A83E8E4B1 ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
01:43:46.0055 2724  vmbusr - ok
01:43:46.0095 2724  [ 6203C901DEFF10631AAD919B3BD1489B ] vmci            C:\Windows\system32\drivers\vmci.sys
01:43:46.0105 2724  vmci - ok
01:43:46.0135 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
01:43:46.0155 2724  vmicheartbeat - ok
01:43:46.0165 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
01:43:46.0185 2724  vmickvpexchange - ok
01:43:46.0195 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicrdv         C:\Windows\System32\ICSvc.dll
01:43:46.0215 2724  vmicrdv - ok
01:43:46.0235 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
01:43:46.0255 2724  vmicshutdown - ok
01:43:46.0265 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmictimesync    C:\Windows\System32\ICSvc.dll
01:43:46.0285 2724  vmictimesync - ok
01:43:46.0305 2724  [ B8FF4248103E6EA47B9D85C55673ABA3 ] vmicvss         C:\Windows\System32\ICSvc.dll
01:43:46.0315 2724  vmicvss - ok
01:43:46.0335 2724  [ DE8F365C4C038AFE02F6E3B18ECAED33 ] vmkbd           C:\Windows\system32\drivers\VMkbd.sys
01:43:46.0345 2724  vmkbd - ok
01:43:46.0375 2724  [ AEF53B47E960F227BF7638A6A1A9D5C6 ] VMnetAdapter    C:\Windows\system32\DRIVERS\vmnetadapter.sys
01:43:46.0385 2724  VMnetAdapter - ok
01:43:46.0395 2724  [ C234A1DC2F06A15B9210787F54253810 ] VMnetBridge     C:\Windows\system32\DRIVERS\vmnetbridge.sys
01:43:46.0405 2724  VMnetBridge - ok
01:43:46.0405 2724  VMnetDHCP - ok
01:43:46.0425 2724  [ 36EDBFE2C2405081620ADEF7B691ED89 ] VMnetuserif     C:\Windows\system32\drivers\vmnetuserif.sys
01:43:46.0435 2724  VMnetuserif - ok
01:43:46.0455 2724  [ 55D5AFEB5FE5F3B111317A421E5F3666 ] VMparport       C:\Windows\system32\drivers\VMparport.sys
01:43:46.0465 2724  VMparport - ok
01:43:46.0495 2724  [ 415B167695C4B5960A13098622EF3D80 ] vmusb           C:\Windows\System32\Drivers\vmusb.sys
01:43:46.0505 2724  vmusb - ok
01:43:46.0555 2724  [ B55A8DADA1D825B73C811101B06E012F ] VMUSBArbService C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
01:43:46.0585 2724  VMUSBArbService - ok
01:43:46.0595 2724  VMware NAT Service - ok
01:43:46.0615 2724  [ 0E6ACC0257C6EFBB41E9FF4CD2A88B7F ] vmx86           C:\Windows\system32\drivers\vmx86.sys
01:43:46.0625 2724  vmx86 - ok
01:43:46.0635 2724  [ CB60FAAED8B49B812EBBF77EB87D9B18 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:43:46.0655 2724  volmgr - ok
01:43:46.0685 2724  [ A74101DA9809251BCD0E5A26BAE0F824 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:43:46.0715 2724  volmgrx - ok
01:43:46.0765 2724  [ 78A5BBA3819FFFC62FFEC3E2220D102D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:43:46.0785 2724  volsnap - ok
01:43:46.0805 2724  [ A8DA1C1B52ECEA3726DEBED4FF1B700D ] vpci            C:\Windows\System32\drivers\vpci.sys
01:43:46.0815 2724  vpci - ok
01:43:46.0835 2724  [ 0190AFFF28F600461C0164353CC7EE27 ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
01:43:46.0865 2724  vpcivsp - ok
01:43:46.0885 2724  [ 38A60CD9C009C55C6D3B5586F8E6A353 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
01:43:46.0905 2724  vsmraid - ok
01:43:46.0925 2724  [ EF1E48D431223F670CFFD6169B1A136F ] vsock           C:\Windows\system32\drivers\vsock.sys
01:43:46.0935 2724  vsock - ok
01:43:47.0005 2724  [ D0C69E44BC1E1D4AD290FD84104623D8 ] VSS             C:\Windows\system32\vssvc.exe
01:43:47.0045 2724  VSS - ok
01:43:47.0065 2724  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
01:43:47.0095 2724  VSTXRAID - ok
01:43:47.0115 2724  [ 62460A45435A26A334907E3F2EA45611 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:43:47.0135 2724  vwifibus - ok
01:43:47.0245 2724  [ F690B6EEAA94576727B24376D7ED3601 ] W32Time         C:\Windows\system32\w32time.dll
01:43:47.0285 2724  W32Time - ok
01:43:47.0305 2724  [ 6B806E893714019969E2B50D7EF6A4D9 ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
01:43:47.0335 2724  WacomPen - ok
01:43:47.0365 2724  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
01:43:47.0405 2724  Wanarp - ok
01:43:47.0415 2724  [ 61F6972FF9AC9A8D0B4D62076DC30051 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:43:47.0435 2724  Wanarpv6 - ok
01:43:47.0495 2724  [ 42DF22F8C448E7CD219F6D63743505E2 ] wbengine        C:\Windows\system32\wbengine.exe
01:43:47.0555 2724  wbengine - ok
01:43:47.0595 2724  [ 31D37B2F6069C631EF0557D322924812 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:43:47.0615 2724  WbioSrvc - ok
01:43:47.0645 2724  [ D9C1E82651BF19C6FF69CEC6FD400124 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
01:43:47.0665 2724  Wcmsvc - ok
01:43:47.0715 2724  [ 5B5FEAB51172F5513C2CF7B39CFA6A01 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:43:47.0745 2724  wcncsvc - ok
01:43:47.0785 2724  [ E19556D414332E2BEBA1F368229006B4 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:43:47.0805 2724  WcsPlugInService - ok
01:43:47.0835 2724  [ B3A4D918DAB90505B6BC7B70632913CB ] Wd              C:\Windows\system32\drivers\wd.sys
01:43:47.0845 2724  Wd - ok
01:43:47.0885 2724  [ 6F4B5DDDC3B86091E94BC47347A78AF7 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
01:43:47.0895 2724  WdBoot - ok
01:43:47.0945 2724  [ 2ADC985B85A71BD7D99712EC0C24358B ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:43:47.0975 2724  Wdf01000 - ok
01:43:48.0015 2724  [ 99D404A9A0AFC4734E014EBEBAC13F8F ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
01:43:48.0035 2724  WdFilter - ok
01:43:48.0065 2724  [ 240FC332484572227CD1DF82407F33E5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:43:48.0085 2724  WdiServiceHost - ok
01:43:48.0095 2724  [ 240FC332484572227CD1DF82407F33E5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:43:48.0115 2724  WdiSystemHost - ok
01:43:48.0155 2724  [ F2002DA5E6B78C15B2CD48CFF8F0FBB6 ] WebClient       C:\Windows\System32\webclnt.dll
01:43:48.0195 2724  WebClient - ok
01:43:48.0215 2724  [ 35FD720943D4FCD75C3275BF062FF140 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:43:48.0255 2724  Wecsvc - ok
01:43:48.0285 2724  [ 4D2612E3C462B68F499D840B1133263E ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:43:48.0315 2724  wercplsupport - ok
01:43:48.0355 2724  [ 5F70EBFC1F75B487DE79501E3CCBDB54 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:43:48.0395 2724  WerSvc - ok
01:43:48.0435 2724  [ FE762D3498719C3A23471BBA62F747B4 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
01:43:48.0445 2724  WFPLWFS - ok
01:43:48.0475 2724  [ 60E0C220593DA4F7C289CB909D2DBAE0 ] WiaRpc          C:\Windows\System32\wiarpc.dll
01:43:48.0505 2724  WiaRpc - ok
01:43:48.0525 2724  [ A3C7624A42A3447EF5EDD1ED37FE4E60 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:43:48.0535 2724  WIMMount - ok
