Massenemails von meinem T-Online Account

reporter · 13.06.2013, 12:58

Also von meinem email account bei tonline werden seit kurzem massenemails verschickt sodass mir jetzt tonline den account gesperrt hat sodass keine mails mehr verschcikt werden können davon. was tun habe Malwarebytes drüber laufen lassen der findet nix

markusg · 13.06.2013, 12:59

Hi,

Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die
Textbox.

Code:

ATTFilter

activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

reporter · 13.06.2013, 13:20

[2013.06.12 15:12:07 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.12 15:12:07 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.12 15:12:07 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.12 15:12:07 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.12 15:12:07 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.12 15:12:07 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.12 15:12:07 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.12 15:12:06 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.12 15:12:06 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.12 15:12:05 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.12 15:12:05 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.12 15:12:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.12 10:10:43 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.12 10:10:43 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.12 10:10:38 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.12 10:10:38 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.12 10:10:37 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.12 10:10:35 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.12 10:10:35 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.12 10:10:35 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.12 10:10:35 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.12 10:10:35 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.12 10:10:35 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.12 10:10:30 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.12 10:10:30 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.05.15 09:59:22 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 09:59:22 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 09:59:12 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 09:59:12 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 09:59:12 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 09:59:12 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 09:59:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
[5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe
[2013.06.13 14:04:36 | 000,215,096 | ---- | M] () -- C:\Users\kappen\Desktop\UtilityChest.exe
[2013.06.13 13:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 13:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 11:44:32 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 10:42:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 10:42:04 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 10:42:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 10:34:25 | 4225,032,190 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.12 10:17:28 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.06.12 10:17:28 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.06.11 16:37:46 | 000,001,729 | ---- | M] () -- C:\Users\kappen\Desktop\matlab.exe.lnk
[2013.06.11 15:54:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013.06.08 17:05:04 | 002,494,968 | ---- | M] () -- C:\Users\kappen\Desktop\DSC_0128.JPG
[2013.06.07 16:49:34 | 001,020,922 | ---- | M] () -- C:\Users\kappen\Documents\fische2.jpg
[2013.06.06 21:59:28 | 003,499,923 | ---- | M] () -- C:\Users\kappen\Desktop\teezeremonie-zu-dritt-eg.jpg
[2013.06.05 12:05:31 | 003,002,894 | ---- | M] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg
[2013.06.05 12:04:08 | 005,591,548 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg
[2013.06.01 14:43:17 | 000,000,132 | ---- | M] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
[2013.05.31 10:32:12 | 000,603,078 | ---- | M] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg
[2013.05.29 18:13:18 | 004,620,189 | ---- | M] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf
[2013.05.23 20:24:12 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2013.05.17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.17 03:25:26 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.17 02:58:08 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 17:46:04 | 002,063,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.15 14:12:47 | 004,607,747 | ---- | M] () -- C:\Users\kappen\Documents\DSC_0117c.jpg
[2013.05.15 12:52:14 | 004,588,162 | ---- | M] () -- C:\Users\kappen\Documents\DSC_0117a.jpg
[2013.05.14 14:23:25 | 000,089,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013.06.13 14:04:33 | 000,215,096 | ---- | C] () -- C:\Users\kappen\Desktop\UtilityChest.exe
[2013.06.08 19:24:48 | 002,494,968 | ---- | C] () -- C:\Users\kappen\Desktop\DSC_0128.JPG
[2013.06.07 16:49:34 | 001,020,922 | ---- | C] () -- C:\Users\kappen\Documents\fische2.jpg
[2013.06.06 21:59:26 | 003,499,923 | ---- | C] () -- C:\Users\kappen\Desktop\teezeremonie-zu-dritt-eg.jpg
[2013.06.05 12:05:29 | 003,002,894 | ---- | C] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg
[2013.06.05 12:04:06 | 005,591,548 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg
[2013.06.01 14:43:17 | 000,000,132 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
[2013.05.31 10:32:11 | 000,603,078 | ---- | C] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg
[2013.05.29 18:13:18 | 004,620,189 | ---- | C] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf
[2013.05.15 14:12:44 | 004,607,747 | ---- | C] () -- C:\Users\kappen\Documents\DSC_0117c.jpg
[2013.05.15 12:52:12 | 004,588,162 | ---- | C] () -- C:\Users\kappen\Documents\DSC_0117a.jpg
[2012.11.06 20:58:05 | 000,000,018 | -HS- | C] () -- C:\Windows\WINPROD.DLL
[2012.10.10 03:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.10.10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.02.13 21:18:27 | 000,000,600 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\winscp.rnd
[2012.01.27 15:57:11 | 001,804,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.15 16:56:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F

markusg · 13.06.2013, 13:27

Hi
na vollständig währ schon gut

reporter · 13.06.2013, 16:23

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 13.06.2013 17:00:43 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Dokumente und Einstellungen\Alex\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 66,72% Memory free
5,09 Gb Paging File | 4,03 Gb Available in Paging File | 79,29% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programme
Drive C: | 149,04 Gb Total Space | 130,34 Gb Free Space | 87,45% Space Free | Partition Type: NTFS
 