01:43:48.0565 2724  WinDefend - ok
01:43:48.0615 2724  [ 7911470B6018059A880469A63B65700A ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
01:43:48.0665 2724  WinHttpAutoProxySvc - ok
01:43:48.0715 2724  [ 3D6B518B71C75C8FA4115A33615C107A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:43:48.0735 2724  Winmgmt - ok
01:43:48.0815 2724  [ 8E212A627F33F6FC3B5F3BB47212F66E ] WinRM           C:\Windows\system32\WsmSvc.dll
01:43:48.0885 2724  WinRM - ok
01:43:48.0935 2724  [ 6351724B8FA0255C2DBD970297F00B93 ] WlanSvc         C:\Windows\System32\wlansvc.dll
01:43:48.0985 2724  WlanSvc - ok
01:43:49.0055 2724  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B ] wlidsvc         C:\Windows\system32\wlidsvc.dll
01:43:49.0115 2724  wlidsvc - ok
01:43:49.0145 2724  [ E2A596CACFC6504306CDB7B593B90084 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
01:43:49.0155 2724  WmiAcpi - ok
01:43:49.0185 2724  [ D113499052C5E541906B727779F0F959 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:43:49.0205 2724  wmiApSrv - ok
01:43:49.0235 2724  WMPNetworkSvc - ok
01:43:49.0265 2724  [ C6FF953D5D6F2EAE3B8883474D5076B3 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
01:43:49.0285 2724  wpcfltr - ok
01:43:49.0305 2724  [ A6ED163169876BFD2437E872FE2F1509 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:43:49.0335 2724  WPCSvc - ok
01:43:49.0365 2724  [ 3013658A4D327854BEEC4A08D9655194 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:43:49.0395 2724  WPDBusEnum - ok
01:43:49.0415 2724  [ 0346CAFC181C91C6E2330332EB332ED6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
01:43:49.0445 2724  WpdUpFltr - ok
01:43:49.0475 2724  [ BC8B5CB336E63BB25EAD1CE8EDD34B81 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:43:49.0495 2724  ws2ifsl - ok
01:43:49.0535 2724  [ 012CFE7F0F95266F554EE3B91EE2128A ] wscsvc          C:\Windows\System32\wscsvc.dll
01:43:49.0545 2724  wscsvc - ok
01:43:49.0555 2724  WSearch - ok
01:43:49.0635 2724  [ C10BFFEE7E0D7A1366E84F251796C51D ] WSService       C:\Windows\System32\WSService.dll
01:43:49.0715 2724  WSService - ok
01:43:49.0825 2724  [ BE302BABE45EC05995F8DC66E37BBB3D ] wuauserv        C:\Windows\system32\wuaueng.dll
01:43:49.0915 2724  wuauserv - ok
01:43:49.0955 2724  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:43:49.0985 2724  WudfPf - ok
01:43:50.0005 2724  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
01:43:50.0015 2724  WUDFRd - ok
01:43:50.0025 2724  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
01:43:50.0045 2724  WUDFSensorLP - ok
01:43:50.0075 2724  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:43:50.0115 2724  wudfsvc - ok
01:43:50.0125 2724  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
01:43:50.0135 2724  WUDFWpdFs - ok
01:43:50.0185 2724  [ FBB9B00D7A5756B0AA8E10BF7619E604 ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:43:50.0215 2724  WwanSvc - ok
01:43:50.0255 2724  ================ Scan global ===============================
01:43:50.0305 2724  [ DDC1AFBF9DDF880CE9BD3896114D8DED ] C:\Windows\system32\basesrv.dll
01:43:50.0325 2724  [ E9343076AE704D20BB0D01F3AF3EFFEF ] C:\Windows\system32\winsrv.dll
01:43:50.0345 2724  [ BD7C6949984D19AAA609896B675E7357 ] C:\Windows\system32\sxssrv.dll
01:43:50.0385 2724  [ 8F226143046435C75C033B0C52E90FFE ] C:\Windows\system32\services.exe
01:43:50.0395 2724  [Global] - ok
01:43:50.0395 2724  ================ Scan MBR ==================================
01:43:50.0415 2724  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
01:43:50.0725 2724  \Device\Harddisk1\DR1 - ok
01:43:50.0765 2724  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
01:43:51.0055 2724  \Device\Harddisk0\DR0 - ok
01:43:51.0055 2724  ================ Scan VBR ==================================
01:43:51.0065 2724  [ C500D789C916B94A9547DE4032FEB4D2 ] \Device\Harddisk1\DR1\Partition1
01:43:51.0065 2724  \Device\Harddisk1\DR1\Partition1 - ok
01:43:51.0085 2724  [ EC03346EC4EF3C1ABE056ACC13E5A6A1 ] \Device\Harddisk1\DR1\Partition2
01:43:51.0085 2724  \Device\Harddisk1\DR1\Partition2 - ok
01:43:51.0105 2724  [ D71CD7BF88C03594D1CE12E523966CDC ] \Device\Harddisk1\DR1\Partition3
01:43:51.0115 2724  \Device\Harddisk1\DR1\Partition3 - ok
01:43:51.0125 2724  [ 049327D02C37AB22D9D19E20AF1CCD4F ] \Device\Harddisk1\DR1\Partition4
01:43:51.0135 2724  \Device\Harddisk1\DR1\Partition4 - ok
01:43:51.0195 2724  [ 770033275B056C4025CAC50D54A14FD9 ] \Device\Harddisk0\DR0\Partition1
01:43:51.0195 2724  \Device\Harddisk0\DR0\Partition1 - ok
01:43:51.0215 2724  [ 491508800FF1D8C254AEDD5908F4BD29 ] \Device\Harddisk0\DR0\Partition2
01:43:51.0215 2724  \Device\Harddisk0\DR0\Partition2 - ok
01:43:51.0245 2724  [ 665E719F8D99EBA02D7E7AB0F5BDC793 ] \Device\Harddisk0\DR0\Partition3
01:43:51.0245 2724  \Device\Harddisk0\DR0\Partition3 - ok
01:43:51.0255 2724  [ 0176D19593A0361CD32DF3421606E45B ] \Device\Harddisk0\DR0\Partition4
01:43:51.0255 2724  \Device\Harddisk0\DR0\Partition4 - ok
01:43:51.0265 2724  ============================================================
01:43:51.0265 2724  Scan finished
01:43:51.0265 2724  ============================================================
01:43:51.0285 5896  Detected object count: 6
01:43:51.0285 5896  Actual detected object count: 6
01:45:06.0727 5896  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0727 5896  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:45:06.0727 5896  fussvc ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0727 5896  fussvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:45:06.0737 5896  Panasonic Local Printer Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0737 5896  Panasonic Local Printer Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:45:06.0737 5896  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0737 5896  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:45:06.0747 5896  Te.Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0747 5896  Te.Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
01:45:06.0747 5896  VMAuthdService ( UnsignedFile.Multi.Generic ) - skipped by user
01:45:06.0747 5896  VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Skip

cosinus · 19.07.2013, 14:53

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit OTL bitte:

Doppelklick auf die OTL.exe
Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
Setze oben mittig den Haken bei Scanne alle Benutzer
Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
Unter Extra Registry, wähle bitte Use SafeList
Klicke nun auf Run Scan links oben
Wenn der Scan beendet wurde werden 2 Logfiles erstellt
Poste die Logfiles in CODE-Tags hier in den Thread.

MarieJo · 23.07.2013, 18:43

Anbei die weiteren Logfiles:

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by J”rg on 23.07.2013 at 19:01:08,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\appid\{c26644c4-2a12-4ca6-8f2e-0ede6cf018f3}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Failed to delete: [Registry Key] HKEY_CURRENT_USER\Software\datamngr_toolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\delta ltd
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\blekko toolbars"
Successfully deleted: [Folder] "C:\Users\J”rg\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\J”rg\appdata\locallow\adawaretb"
Successfully deleted: [Folder] "C:\Program Files (x86)\adawaretb"



~~~ FireFox

Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\user.js
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\invalidprefs.js
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\searchplugins\babylon.xml
Successfully deleted: [File] C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\searchplugins\delta.xml
Successfully deleted the following from C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\prefs.js

user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.dfltLng", "de");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.id", "08ccd81d0000000000000019db4de425");
user_pref("extensions.delta.instlDay", "15884");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.21.5");
user_pref("extensions.delta.vrsnTs", "1.8.21.51:45:01");
user_pref("extensions.delta.vrsni", "1.8.21.5");
user_pref("extensions.delta_i.babExt", "");
user_pref("extensions.delta_i.babTrack", "affID=121562&tt=250613_gr3&tsp=4927");
user_pref("extensions.delta_i.srcExt", "ss");
Emptied folder: C:\Users\J”rg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\minidumps [153 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.07.2013 at 19:06:16,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 23/07/2013 um 19:10:05 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center  (64 bits)
# Benutzer : Jörg - HAUPTRECHNER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jörg\Desktop\adwcleaner(1).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5be8d8ae034ed15

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\i3zbyxt5.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Jörg\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R2].txt - [1436 octets] - [23/07/2013 19:09:19]
AdwCleaner[S1].txt - [5128 octets] - [30/05/2013 19:58:39]
AdwCleaner[S2].txt - [1369 octets] - [23/07/2013 19:10:05]

########## EOF - C:\AdwCleaner[S2].txt - [1429 octets] ##########

Code:

ATTFilter

OTL logfile created on: 23.07.2013 19:21:57 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jörg\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,68 Gb Available Physical Memory | 78,01% Memory free
6,94 Gb Paging File | 5,51 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,08 Gb Total Space | 28,04 Gb Free Space | 29,19% Space Free | Partition Type: NTFS
Drive D: | 31,07 Gb Total Space | 3,29 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 10,10 Gb Total Space | 10,01 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Drive F: | 95,93 Gb Total Space | 72,36 Gb Free Space | 75,43% Space Free | Partition Type: NTFS
Drive G: | 9,77 Gb Total Space | 1,88 Gb Free Space | 19,30% Space Free | Partition Type: NTFS
Drive H: | 95,97 Gb Total Space | 36,45 Gb Free Space | 37,98% Space Free | Partition Type: NTFS
Drive I: | 30,73 Gb Total Space | 4,67 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive M: | 96,12 Gb Total Space | 8,57 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
 
Computer Name: HAUPTRECHNER | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Jörg\Desktop\OTL(1).exe (OldTimer Tools)
PRC - C:\Users\Jörg\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - F:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
PRC - C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe (Panasonic System Networks Co., Ltd.   )
PRC - C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe (Panasonic System Networks Co., Ltd.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (AtherosSvc) -- C:\Windows\SysNative\AdminService.exe (Atheros Commnucations)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (VMnetDHCP) -- C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.)
SRV - (VMware NAT Service) -- C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.)
SRV - (VMAuthdService) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe (VMware, Inc.)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (VMUSBArbService) -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe (VMware, Inc.)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (Panasonic Local Printer Service) -- C:\PROGRA~2\PANASO~1\LocalCom\lmsrvnt.exe (Panasonic System Networks Co., Ltd.)
SRV - (SandraAgentSrv) -- f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\RpcAgentSrv.exe (SiSoftware)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (gfibto) -- C:\Windows\SysNative\Drivers\gfibto.sys (GFI Software)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (gfiark) -- C:\Windows\SysNative\Drivers\gfiark.sys (ThreatTrack Security)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\Drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (VMparport) -- C:\Windows\SysNative\Drivers\VMparport.sys (VMware, Inc.)
DRV:64bit: - (vmx86) -- C:\Windows\SysNative\Drivers\vmx86.sys (VMware, Inc.)
DRV:64bit: - (VMnetuserif) -- C:\Windows\SysNative\Drivers\vmnetuserif.sys (VMware, Inc.)
DRV:64bit: - (VMnetBridge) -- C:\Windows\SysNative\Drivers\vmnetbridge.sys (VMware, Inc.)
DRV:64bit: - (VMnetAdapter) -- C:\Windows\SysNative\Drivers\vmnetadapter.sys (VMware, Inc.)
DRV:64bit: - (vmkbd) -- C:\Windows\SysNative\Drivers\VMkbd.sys (VMware, Inc.)
DRV:64bit: - (hcw88vid) -- C:\Windows\SysNative\Drivers\hcw88vid.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (HCW88TSE) -- C:\Windows\SysNative\Drivers\hcw88tse.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (hcw88bda) -- C:\Windows\SysNative\Drivers\hcw88bda.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (HCW88XBAR) -- C:\Windows\SysNative\Drivers\hcw88bar.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (HCW88AUD) -- C:\Windows\SysNative\Drivers\hcw88aud.sys (Hauppauge Computer Works, Inc)
DRV:64bit: - (hcw88rc5) -- C:\Windows\SysNative\Drivers\hcw88rc5.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (vsock) -- C:\Windows\SysNative\Drivers\vsock.sys (VMware, Inc.)
DRV:64bit: - (vmci) -- C:\Windows\SysNative\Drivers\vmci.sys (VMware, Inc.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (hcmon) -- C:\Windows\SysNative\Drivers\hcmon.sys (VMware, Inc.)