Computer Name: COMP40 | User Name: Alex | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.13 17:00:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Alex\Desktop\OTL.exe
PRC - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Programme\phonostar-Player\phonostarTimer.exe
PRC - [2012.11.05 01:55:46 | 000,948,608 | ---- | M] (215 Apps) -- c:\Programme\Savings Sidekick\Savings Sidekick-bg.exe
PRC - [2012.10.19 19:43:36 | 000,585,248 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService\ibsvc.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.09.20 08:44:16 | 000,296,392 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Programme\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.08.09 12:03:06 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.06.07 20:11:24 | 002,326,920 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe
PRC - [2012.06.03 17:24:24 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\sched.exe
PRC - [2012.06.03 17:24:06 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe
PRC - [2012.06.03 17:24:06 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.06.03 17:24:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.03 17:24:06 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Programme\Avira\AntiVir Desktop\avshadow.exe
PRC - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe
PRC - [2012.05.29 13:09:52 | 001,220,960 | ---- | M] (TuneUp Software) -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe
PRC - [2012.02.17 21:54:46 | 000,088,688 | R--- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe
PRC - [2011.12.21 16:30:52 | 000,272,984 | ---- | M] (Alcor Micro Corp.) -- C:\Programme\AmIcoSingLun\AmIcoSinglun.exe
PRC - [2011.10.07 11:40:42 | 001,387,288 | ---- | M] (Logitech, Inc.) -- C:\Programme\Logitech\SetPointP\SetPoint.exe
PRC - [2011.09.27 21:05:24 | 000,149,784 | ---- | M] (Logitech, Inc.) -- C:\Programme\Gemeinsame Dateien\LogiShrd\KHAL3\KHALMNPR.exe
PRC - [2011.02.23 22:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Programme\FreePDF_XP\fpassist.exe
PRC - [2010.04.27 10:09:52 | 000,113,288 | ---- | M] (Renesas Electronics Corporation) -- C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
PRC - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe
PRC - [2010.03.05 10:15:04 | 000,411,864 | ---- | M] (DeviceVM, Inc.) -- C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe
PRC - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe
PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2008.05.20 20:18:32 | 000,221,184 | ---- | M] () -- C:\WINDOWS\system\cm106eye.exe
PRC - [2008.04.23 02:08:13 | 000,483,328 | ---- | M] (Adobe Systems Inc.) -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.exe
PRC - [2008.04.14 14:00:00 | 001,036,800 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007.12.13 20:10:56 | 001,688,872 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe
PRC - [2007.12.13 20:10:56 | 000,447,784 | ---- | M] (Nero AG) -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe
PRC - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) -- C:\WINDOWS\system32\HPZipm12.exe
PRC - [2006.02.10 07:56:12 | 000,479,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Programme\HP\Digital Imaging\bin\hpqimzone.exe
PRC - [2004.02.26 10:53:30 | 000,065,024 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2003.11.18 08:11:04 | 000,565,248 | R--- | M] (VIA Technologies) -- C:\Programme\VIA\RAID\raid_tool.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Programme\phonostar-Player\phonostarTimer.exe
MOD - [2012.10.19 19:43:36 | 000,585,248 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService\ibsvc.exe
MOD - [2012.06.23 00:13:49 | 003,391,488 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_f5cf52b5\mscorlib.dll
MOD - [2012.06.23 00:13:31 | 000,843,776 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.drawing\1.0.5000.0__b03f5f7f11d50a3a_dadc3dd2\system.drawing.dll
MOD - [2012.06.23 00:12:13 | 002,088,960 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.xml\1.0.5000.0__b77a5c561934e089_abfc5745\system.xml.dll
MOD - [2012.06.23 00:11:25 | 003,035,136 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system.windows.forms\1.0.5000.0__b77a5c561934e089_867d1e8b\system.windows.forms.dll
MOD - [2012.06.22 18:38:27 | 001,966,080 | ---- | M] () -- c:\windows\assembly\nativeimages1_v1.1.4322\system\1.0.5000.0__b77a5c561934e089_b5a2f5c8\system.dll
MOD - [2012.06.22 18:38:03 | 002,064,384 | ---- | M] () -- c:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll
MOD - [2012.06.22 18:37:54 | 001,232,896 | ---- | M] () -- c:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll
MOD - [2012.06.22 18:35:07 | 000,471,040 | ---- | M] () -- c:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll
MOD - [2012.06.21 21:58:37 | 001,339,392 | ---- | M] () -- c:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll
MOD - [2012.06.21 12:40:03 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb\4.0.0.0__a53cf5803f4c3827\hpqisrtb.dll
MOD - [2012.06.21 12:40:03 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqisrtb.resources\4.0.0.0_de_a53cf5803f4c3827\hpqisrtb.resources.dll
MOD - [2012.06.21 12:39:42 | 000,376,832 | ---- | M] () -- c:\windows\assembly\gac\hpqedit.resources\3.0.0.0_de_a53cf5803f4c3827\hpqedit.resources.dll
MOD - [2012.06.21 12:39:41 | 001,163,264 | ---- | M] () -- c:\windows\assembly\gac\hpqedit\3.0.0.0__a53cf5803f4c3827\hpqedit.dll
MOD - [2012.06.21 12:39:35 | 000,790,528 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup\3.0.0.0__a53cf5803f4c3827\hpqbakup.dll
MOD - [2012.06.21 12:39:34 | 000,258,048 | ---- | M] () -- c:\windows\assembly\gac\hpqbakup.resources\3.0.0.0_de_a53cf5803f4c3827\hpqbakup.resources.dll
MOD - [2012.06.21 12:39:25 | 000,163,840 | ---- | M] () -- c:\windows\assembly\gac\hpqvideo\3.0.0.0__a53cf5803f4c3827\hpqvideo.dll
MOD - [2012.06.21 12:39:18 | 000,065,536 | ---- | M] () -- c:\windows\assembly\gac\hpqmdmr\4.0.0.0__a53cf5803f4c3827\hpqmdmr.dll
MOD - [2012.06.21 12:39:18 | 000,057,344 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc\4.0.0.0__a53cf5803f4c3827\hpqprrsc.dll
MOD - [2012.06.21 12:39:18 | 000,053,248 | ---- | M] () -- c:\windows\assembly\gac\hpqovskn\3.0.0.0__a53cf5803f4c3827\hpqovskn.dll
MOD - [2012.06.21 12:39:18 | 000,028,672 | ---- | M] () -- c:\windows\assembly\gac\hpqprrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqprrsc.resources.dll
MOD - [2012.06.21 12:39:15 | 000,430,080 | ---- | M] () -- c:\windows\assembly\gac\lead.wrapper\13.0.0.113__9cf889f53ea9b907\lead.wrapper.dll
MOD - [2012.06.21 12:39:15 | 000,090,112 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.imageprocessing\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.imageprocessing.dll
MOD - [2012.06.21 12:39:15 | 000,086,016 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing\13.0.0.113__9cf889f53ea9b907\lead.drawing.dll
MOD - [2012.06.21 12:39:15 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\lead\13.0.0.113__9cf889f53ea9b907\lead.dll
MOD - [2012.06.21 12:39:15 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms.drawingcontainer\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.drawingcontainer.dll
MOD - [2012.06.21 12:39:15 | 000,040,960 | ---- | M] () -- c:\windows\assembly\gac\lead.windows.forms\13.0.0.113__9cf889f53ea9b907\lead.windows.forms.dll
MOD - [2012.06.21 12:39:13 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\lead.drawing.imaging.codecs\13.0.0.113__9cf889f53ea9b907\lead.drawing.imaging.codecs.dll
MOD - [2012.06.21 12:39:12 | 000,014,848 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqvideo\4.0.0.0__a53cf5803f4c3827\interop.hpqvideo.dll
MOD - [2012.06.21 12:39:11 | 000,004,096 | ---- | M] () -- c:\windows\assembly\gac\interop.hprblog\3.0.0.0__a53cf5803f4c3827\interop.hprblog.dll
MOD - [2012.06.21 12:39:05 | 000,010,240 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqimgr\4.0.0.0__a53cf5803f4c3827\interop.hpqimgr.dll
MOD - [2012.06.21 12:39:03 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\interop.hpqcxm08\3.0.0.0__a53cf5803f4c3827\interop.hpqcxm08.dll
MOD - [2012.06.21 12:39:01 | 000,516,096 | ---- | M] () -- c:\windows\assembly\gac\hpqimvlt\3.0.0.0__a53cf5803f4c3827\hpqimvlt.dll
MOD - [2012.06.21 12:39:01 | 000,192,512 | ---- | M] () -- c:\windows\assembly\gac\hpqimgrc\4.0.0.0__a53cf5803f4c3827\hpqimgrc.dll
MOD - [2012.06.21 12:39:01 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqntrop\4.0.0.0__a53cf5803f4c3827\hpqntrop.dll
MOD - [2012.06.21 12:39:00 | 000,077,824 | ---- | M] () -- c:\windows\assembly\gac\hpqthumb\3.0.0.0__a53cf5803f4c3827\hpqthumb.dll
MOD - [2012.06.21 12:39:00 | 000,061,440 | ---- | M] () -- c:\windows\assembly\gac\hpqimlib\3.0.0.0__a53cf5803f4c3827\hpqimlib.dll
MOD - [2012.06.21 12:38:57 | 000,385,024 | ---- | M] () -- c:\windows\assembly\gac\hpqtray\4.0.0.0__a53cf5803f4c3827\hpqtray.dll
MOD - [2012.06.21 12:38:57 | 000,126,976 | ---- | M] () -- c:\windows\assembly\gac\hpqtray.resources\4.0.0.0_de_a53cf5803f4c3827\hpqtray.resources.dll
MOD - [2012.06.21 12:38:57 | 000,069,632 | ---- | M] () -- c:\windows\assembly\gac\hpqglutl\4.0.0.0__a53cf5803f4c3827\hpqglutl.dll
MOD - [2012.06.21 12:38:57 | 000,036,864 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc\4.0.0.0__a53cf5803f4c3827\hpqfmrsc.dll
MOD - [2012.06.21 12:38:57 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqfmrsc.resources\4.0.0.0_de_a53cf5803f4c3827\hpqfmrsc.resources.dll