DRV:64bit: - (vmusb) -- C:\Windows\SysNative\Drivers\vmusb.sys (VMware, Inc.)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (AthDfu) -- C:\Windows\SysNative\Drivers\AthDfu.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\Drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\Drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\Drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\Drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\Drivers\Rt630x64.sys (Realtek                                            )
DRV - (SANDRA) -- f:\Program Files\SiSoftware\SiSoftware Sandra Lite 2013.SP2\WNt500x64\sandra.sys (SiSoftware)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 31 6E 16 66 0C 60 CA 01  [binary data]
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.de/search?q={searchTerms}
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = 84.72.71.92:80
 
IE - HKU\S-1-5-21-1080299906-672912975-2251274181-1004\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7Be001c731-5e37-4538-a5cb-8168736a2360%7D:0.9.9.119
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jörg\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jörg\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.10.31 01:47:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Extensions
[2013.07.16 00:05:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions
[2013.07.16 00:05:27 | 000,000,000 | ---D | M] (Bitdefender QuickScan) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}
[2012.11.03 14:13:29 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Jörg\AppData\Roaming\mozilla\Firefox\Profiles\i3zbyxt5.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2013.07.02 13:52:42 | 000,699,333 | ---- | M] () (No name found) -- C:\Users\Jörg\AppData\Roaming\mozilla\firefox\profiles\i3zbyxt5.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi
[2013.07.13 00:38:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.07.13 00:38:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\JÃ¶RG\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\I3ZBYXT5.DEFAULT\EXTENSIONS\{E001C731-5E37-4538-A5CB-8168736A2360}
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://paules-pc-forum.de/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\J\u00F6rg\AppData\Local\Google\Chrome\Application\28.0.1500.72\pdf.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Jrg\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
CHR - Extension: Google Drive = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Mail = C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4 - HKLM..\Run: [Panasonic Device Manager for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\PCCMFSDM.exe (Panasonic System Networks Co., Ltd.   )
O4 - HKLM..\Run: [Panasonic PCFAX for Multi-Function Station software] C:\Program Files (x86)\Panasonic\MFStation\KmPcFax.exe (Panasonic System Networks Co., Ltd.   )
O4 - HKLM..\Run: [PDFPrint] f:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001..\Run: [SkyDrive] C:\Users\Jörg\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000012 - C:\Windows\SysNative\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\SysWOW64\vsocklib.dll (VMware, Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: elsteronline.de ([www] https in Trusted sites)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-clip.de ([]* in Local intranet)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-clip.de ([www] http in Trusted sites)
O15 - HKU\S-1-5-21-1080299906-672912975-2251274181-1001\..Trusted Domains: ms-communities.de ([]* in Local intranet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3682892E-15E3-424C-8968-033324A82FE8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [1999.10.29 22:28:02 | 000,000,037 | ---- | M] () - M:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.23 19:18:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL(1).exe
[2013.07.23 19:01:04 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.23 18:59:57 | 000,560,934 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\Jörg\Desktop\JRT.exe
[2013.07.20 21:30:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2013.07.17 19:24:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2013.07.17 00:08:38 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dwmcore.dll
[2013.07.17 00:08:36 | 006,987,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.07.17 00:08:36 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\explorer.exe
[2013.07.17 00:08:36 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\explorer.exe
[2013.07.17 00:08:36 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dwmcore.dll
[2013.07.17 00:08:35 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfcore.dll
[2013.07.17 00:08:35 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samsrv.dll
[2013.07.17 00:08:34 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfcore.dll
[2013.07.17 00:08:34 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.efi
[2013.07.17 00:08:34 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winload.exe
[2013.07.17 00:08:31 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.efi
[2013.07.17 00:08:31 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winresume.exe
[2013.07.17 00:08:31 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsGdiConverter.dll
[2013.07.17 00:08:30 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mfasfsrcsnk.dll
[2013.07.17 00:08:30 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mscms.dll
[2013.07.17 00:08:30 | 000,364,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsGdiConverter.dll
[2013.07.17 00:08:29 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfasfsrcsnk.dll
[2013.07.17 00:08:29 | 000,213,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\UCX01000.SYS
[2013.07.17 00:08:29 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\samlib.dll
[2013.07.17 00:08:28 | 000,337,152 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBXHCI.SYS
[2013.07.17 00:08:28 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DeviceSetupManager.dll
[2013.07.17 00:08:28 | 000,194,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\sdbus.sys
[2013.07.17 00:08:28 | 000,125,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dumpsd.sys
[2013.07.17 00:08:28 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MbaeParserTask.exe
[2013.07.17 00:08:27 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vdsutil.dll
[2013.07.17 00:08:27 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2013.07.16 00:05:33 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\QuickScan
[2013.07.13 00:38:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.07.12 22:19:09 | 000,160,256 | ---- | C] (Prolific Technology Inc.) -- C:\Windows\SysNative\drivers\ser2pl64.sys
[2013.07.12 22:18:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChipySuite
[2013.07.12 22:18:08 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapisbp_s.dll
[2013.07.12 22:18:08 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapisbp_s.dll
[2013.07.12 22:18:08 | 000,016,128 | ---- | C] (Becker & Partner) -- C:\Windows\SysWow64\drivers\chpy_ii.sys
[2013.07.12 22:18:08 | 000,009,896 | ---- | C] (Becker & Partner GmbH, Aachen, Germany) -- C:\Windows\SysWow64\drivers\chipyubp.sys
[2013.07.12 22:18:07 | 000,090,112 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapisbp.dll
[2013.07.12 22:18:07 | 000,090,112 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapisbp.dll
[2013.07.12 22:18:07 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctap_ii.dll
[2013.07.12 22:18:07 | 000,086,016 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctap_ii.dll
[2013.07.12 22:18:07 | 000,077,824 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\SysWow64\ctapiubp.dll
[2013.07.12 22:18:07 | 000,077,824 | ---- | C] (Becker & Partner GmbH) -- C:\Windows\ctapiubp.dll
[2013.07.12 22:18:01 | 000,000,000 | ---D | C] -- C:\ProgramData\SIMcrypt
[2013.07.10 12:01:42 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\DWrite.dll
[2013.07.10 12:01:10 | 000,595,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qedit.dll
[2013.07.10 12:01:10 | 000,496,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qedit.dll
[2013.07.10 12:00:28 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.07.10 12:00:24 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.07.10 12:00:23 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.07.10 12:00:22 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.07.10 12:00:22 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.07.10 12:00:03 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WMVDECOD.DLL