MOD - [2012.06.21 12:38:57 | 000,024,576 | ---- | M] () -- c:\windows\assembly\gac\hpqasset\4.0.0.0__a53cf5803f4c3827\hpqasset.dll
MOD - [2012.06.21 12:38:57 | 000,020,480 | ---- | M] () -- c:\windows\assembly\gac\hpqiface\4.0.0.0__a53cf5803f4c3827\hpqiface.dll
MOD - [2012.06.21 12:38:55 | 000,425,984 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc\3.0.0.0__a53cf5803f4c3827\hpqcprsc.dll
MOD - [2012.06.21 12:38:55 | 000,229,376 | ---- | M] () -- c:\windows\assembly\gac\hpqutils\4.0.0.0__a53cf5803f4c3827\hpqutils.dll
MOD - [2012.06.21 12:38:55 | 000,094,208 | ---- | M] () -- c:\windows\assembly\gac\hpqcprsc.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcprsc.resources.dll
MOD - [2012.06.21 12:38:54 | 000,135,168 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2.resources\3.0.0.0_de_a53cf5803f4c3827\hpqcc2.resources.dll
MOD - [2012.06.21 12:38:53 | 000,593,920 | ---- | M] () -- c:\windows\assembly\gac\hpqcc2\3.0.0.0__a53cf5803f4c3827\hpqcc2.dll
MOD - [2012.06.21 12:37:24 | 000,081,920 | ---- | M] () -- c:\windows\assembly\gac\system.resources\1.0.5000.0_de_b77a5c561934e089\system.resources.dll
MOD - [2012.06.21 12:34:38 | 000,007,680 | ---- | M] () -- c:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll
MOD - [2012.06.03 17:24:24 | 000,398,288 | ---- | M] () -- C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2011.10.07 11:41:16 | 000,879,896 | ---- | M] () -- C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll
MOD - [2010.06.17 21:56:52 | 000,116,224 | ---- | M] () -- C:\WINDOWS\system32\redmonnt.dll
MOD - [2009.07.31 21:39:08 | 000,503,202 | ---- | M] () -- C:\Programme\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2008.12.19 18:26:06 | 002,625,536 | ---- | M] () -- C:\WINDOWS\system32\ffdshow.ax
MOD - [2008.05.20 20:18:32 | 000,221,184 | ---- | M] () -- C:\WINDOWS\system\cm106eye.exe
MOD - [2008.04.14 14:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2006.09.13 15:08:00 | 000,491,520 | ---- | M] () -- C:\WINDOWS\system\cmau106.dll
MOD - [2006.01.12 21:20:48 | 001,265,664 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\adistres.DEU
MOD - [2006.01.12 21:20:26 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.DEU
MOD - [2006.01.12 21:13:46 | 000,019,968 | ---- | M] () -- C:\Programme\Adobe\Acrobat 7.0\Distillr\acrotray.FRA
MOD - [2005.10.20 10:36:08 | 000,077,824 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmltok.dll
MOD - [2005.10.20 10:36:08 | 000,065,536 | R--- | M] () -- C:\Programme\HP\Digital Imaging\bin\crm\xmlparse.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Stopped] -- C:\Programme\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.06.13 16:22:45 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.19 19:43:36 | 000,585,248 | ---- | M] () [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService\ibsvc.exe -- (IBUpdaterService)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Programme\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.07.01 17:17:17 | 000,072,704 | ---- | M] (Adobe Systems) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe -- (Adobe LM Service)
SRV - [2012.06.07 20:11:24 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.06.03 17:24:24 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.06.03 17:24:06 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe -- (AntiVirWebService)
SRV - [2012.06.03 17:24:06 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.06.03 17:24:06 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.29 13:09:52 | 001,528,672 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.02.17 21:54:46 | 000,088,688 | R--- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
SRV - [2011.09.27 21:03:28 | 000,295,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2010.03.05 10:15:12 | 000,235,752 | ---- | M] (DeviceVM, Inc.) [Auto | Running] -- C:\Programme\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009.09.12 18:09:44 | 000,660,936 | ---- | M] (Acronis) [Auto | Running] -- C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2007.12.13 20:10:56 | 000,447,784 | ---- | M] (Nero AG) [On_Demand | Running] -- C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexingService.exe -- (NMIndexingService)
SRV - [2006.03.03 21:03:10 | 000,069,632 | ---- | M] (HP) [Auto | Running] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003.07.28 13:28:22 | 000,089,136 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE -- (ose)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (WDICA)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] --  -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] --  -- (PCIDump)
DRV - File not found [Kernel | System | Stopped] --  -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] --  -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] --  -- (Changer)
DRV - [2012.06.07 20:11:28 | 000,159,168 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\afcdp.sys -- (afcdp)
DRV - [2012.06.07 20:11:00 | 000,902,432 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\tdrpm251.sys -- (tdrpman251)
DRV - [2012.06.07 20:10:56 | 000,570,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\timntr.sys -- (timounter)
DRV - [2012.06.07 20:10:20 | 000,157,248 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\snapman.sys -- (snapman)
DRV - [2012.06.03 17:24:24 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2012.06.03 17:24:24 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2012.05.08 15:21:42 | 000,010,064 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Programme\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys -- (TuneUpUtilitiesDrv)
DRV - [2012.03.09 08:22:00 | 007,586,304 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
DRV - [2012.02.22 21:18:10 | 000,329,960 | ---- | M] (Realtek Semiconductor Corporation                           ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
DRV - [2011.10.11 15:34:24 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avkmgr.sys -- (avkmgr)
DRV - [2011.09.13 22:14:00 | 000,164,736 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV - [2011.09.13 22:13:58 | 000,073,344 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nusb3hub.sys -- (nusb3hub)
DRV - [2011.09.02 08:31:28 | 000,039,192 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2011.09.02 08:31:28 | 000,030,360 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV - [2011.09.02 08:31:20 | 000,041,240 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2011.09.02 08:30:58 | 000,012,184 | ---- | M] (Logitech, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\LBeepKE.sys -- (LBeepKE)
DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010.05.15 13:11:42 | 001,150,880 | R--- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV - [2010.01.28 16:12:02 | 000,095,232 | R--- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2009.08.04 04:28:18 | 000,011,296 | R--- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AsIO.sys -- (AsIO)
DRV - [2008.10.13 22:21:24 | 001,506,304 | ---- | M] (C-Media Electronics Inc) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\CM106.sys -- (USBMULCD)
DRV - [2007.04.16 16:46:34 | 000,033,792 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdPPM.sys -- (AmdPPM)
DRV - [2004.08.19 08:21:00 | 000,189,568 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\yk51x86.sys -- (yukonwxp)
DRV - [2004.08.13 04:56:20 | 000,005,810 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ASACPI.sys -- (MTsensor)
DRV - [2004.05.02 10:47:08 | 000,023,040 | R--- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\System32\drivers\GVCplDrv.sys -- (GVCplDrv)
DRV - [2004.03.19 14:02:08 | 000,613,244 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2004.02.24 05:08:52 | 000,400,384 | ---- | M] (Sensaura) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXSENS.SYS -- (ALCXSENS)
DRV - [2003.10.31 05:22:38 | 000,077,312 | R--- | M] (VIA Technologies inc,.ltd) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\viasraid.sys -- (viasraid)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EE C0 7C 02 D2 39 CE 01  [binary data]
IE - HKCU\..\URLSearchHook: {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Programme\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll (DeviceVM, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.bing.com/search?FORM=UP31DF&PC=UP31&q={searchTerms}&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{4950BB65-30A9-4f8e-9989-91FE371317A3}: "URL" = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
IE - HKCU\..\SearchScopes\{9BDA4705-BC1C-429d-9F12-2BD205054218}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
IE - HKCU\..\SearchScopes\{A33E5870-C65E-4C39-B198-AAAEA97B6268}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=113480&tt=2912_7&babsrc=SP_ss&mntrId=840de85f00000000000020cf30c3203e
IE - HKCU\..\SearchScopes\{D63402F7-FB81-40FF-8C1E-25083BC06487}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=FF470E31-D156-4428-9BCF-C3D02317A0A9&apn_sauid=B982D552-5D92-4C98-83F2-03A4662F7CE0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/DownloadManager,version=1.1: C:\WINDOWS\ [2013.06.13 16:16:01 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Programme\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Programme\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Programme\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Programme\phonostar-Player\npphonostarDetectNP.dll ( )
 