[2013.07.10 12:00:02 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WMVDECOD.DLL
[2013.07.06 12:55:17 | 000,000,000 | -H-D | C] -- C:\SkyDriveTemp
[2013.07.04 15:35:28 | 000,039,504 | ---- | C] (ThreatTrack Security) -- C:\Windows\SysNative\drivers\gfiark.sys
[2013.07.04 14:32:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus
[2013.07.04 14:29:48 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\LavasoftStatistics
[2013.07.04 14:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft
[2013.07.04 14:20:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus
[2013.07.04 14:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations
[2013.07.04 14:20:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner
[2013.07.04 14:18:41 | 000,014,456 | ---- | C] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.07.04 14:18:39 | 000,000,000 | ---D | C] -- C:\Users\Jörg\AppData\Roaming\Ad-Aware Antivirus
[2013.07.03 23:03:25 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tssdisai.dll
[2013.06.29 02:03:10 | 000,000,000 | ---D | C] -- C:\Users\Jörg\Desktop\Texte
[2013.06.29 01:09:05 | 000,000,000 | ---D | C] -- C:\PPF_Scan2
[2013.06.25 12:18:48 | 000,263,592 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.25 12:18:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.25 12:18:46 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.25 12:18:46 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.25 12:18:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.23 19:23:02 | 000,001,142 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1080299906-672912975-2251274181-1001UA.job
[2013.07.23 19:18:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jörg\Desktop\OTL(1).exe
[2013.07.23 19:18:03 | 001,762,134 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.23 19:18:03 | 000,758,086 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.23 19:18:03 | 000,715,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.23 19:18:03 | 000,157,840 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.23 19:18:03 | 000,134,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.23 19:15:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.23 19:13:04 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.07.23 19:12:53 | 858,509,311 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.23 19:08:21 | 000,666,633 | ---- | M] () -- C:\Users\Jörg\Desktop\adwcleaner(1).exe
[2013.07.23 18:59:41 | 000,560,934 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\Jörg\Desktop\JRT.exe
[2013.07.23 18:54:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.22 11:23:42 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1080299906-672912975-2251274181-1001Core.job
[2013.07.17 22:51:23 | 000,434,552 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.15 20:48:59 | 000,005,632 | ---- | M] () -- C:\Users\Jörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.07.13 00:38:36 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | M] () -- C:\Users\Public\Desktop\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,866 | ---- | M] () -- C:\Users\Public\Desktop\SIMcrypt© (Pass + PIN).lnk
[2013.07.10 02:47:47 | 000,003,029 | ---- | M] () -- C:\Users\Jörg\Desktop\Microsoft Word 2010.lnk
[2013.07.04 14:18:40 | 000,014,456 | ---- | M] (GFI Software) -- C:\Windows\SysNative\drivers\gfibto.sys
[2013.07.02 12:29:54 | 000,029,362 | ---- | M] () -- C:\Users\Jörg\Documents\bookmarks.html
[2013.06.28 00:04:51 | 000,693,112 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.28 00:04:51 | 000,078,200 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.25 12:18:40 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.06.25 12:18:37 | 000,263,592 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.06.25 12:18:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.06.25 12:18:37 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.06.25 12:18:36 | 000,867,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.06.25 12:18:36 | 000,789,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
 
========== Files Created - No Company Name ==========
 
[2013.07.23 19:08:34 | 000,666,633 | ---- | C] () -- C:\Users\Jörg\Desktop\adwcleaner(1).exe
[2013.07.17 22:51:09 | 000,434,552 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.17 00:08:38 | 000,386,642 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.07.16 03:13:30 | 000,000,345 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk
[2013.07.13 00:38:36 | 000,001,168 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.07.13 00:38:36 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | C] () -- C:\Users\Public\Desktop\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,882 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SIMcrypt© (PIN).lnk
[2013.07.12 22:18:09 | 000,000,866 | ---- | C] () -- C:\Users\Public\Desktop\SIMcrypt© (Pass + PIN).lnk
[2013.07.10 02:47:47 | 000,003,029 | ---- | C] () -- C:\Users\Jörg\Desktop\Microsoft Word 2010.lnk
[2013.07.02 12:29:54 | 000,029,362 | ---- | C] () -- C:\Users\Jörg\Documents\bookmarks.html
[2013.04.01 20:55:26 | 000,000,022 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\CDBUTLER.INI
[2013.03.27 02:14:22 | 013,217,792 | ---- | C] () -- C:\Users\Jörg\AppData\Roaming\Sandra.mdb
[2013.03.04 01:29:39 | 000,007,597 | ---- | C] () -- C:\Users\Jörg\AppData\Local\resmon.resmoncfg
[2013.02.26 02:12:38 | 000,005,632 | ---- | C] () -- C:\Users\Jörg\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.01.31 22:17:54 | 000,000,008 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012.12.14 14:23:19 | 000,110,080 | ---- | C] () -- C:\Windows\SysWow64\advd.dll
[2012.12.14 14:23:19 | 000,023,040 | ---- | C] () -- C:\Windows\SysWow64\auth.dll
[2012.12.14 14:23:17 | 000,511,488 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012.11.29 00:27:55 | 001,781,088 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.11.15 18:34:22 | 000,000,455 | ---- | C] () -- C:\Users\Jörg\clipdat2.rdf
[2012.11.02 20:37:43 | 000,000,879 | ---- | C] () -- C:\Users\Jörg\AppData\Local\recently-used.xbel
[2012.10.31 14:23:57 | 000,000,241 | ---- | C] () -- C:\Windows\PanaFLB881.ini
[2012.10.31 01:17:56 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
[2013.04.25 23:13:33 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.11.14 19:56:52 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\AceBIT
[2013.07.04 17:35:28 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Ad-Aware Antivirus
[2012.12.20 02:28:34 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Ashampoo
[2012.12.14 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\concept design
[2013.02.03 00:22:54 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Engelmann Media
[2012.11.19 22:26:02 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\ImgBurn
[2012.12.08 14:13:48 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\MAGIX
[2013.06.29 03:44:37 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\NetSpeedMonitor
[2012.12.18 01:56:26 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Opera
[2012.10.31 17:08:12 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Panasonic
[2012.12.16 16:14:58 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\pcvisit Data
[2013.07.23 15:04:45 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\QuickScan
[2013.01.04 13:39:52 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Steganos
[2012.11.30 15:47:13 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\SuperMailer
[2012.11.30 19:15:29 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\SuperMailer-Bounce
[2012.12.14 19:50:02 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Textbausteinverwaltung
[2013.04.05 00:29:00 | 000,000,000 | ---D | M] -- C:\Users\Jörg\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >

Code:

ATTFilter

OTL Extras logfile created on: 23.07.2013 19:21:57 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jörg\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16635)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
6,00 Gb Total Physical Memory | 4,68 Gb Available Physical Memory | 78,01% Memory free
6,94 Gb Paging File | 5,51 Gb Available in Paging File | 79,49% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 96,08 Gb Total Space | 28,04 Gb Free Space | 29,19% Space Free | Partition Type: NTFS