 
 
O1 HOSTS File: ([2004.08.04 14:00:00 | 000,000,820 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2 - BHO: (AcroIEHlprObj Class) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (Savings Sidekick) - {11111111-1111-1111-1111-110011501160} - C:\Programme\Savings Sidekick\Savings Sidekick.dll (215 Apps)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Programme\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Acrobat Assistant 7.0] C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Programme\Gemeinsame Dateien\Acronis\Schedule2\schedhlp.exe (Acronis)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Programme\Gemeinsame Dateien\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Programme\Gemeinsame Dateien\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [avgnt] C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Programme\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Cm106Sound] RunDll32 cm106.cpl,CMICtrlWnd File not found
O4 - HKLM..\Run: [EvtMgr6] C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4 - HKLM..\Run: [FreePDF Assistant] C:\Programme\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [NBKeyScan] C:\Programme\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame Dateien\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [NUSB3MON] C:\Programme\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVRTCLK] C:\WINDOWS\system32\NVRTClk\NVRTClk.exe ()
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Programme\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Programme\Gemeinsame Dateien\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Programme\Gemeinsame Dateien\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Programme\phonostar-Player\phonostarTimer.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk = C:\WINDOWS\Installer\{AC76BA86-1033-F400-7760-100000000002}\SC_Acrobat.exe ()
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\HP Photosmart Premier – Schnellstart.lnk = C:\Programme\HP\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Development Company, L.P.)
O4 - Startup: C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\VIA RAID TOOL.lnk = C:\Programme\VIA\RAID\raid_tool.exe (VIA Technologies)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegedit = 1
O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Programme\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O15 - HKCU\..Trusted Domains: knuddels.de ([www] https in Trusted sites)
O15 - HKCU\..Trusted Domains: rtl2-now.de ([www] https in Trusted sites)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1340465498296 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1344977177968 (MUWebControl Class)
O16 - DPF: {B479199A-1242-4E3C-AD81-7F0DF801B4AE} hxxp://download.microsoft.com/download/C/9/C/C9C3D86D-84AC-4AF0-8584-842756A66467/MicrosoftDownloadManager.cab (Microsoft Download Manager ActiveX control)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE00D94D-672F-456F-A9FE-2A790FD28043}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F8829889-E2F8-42CA-81BD-C31AA79F7E68}: DhcpNameServer = 192.168.2.1
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Gemeinsame Dateien\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\programme\gemeinsame dateien\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Gemeinsame Dateien\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O24 - Desktop Components:0 (Die derzeitige Homepage) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.11.25 20:24:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 17:00:35 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Alex\Desktop\OTL.exe
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 17:00:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Dokumente und Einstellungen\Alex\Desktop\OTL.exe
[2013.06.13 16:22:50 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.06.13 16:13:05 | 000,002,319 | ---- | M] () -- C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Autostart\Adobe Acrobat - Schnellstart.lnk
[2013.06.13 16:12:25 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.06.13 16:11:45 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.06.06 11:51:38 | 002,370,336 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Desktop\teezeremonie-zu-dritt-eng.jpg
[2013.05.29 12:52:56 | 004,620,189 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Desktop\Trott-war_Juni_2013.pdf
[2013.05.24 11:26:44 | 004,761,800 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.05.22 12:22:56 | 000,002,509 | ---- | M] () -- C:\Dokumente und Einstellungen\Alex\Desktop\Microsoft Office Word 2003.lnk
[8 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[3 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.06 11:51:35 | 002,370,336 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Desktop\teezeremonie-zu-dritt-eng.jpg
[2013.05.29 12:52:48 | 004,620,189 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Desktop\Trott-war_Juni_2013.pdf
[2012.06.21 18:26:28 | 000,000,137 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\Lokale Einstellungen\Anwendungsdaten\fusioncache.dat
[2012.06.21 12:18:15 | 000,128,211 | ---- | C] () -- C:\WINDOWS\hpoins11.dat
[2012.06.16 15:40:49 | 000,000,736 | ---- | C] () -- C:\WINDOWS\SamsungMaster.INI
[2012.06.11 15:33:49 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2012.06.11 15:33:49 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2012.06.11 15:33:49 | 000,008,704 | ---- | C] () -- C:\WINDOWS\System32\vidccleaner.exe
[2012.06.09 12:29:02 | 000,000,125 | ---- | C] () -- C:\WINDOWS\Cm106.ini.cfl
[2012.06.09 12:27:58 | 000,001,249 | ---- | C] () -- C:\WINDOWS\Cm106.ini.cfg
[2012.06.09 12:27:30 | 000,000,490 | ---- | C] () -- C:\WINDOWS\cm106.ini
[2012.06.08 20:03:08 | 000,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2012.06.08 20:03:08 | 000,011,296 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2012.06.08 20:02:10 | 000,055,266 | ---- | C] () -- C:\WINDOWS\Ascd_log.ini
[2012.06.08 19:28:49 | 007,398,931 | ---- | C] () -- C:\Programme\gr-v1001-w32.zip
[2012.06.07 14:48:27 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2012.06.05 18:59:45 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\unredmon.exe
[2012.06.05 18:59:43 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\redmonnt.dll
[2012.06.04 21:27:26 | 000,000,169 | ---- | C] () -- C:\WINDOWS\RtlRack.ini
[2012.06.03 22:48:02 | 000,080,416 | R--- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
[2012.06.03 22:19:50 | 000,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2012.06.03 22:19:24 | 000,049,152 | R--- | C] () -- C:\WINDOWS\DAOD.exe
[2012.06.03 22:19:24 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
[2012.06.03 19:15:03 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.06.03 16:28:38 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2012.06.03 16:28:02 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
[2012.06.03 16:28:02 | 000,601,728 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
[2012.06.03 16:28:02 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
[2008.11.27 19:16:27 | 000,001,024 | ---- | C] () -- C:\Dokumente und Einstellungen\Alex\.rnd
 
========== ZeroAccess Check ==========
 
[2012.06.03 16:22:00 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2012.02.28 20:49:18 | 001,510,400 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 12:51:44 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 04:22:32 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2012.06.07 20:20:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Acronis
[2012.07.18 19:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Babylon
[2013.04.09 10:31:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\cef-cache
[2012.06.22 00:46:23 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.06.03 19:24:24 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\DeviceVm
[2012.06.06 17:14:28 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\ElevatedDiagnostics
[2012.06.05 19:14:39 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\FreePDF
[2012.07.18 23:10:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\GeoSetter
[2012.10.24 16:09:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\InterTrust
[2012.06.05 21:57:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Leadertech
[2012.10.24 17:36:03 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\minimalarts_temp
[2012.06.13 23:04:18 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Oracle
[2013.04.09 10:32:34 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Party
[2012.06.04 19:33:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\phonostar GmbH
[2012.07.18 19:07:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\Systweak
[2012.06.06 22:27:41 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\Alex\Anwendungsdaten\TuneUp Software
[2008.11.27 18:44:35 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Acronis
[2012.06.06 14:37:54 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\AmUStor
[2012.09.04 15:44:25 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Ask
[2012.07.18 19:02:52 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Babylon
[2012.06.06 22:25:57 | 000,000,000 | -H-D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Common Files
[2012.06.03 19:24:20 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\DeviceVm
[2012.06.03 19:15:01 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Downloaded Installations
[2012.10.19 19:43:59 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\IBUpdaterService
[2013.01.26 15:37:14 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\regid.1986-12.com.adobe
[2012.07.18 19:02:58 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Tarma Installer
[2012.06.06 22:29:47 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\TuneUp Software
[2012.07.02 01:57:38 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZip
[2012.08.19 12:45:10 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZipEC
[2012.08.19 12:09:51 | 000,000,000 | ---D | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\WinZipSE
[2012.06.06 22:25:57 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\{32364CEA-7855-4A3C-B674-53D8E9B97936}
 
========== Purity Check ==========
 
 

< End of report >

--- --- ---

das ist mein anderer pc

war vollständig ^^ bitte helfen

markusg · 13.06.2013, 18:39

Hi,
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

reporter · 13.06.2013, 19:05

der hat nichts gefunden, aber ich muss noch pc nr 2 durchsuchen, habe eher den verdacht dass dort n Trojaner ist

was bedeuten jetzt meine 2 ausdrucke? kann mir das jemand übersetzen?

markusg · 13.06.2013, 19:06

Ich möchte erst mal nur logs von einem pc, den anderen in nem anderen Thread, dort otl logs, hier möchte ich das tdss killer log sehen