Drive D: | 31,07 Gb Total Space | 3,29 Gb Free Space | 10,59% Space Free | Partition Type: NTFS
Drive E: | 10,10 Gb Total Space | 10,01 Gb Free Space | 99,10% Space Free | Partition Type: NTFS
Drive F: | 95,93 Gb Total Space | 72,36 Gb Free Space | 75,43% Space Free | Partition Type: NTFS
Drive G: | 9,77 Gb Total Space | 1,88 Gb Free Space | 19,30% Space Free | Partition Type: NTFS
Drive H: | 95,97 Gb Total Space | 36,45 Gb Free Space | 37,98% Space Free | Partition Type: NTFS
Drive I: | 30,73 Gb Total Space | 4,67 Gb Free Space | 15,20% Space Free | Partition Type: NTFS
Drive M: | 96,12 Gb Total Space | 8,57 Gb Free Space | 8,92% Space Free | Partition Type: NTFS
 
Computer Name: HAUPTRECHNER | User Name: Jörg | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07E773D5-130C-4D0C-BF38-F9C577E04A0B}" = rport=139 | protocol=6 | dir=out | app=system | 
"{085C8CCA-0623-4A88-AC7C-04738602722F}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{0DA0FEC9-5EFA-42B4-AD4D-F87ECA2B461B}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
"{1EC1AAAD-702F-4AA9-96F3-B3962C409F50}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\vswinexpress.exe | 
"{2E7929E8-E3D8-451D-B3EB-3BC71CA356B7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4E2FE681-2605-4B30-9B6A-9C612B33BCB3}" = lport=137 | protocol=17 | dir=in | app=system | 
"{5FE6DF77-378D-4FC4-9B98-CABCC4ED539D}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{67AED92A-DC3A-44FF-AC03-8BAF0148F015}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{6A474DBF-FBF2-4BDD-A2AC-0F7238645B02}" = lport=138 | protocol=17 | dir=in | app=system | 
"{7AA9B070-4EF6-4DA9-923F-37B11A814239}" = rport=138 | protocol=17 | dir=out | app=system | 
"{80208E25-1904-4F73-8CC7-C67252E5DF69}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{8B20B674-0904-4474-8BB8-99C926491DAD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{9BB047C2-8B99-473A-828D-C19D58D18454}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9D0A6018-6E24-4BBC-B263-BC5BC7C2DD23}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A0258588-2498-4FC5-814A-A996B3B29D42}" = rport=137 | protocol=17 | dir=out | app=system | 
"{A215772C-CA96-49FE-8C20-9878461C9ABF}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A5D5C2FD-B91F-4D6A-9521-2D2B210054EF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{AD82DFA4-468C-4850-AAD3-9FEC162F5887}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{AFF8BEB3-E562-4527-B8DA-D6DBBB5AB989}" = lport=445 | protocol=6 | dir=in | app=system | 
"{B9918E5C-8F13-48A3-BFF1-9070E9402471}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C9138777-9E49-43DD-BD11-95C8B17D95D2}" = lport=139 | protocol=6 | dir=in | app=system | 
"{CB64872A-76E2-4E98-BEDD-77B757130DF1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{D9A04BDC-B5EC-4597-8907-8698A38ABF74}" = rport=445 | protocol=6 | dir=out | app=system | 
"{DD9B2329-B0A5-4A93-8314-BE31D93F643A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{E2D29043-DB95-44AE-AB0B-CC390E689496}" = lport=rpc | protocol=6 | dir=in | app=f:\program files\sisoftware\sisoftware sandra lite 2013.sp2\rpcagentsrv.exe | 
"{E980B198-2280-47B1-9E2F-BCC72492CC75}" = lport=rpc | protocol=6 | dir=in | app=f:\program files\sisoftware\sisoftware sandra lite 2013.sp2\wnt500x64\rpcsandrasrv.exe | 
"{FAA4F5DA-0657-45A4-896C-F8E4A0E127E1}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{FF266CF0-3FC1-4104-9F0A-AD6EF22BF623}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{FF88AA37-7242-4C98-BE74-3892AFF2738D}" = lport=10243 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049323B6-0071-4950-8328-28DC63C6C3FE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{04D7D267-C71F-468D-BB36-04FA8BEA2C5D}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{0B5B72A3-E510-4BF2-AE4F-CFCDF1804B20}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{0D379112-3228-4B74-A54F-44C880FC9233}" = dir=out | name=@{microsoft.bingmaps_1.6.1528.2509_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{0F3F38ED-939D-427E-828C-B4C29047DEE7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{1030FA69-F555-413F-99CF-4B73FB957081}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{103D76D3-6931-45ED-B4BD-C7C87E7878E1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{16A23CFB-D282-4BC5-95F2-8E7CD4B294CD}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{18B6CAB5-F5BA-4EF0-A165-6C09A0B42941}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{1BCA280E-FD6A-415E-A58D-8C47F0B4C7F2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{21B7B54D-50F8-49AC-B1A5-7B5401C730A4}" = protocol=17 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe | 
"{227AF955-0A64-424A-9CD8-1D53C6361BD5}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{243137FB-701B-4FB8-BC01-F1749FB79046}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{2577590B-D2A1-4C96-A1B3-0119B36B665B}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{277199B9-7F42-4191-8685-A4611C455497}" = dir=out | name=pc-welt | 
"{30376A78-B780-41ED-A335-169D855217DF}" = dir=out | name=@{microsoft.zunemusic_1.4.18.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} | 
"{34026252-604C-4736-B72A-E7730B087F03}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{3944DCB5-4388-48B0-9077-7D4ECAD6DD0D}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{3B81EACF-0DD2-46F5-B8E7-A228BEC6E38B}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{3C680A00-1CB4-4D16-B6F8-2D01A9345E7F}" = protocol=6 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe | 
"{3D66C87A-2809-4C7D-9227-AC39BD96E9E4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{3DE96D56-0DF9-4F4E-897C-02081B3C85F1}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{3EBBBD8C-71AD-47EA-9B39-2DEB7A37FC1C}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{4097E910-3A35-4781-9C57-4BA43EAE4EF6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{40AE17D1-8C2D-41CC-8A5E-FF4E76554506}" = dir=out | name=@{microsoft.bingfinance_2.0.0.275_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{43158215-8062-45DF-895C-90E22CDAA3B0}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{48EED416-7738-41CE-AE7B-E4F7FE3AF0F6}" = dir=out | name=@{microsoft.bingnews_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{4950CF40-A35F-4563-9167-5301A3E0D337}" = dir=out | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{4A7DE21B-52F7-49B0-BFE7-681C9AFDD015}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{4B268093-4D16-4E92-BD17-6FDC016F23DD}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"{4FAC4CEA-986F-41F7-9FAC-880BF9285CCF}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{551BA0C4-D830-4C2A-869F-4193813CBCCC}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{553C4BC6-0A39-4FDD-9694-F55647BCA702}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{558E81F1-B4CE-4712-834A-749A04764322}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{56D694CC-939A-4DD8-88DF-CFB2D1A26BDF}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{572A04D5-22FE-4AFC-A4FB-D6E7BDD90AF2}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{59B28AC9-9D44-49D3-BB6B-2B7BD295C5D8}" = dir=out | name=@{pons.wrterbuch_1.5.0.45_neutral__sj9sp7dbkxx8m?ms-resource://pons.wrterbuch/resources/display_name} | 
"{5F05301A-0E39-45AD-9824-5E9EDE967693}" = dir=out | name=onenote | 
"{60075E68-576C-491D-9425-5ECC57228E62}" = dir=out | name=@{microsoft.xboxlivegames_1.3.10.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{6220010E-4A17-4253-B3FF-99DE0556CE1E}" = dir=out | name=@{microsoft.bingweather_2.0.0.288_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{6A34E1ED-63FB-4DBE-AE8A-97E83AC05CC5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{6ABF6817-CE64-407C-891A-A4B24A3803B8}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{6B2A3AC7-6FCF-43BF-9658-270F4C7221B6}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{6CE996AA-EE48-4C44-921F-1A316C417663}" = dir=out | name=meinprospekt | 
"{71358B51-D198-44ED-A85F-18771ED5A0A1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{768D6DF8-FA32-442F-9A27-7B81116D41AD}" = dir=out | name=golem.de | 
"{77186D73-CA76-4C98-9245-DC534C6AAED5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{77A16F8F-C0B8-4BDB-A82A-8A5C78FEA690}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{77F9989B-815A-459E-AF84-09ECF20DAE9F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{781B5763-6103-433E-945B-6F796FBA4BFF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{782C4FD7-A15A-4C4F-9BDF-87F659A5AE51}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{7BA848D6-FD85-49A0-A64C-DFFB601D9EFA}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{7DFC1BB0-C860-495D-A9C3-17F3E23595C8}" = dir=out | name=@{microsoft.bingsports_2.0.0.273_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{807AF245-57FC-47C7-B7EE-F15164C95421}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{84098E63-B92B-48A8-91B1-8E7BB162A04C}" = dir=in | name=@{microsoft.reader_6.2.9200.20623_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{860429BB-325B-4133-B6BF-C65328B09F65}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{8A5C4F13-2900-4D06-9D9F-619E8BBA0947}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{8E7A9994-64F8-4526-B804-2EAFACBBA363}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{8F65E2B5-06B6-475D-8214-5557AADE4050}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{90A1E385-6CBA-41B4-812D-01FC8D95C625}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{94EA154F-CBDF-4C0A-A2C8-7F33AEA08DBC}" = dir=out | name=tv movie | 
"{95CE23E8-F717-4908-A1D4-FFFB7743303A}" = dir=out | name=@{microsoft.zunevideo_1.3.59.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} | 
"{9609B260-C638-4F4F-BF43-E8C25197FD7C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{975934A4-3AB4-466D-888F-615DA3A9ED12}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{9783D627-251D-4FCB-AA12-AF52946527E4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{99148F2C-833E-4EAB-A4A1-C39C5DE9C181}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe | 
"{9B407513-3E80-4534-9374-BE6CC6357551}" = dir=out | name=@{microsoft.bingtravel_2.0.0.274_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{9BBD4AA1-39F9-4F03-8F0D-FD5F399AFFE3}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{9DE03F24-B6E5-466B-AAE5-07A2789F0580}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{A15A2AC0-524C-47FA-8CF5-32E2231BE86D}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{A568E0EA-0B9F-472F-8F3C-5A471DEF2F95}" = protocol=6 | dir=out | app=system | 
"{A59F1B88-6A8D-424F-9B52-F081034B70F2}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A5E54765-5A3E-4750-9FB0-B3E32ED5D5E3}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe | 
"{A6C30298-3D79-42C0-86D1-5960D7CC404F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AA83FDCC-2457-4B17-B1A1-3C1B9D3715A9}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{AB9E9ADC-3C97-4C5A-8C24-2D9F7DA3EFC6}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{ABB1C11C-CF9B-4EE2-B202-BCB03F3A7D23}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{AC75F9E9-52B7-4144-9471-CCAD072B3733}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{AEC34EBF-53B5-48A2-8279-913B7B0EBD13}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{B218F139-AE4A-4594-8DFD-86A0A24481BE}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{B2418367-FBAD-4781-98FA-49E4CD9F3B19}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{B48304CF-FDDD-4A4E-846B-A79E74B0141D}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{B533231D-1492-486A-80B9-54733E674CC0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{BB46D36A-AB38-46C0-AA49-4C17A4FD3D2C}" = dir=in | app=c:\users\jörg\appdata\local\microsoft\skydrive\skydrive.exe | 
"{BC8E9A28-3471-4C49-8E09-D4F74A7E3D1F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BD284910-CE3E-41AB-81BB-68A2E295B9D7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{BD5B6332-70A0-4C19-A887-45F328DA4466}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{C1862248-3660-4F3A-9795-EF281F4D5A2E}" = dir=out | name=fresh paint | 
"{C55340E6-F0EF-4D0D-AAD7-3056193A8E98}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{CC502AFD-88AD-433B-ACB2-112AA0B6CF65}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{CF92720F-18E9-4FC3-9385-3367F31E73B9}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{D0A205AD-6BA4-43BD-8BCB-866520CFCD2D}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{D2DC70F0-9FE8-426D-A574-64375F2A45BE}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{D6681C60-99D3-48EF-ACE7-CEFA4358DFE0}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{D6777485-0B4C-4012-A5C0-BF1AF30B8D93}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2serverlauncher.exe | 
"{D99D8CA7-B4E9-4326-953C-D2FF64C1FF57}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\farcry2.exe | 
"{DB121130-B4DF-4838-8A9A-7037F7F72160}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{DFC356DA-6C11-4047-B06A-98770C828666}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{E1E1FD34-715F-4B03-A090-73D621499E0A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{E5F7A0DE-6961-43EE-BA8B-C8F0D71FF75E}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{EA72D304-8FBA-484D-B505-8A8E024E536F}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{EE4B5054-8450-4F22-AA5B-42B4B89F007F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{F0929F21-C99C-4694-9914-FDAD6CB10A3F}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{F10817BB-1F05-4969-9857-2F89EAE256AB}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{F3A941F9-6931-4922-B08A-493CCAFA53C7}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2editor.exe | 
"{F466F250-2EC9-45D3-8F00-13A5D884CC05}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{F4EE60D1-0DA1-4C86-B003-24EEA7803DF9}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\far cry 2\bin\fc2launcher.exe | 
"{F67C59F9-C6CB-4467-9479-8BB2C492B24F}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{F89E9123-2620-42B5-A1FF-E17DE1690FA6}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{F8EC4E1B-465D-4B2E-AF45-A9F7447FDF67}" = dir=in | name=onenote | 
"{F99FDDE9-96E8-48D3-B190-62C542BA6412}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{FD63F0A9-57D3-4CAC-86CB-34B6A8269CBC}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{0A86AC7F-4CE6-4EE7-8338-8DB931720216}F:\program files (x86)\sopcast\sopcast.exe" = protocol=6 | dir=in | app=f:\program files (x86)\sopcast\sopcast.exe | 
"TCP Query User{570BF824-4D61-4A94-9B1B-884C418FA0AB}F:\program files (x86)\kompass digital map\dkl3d.exe" = protocol=6 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe | 
"TCP Query User{C4AD64E3-2003-4ACE-9369-F9B1DEA4F8C5}F:\program files (x86)\franzis\onlinetv 6\onlinetv.exe" = protocol=6 | dir=in | app=f:\program files (x86)\franzis\onlinetv 6\onlinetv.exe | 
"UDP Query User{3DD4E6F1-7E52-4584-B27A-D243FA1885A9}F:\program files (x86)\franzis\onlinetv 6\onlinetv.exe" = protocol=17 | dir=in | app=f:\program files (x86)\franzis\onlinetv 6\onlinetv.exe | 
"UDP Query User{78B2CD29-26FD-456A-B55A-3D3DC7CE0ACF}F:\program files (x86)\sopcast\sopcast.exe" = protocol=17 | dir=in | app=f:\program files (x86)\sopcast\sopcast.exe | 
"UDP Query User{EF6FAD38-0EBD-4234-BA97-64B2AE88A71D}F:\program files (x86)\kompass digital map\dkl3d.exe" = protocol=17 | dir=in | app=f:\program files (x86)\kompass digital map\dkl3d.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2B997E80-3BEC-3222-9114-98DBE1182B2E}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727
"{2E0C1D31-8FEC-411E-97FB-6E56BD429A98}" = PlayReady PC Runtime amd64
"{3FA063D7-EDC1-AFA8-54AF-0563C7DEE070}" = Windows App Certification Kit Native Components
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"{5EEC477F-8E9B-4420-8829-16E7426227DB}" = Windows Live MIME IFilter
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6F07A6C2-9068-3673-A120-DC10012468C6}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{843AD902-84EA-3CE3-90F3-6866E567427D}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - DEU
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}" = Microsoft SQL Server Compact 4.0 SP1 x64 DEU 
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.97
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1" = SiSoftware Sandra Lite 2013.SP2
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{ED1EBD88-D341-321A-BB22-52D7E703E316}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - DEU
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02213A81-CB13-7262-5ABE-1FFA2C75559F}" = Windows App Certification Kit x64
"{0278602E-1C48-4C63-8599-7520B8700670}" = Microsoft Visual Studio 2012-Vorbereitung
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0EEB6DAC-32D5-4D1A-B795-7023D6AB9F13}" = Blend for Visual Studio 2012 DEU resources
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{14EEBDFB-6217-4F98-8563-8342C42E8571}" = Snagit 11
"{1948E039-EC79-4591-951D-9867A8C14C90}" = Microsoft .NET Framework 4.5 SDK
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1C163D33-33B3-33EB-A617-0D4D852BE8E1}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F8E06E2-BA93-40DC-B183-E024CBD853A8}" = Microsoft Visual C++ 2012 Compilers
"{21DBD5D1-3573-4E2E-9251-CCF2C2E0C4FE}" = WinSurvey 3
"{22C58DA3-FA02-4DD3-8C5B-23570411E95B}" = Windows Live Writer Resources
"{236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25
"{2F73A7B2-E50E-39A6-9ABC-EF89E4C62E36}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
"{4222A6C9-6127-4445-A820-B02ECFD9F407}" = Microsoft NuGet - Visual Studio 2012 Express for Windows 8
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{53DE4FAD-F853-44F3-AC39-AD2940E5DD53}" = Software für Panasonic Multi-Function Station
"{57F20F04-014D-453F-B6A3-AE9485C4DFAB}" = Blend for Visual Studio 2012
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{786C5747-0C40-4930-9AFE-113BCE553101}" = Adobe Stock Photos 1.0
"{7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.2.0
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{89B4532E-19CE-4FA9-9692-10BFD5A38532}" = Visual Studio Extensions for Windows Library for JavaScript
"{8A79E320-5BCA-4A0F-A83B-D2D9783C7D53}" = Microsoft Visual C++ 2012 Compilers - DEU Resources
"{8BAB88C4-5024-3236-84B5-115054CD32B3}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - DEU
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8EA79DBF-D637-448A-89D6-410A087A4493}" = Samsung_MonSetup
"{8EDBA74D-0686-4C99-BFDD-F894678E5101}" = Adobe Common File Installer
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90849941-4C23-3054-B575-3833700DF788}" = Microsoft Help Viewer 2.0 Language Pack - DEU
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"{91B33C97-9E02-D93E-656C-D2D81585F29B}_is1" = Ashampoo Photo Optimizer 5 v.5.3.0
"{9846a706-1070-48d4-9d9a-d5df9dc5fd4b}" = Microsoft Visual Studio Express 2012 für Windows 8 - DEU
"{98B45D1C-6EB1-460D-A87D-2B60678DC105}" = Microsoft .NET Framework 4.5 SDK - DEU Lang Pack
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AD1AEE2A-D9C0-3FAC-8D6B-B5E07B47257B}" = Microsoft Visual C++ 2012 Core Libraries
"{B33EA6ED-6F46-3BE1-98D2-F43D2A82EE39}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer deu Resources
"{B51F97E6-83F3-3B02-8CBB-15F86DFCE1DB}" = Microsoft Visual Studio Express 2012 for Windows 8
"{B74D4E10-6884-0000-0000-000000000101}" = Adobe Bridge 1.0
"{BD87E147-2948-4E49-9FD9-890A4AE4300A}" = Microsoft Visual Studio 2012 Shell-(Mindest)-Ressourcen
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{CCF298AF-9CE1-4B26-B251-486E98A34789}" = Windows 7 USB/DVD Download Tool
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D11F66FF-82B3-DDB8-1146-525370552BE1}" = Windows Software Development Kit for Windows Store Apps
"{D29B0575-C3DE-4746-A893-4FDF0F7D68B2}" = Windows Live Mail
"{D604900F-A275-416C-AF9D-CDEDF58B72DB}" = Windows Live Mail
"{DDC1078D-00E9-CB9D-EA5B-EE695A38D346}" = Windows Runtime Intellisense Content - de-de
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1720628-0F3F-361D-ABF7-AC2E71F74E24}" = Microsoft Visual Studio Express 2012 für Windows 8 - DEU
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E9787678-119F-4D52-B551-6739B2B22101}" = Adobe Help Center 1.0
"{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}" = PL-2303 USB-to-Serial
"{EFBCA571-617D-484A-9ECA-E301BB6D0750}" = Windows Live Writer
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F2835483-37F2-4123-B4FE-0E77D58447F2}" = Far Cry 2
"{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}" = Junk Mail filter update
"{FDB30193-FDA0-3DAA-ACCA-A75EEFE53607}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFD9383C-01D5-4897-A954-43AF599AED30}" = tools-windows
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe InDesign CS2 - {7F4C8163-F259-49A0-A018-2857A90578BC}" = Adobe InDesign CS2
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}" = Adobe Photoshop CS2
"Ashampoo Burning Studio 2012_is1" = Ashampoo Burning Studio 2012 v.10.0.15
"ImgBurn" = ImgBurn
"MAGIX_{591B29D8-4A37-4202-9F74-3B43A45EC036}" = MAGIX Foto & Grafik Designer 6 SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.0 Language Pack - DEU" = Microsoft Help Viewer 2.0 Language Pack - DEU
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Opera 12.16.1860" = Opera 12.16
"VMware_Player" = VMware Player
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1080299906-672912975-2251274181-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 23.07.2013 13:08:56 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description = 
 
Error - 23.07.2013 13:09:26 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description = 
 
Error - 23.07.2013 13:09:56 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description = 
 
Error - 23.07.2013 13:10:43 | Computer Name = Hauptrechner | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >

Beim OTL-Scan sei noch erwähnt, dass die Anleitung zum Programm etwas verwirrend ist. Im Bild sind Einstellungen markiert, die im beschreibenden Text darunter nicht erwähnt werden. Ich habe nun mal auch die Einstellungen aus dem Bild aktiviert, in der Hoffnung, dass das so richtig war. ;-)

cosinus · 24.07.2013, 01:06

Das ist etwas schiefgegangen, bitte JRT und adwCleaner wiederholen
Beide Tools sollten per Rechtsklick als Administrator ausgeführt werden

MarieJo · 26.07.2013, 19:36

OK, hier nochmals JRT. Es ist praktisch leer??

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.2 (07.22.2013:2)
OS: Windows 8 Pro with Media Center x64
Ran by J”rg on 26.07.2013 at 20:18:27,53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.07.2013 at 20:23:58,04
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

und adwcleaner:

Code:

ATTFilter

# AdwCleaner v2.306 - Datei am 26/07/2013 um 20:28:54 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows 8 Pro with Media Center  (64 bits)
# Benutzer : Jörg - HAUPTRECHNER
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Jörg\Desktop\adwcleaner(1).exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16537

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

Datei : C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\i3zbyxt5.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v28.0.1500.72

Datei : C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

-\\ Opera v12.16.1860.0

Datei : C:\Users\Jörg\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R2].txt - [1436 octets] - [23/07/2013 19:09:19]
AdwCleaner[S1].txt - [5128 octets] - [30/05/2013 19:58:39]
AdwCleaner[S2].txt - [1498 octets] - [23/07/2013 19:10:05]
AdwCleaner[S3].txt - [1176 octets] - [26/07/2013 20:28:54]

########## EOF - C:\AdwCleaner[S3].txt - [1236 octets] ##########

cosinus · 26.07.2013, 19:58

Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Vollscan mit Malwarebytes Anti-Malware (MBAM) (falls du vor kurzem erst einen Vollscan gemacht hast, reicht auch ein Quickscan (spart Zeit), das dann mir bitte auch mitteilen)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

MarieJo · 27.07.2013, 22:33

Ja, einen Vollscan habe ich vor einigen Tagen schon mal gemacht. Ich reiche das Ergebnis des Quick Scan heute Abend nach.

Wenn auch dort nichts zu finden ist, könnte es sein, dass ich mir da mit der Installation irgendeines Programms was eingefangen habe? Dann würde es vermutlich schwierig den Verursacher zu finden, oder?

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.07.27.02

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16635
Jörg :: HAUPTRECHNER [Administrator]

27.07.2013 23:21:04
mbam-log-2013-07-27 (23-21-04).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 287658
Laufzeit: 7 Minute(n), 2 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus · 28.07.2013, 22:21

Was ist mit ESET?
Was ist mit dem ursprünglichen Problem der Weiterleitung?

24.07.2013, 01:06	#10
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Weiterleitung auf bet-at.home.com Das ist etwas schiefgegangen, bitte JRT und adwCleaner wiederholen Beide Tools sollten per Rechtsklick als Administrator ausgeführt werden __________________ Logfiles bitte immer in CODE-Tags posten

28.07.2013, 22:21	#14
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Weiterleitung auf bet-at.home.com Was ist mit ESET? Was ist mit dem ursprünglichen Problem der Weiterleitung? __________________ Logfiles bitte immer in CODE-Tags posten

Weiterleitung auf bet-at.home.com

Log-Analyse und Auswertung: Weiterleitung auf bet-at.home.com