reporter · 13.06.2013, 19:33

20:31:40.0252 7684 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:31:40.0692 7684 ============================================================
20:31:40.0692 7684 Current date / time: 2013/06/13 20:31:40.0692
20:31:40.0692 7684 SystemInfo:
20:31:40.0692 7684
20:31:40.0692 7684 OS Version: 6.1.7601 ServicePack: 1.0
20:31:40.0692 7684 Product type: Workstation
20:31:40.0692 7684 ComputerName: KAPPEN-PC
20:31:40.0692 7684 UserName: kappen
20:31:40.0692 7684 Windows directory: C:\Windows
20:31:40.0692 7684 System windows directory: C:\Windows
20:31:40.0692 7684 Running under WOW64
20:31:40.0692 7684 Processor architecture: Intel x64
20:31:40.0692 7684 Number of processors: 8
20:31:40.0692 7684 Page size: 0x1000
20:31:40.0692 7684 Boot type: Normal boot
20:31:40.0692 7684 ============================================================
20:31:41.0182 7684 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:31:41.0192 7684 ============================================================
20:31:41.0192 7684 \Device\Harddisk0\DR0:
20:31:41.0192 7684 MBR partitions:
20:31:41.0192 7684 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8928
20:31:41.0212 7684 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x260EA000, BlocksNum 0x3145B800
20:31:41.0212 7684 ============================================================
20:31:41.0242 7684 C: <-> \Device\Harddisk0\DR0\Partition1
20:31:41.0262 7684 D: <-> \Device\Harddisk0\DR0\Partition2
20:31:41.0262 7684 ============================================================
20:31:41.0262 7684 Initialize success
20:31:41.0262 7684 ============================================================
20:31:42.0852 6064 ============================================================
20:31:42.0852 6064 Scan started
20:31:42.0852 6064 Mode: Manual;
20:31:42.0852 6064 ============================================================
20:31:43.0502 6064 ================ Scan system memory ========================
20:31:43.0502 6064 System memory - ok
20:31:43.0502 6064 ================ Scan services =============================
20:31:43.0742 6064 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:31:43.0742 6064 1394ohci - ok
20:31:43.0772 6064 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:31:43.0772 6064 ACPI - ok
20:31:43.0792 6064 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:31:43.0792 6064 AcpiPmi - ok
20:31:43.0882 6064 [ EAC4C4CB23EA3C267062F1EA0F9FFBB3 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
20:31:43.0882 6064 AcrSch2Svc - ok
20:31:43.0952 6064 [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
20:31:43.0952 6064 AdobeActiveFileMonitor11.0 - ok
20:31:44.0022 6064 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:31:44.0022 6064 AdobeFlashPlayerUpdateSvc - ok
20:31:44.0062 6064 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:31:44.0062 6064 adp94xx - ok
20:31:44.0082 6064 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:31:44.0082 6064 adpahci - ok
20:31:44.0102 6064 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:31:44.0102 6064 adpu320 - ok
20:31:44.0122 6064 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:31:44.0122 6064 AeLookupSvc - ok
20:31:44.0152 6064 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
20:31:44.0162 6064 AFBAgent - ok
20:31:44.0182 6064 [ 3426A6EAA09077F3AB946FB9CEB85D8E ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
20:31:44.0182 6064 afcdp - ok
20:31:44.0232 6064 [ 986A134B1A1770599B7AF9354CBB066F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
20:31:44.0242 6064 afcdpsrv - ok
20:31:44.0272 6064 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:31:44.0272 6064 AFD - ok
20:31:44.0292 6064 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:31:44.0292 6064 agp440 - ok
20:31:44.0302 6064 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:31:44.0302 6064 ALG - ok
20:31:44.0322 6064 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:31:44.0322 6064 aliide - ok
20:31:44.0342 6064 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:31:44.0342 6064 amdide - ok
20:31:44.0362 6064 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:31:44.0362 6064 AmdK8 - ok
20:31:44.0362 6064 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:31:44.0362 6064 AmdPPM - ok
20:31:44.0382 6064 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:31:44.0382 6064 amdsata - ok
20:31:44.0382 6064 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:31:44.0392 6064 amdsbs - ok
20:31:44.0402 6064 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:31:44.0402 6064 amdxata - ok
20:31:44.0452 6064 [ 56BEB1292DC71E49C824455EC582BFCE ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
20:31:44.0452 6064 AntiVirMailService - ok
20:31:44.0482 6064 [ 7ABE4092C35E7D4596487DFA075D84E1 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:31:44.0482 6064 AntiVirSchedulerService - ok
20:31:44.0492 6064 [ 5A37FFA608AE126C9702F5C07E07FC08 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:31:44.0492 6064 AntiVirService - ok
20:31:44.0522 6064 [ 5F2F39626586536CA86F402A1C947463 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:31:44.0522 6064 AntiVirWebService - ok
20:31:44.0552 6064 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:31:44.0552 6064 AppID - ok
20:31:44.0562 6064 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:31:44.0562 6064 AppIDSvc - ok
20:31:44.0592 6064 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:31:44.0592 6064 Appinfo - ok
20:31:44.0612 6064 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:31:44.0612 6064 arc - ok
20:31:44.0612 6064 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:31:44.0612 6064 arcsas - ok
20:31:44.0682 6064 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:31:44.0682 6064 ASLDRService - ok
20:31:44.0692 6064 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:31:44.0692 6064 ASMMAP64 - ok
20:31:44.0762 6064 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:31:44.0762 6064 aspnet_state - ok
20:31:44.0772 6064 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:31:44.0772 6064 AsyncMac - ok
20:31:44.0792 6064 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:31:44.0792 6064 atapi - ok
20:31:44.0812 6064 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:31:44.0812 6064 AthBTPort - ok
20:31:44.0892 6064 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:31:44.0902 6064 Atheros Bt&Wlan Coex Agent - ok
20:31:44.0912 6064 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:31:44.0912 6064 AtherosSvc - ok
20:31:44.0972 6064 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:31:44.0982 6064 athr - ok
20:31:44.0992 6064 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:31:44.0992 6064 ATKGFNEXSrv - ok
20:31:45.0012 6064 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:31:45.0012 6064 ATKWMIACPIIO - ok
20:31:45.0042 6064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:31:45.0052 6064 AudioEndpointBuilder - ok
20:31:45.0062 6064 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:31:45.0062 6064 AudioSrv - ok
20:31:45.0092 6064 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:31:45.0092 6064 avgntflt - ok
20:31:45.0112 6064 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:31:45.0112 6064 avipbb - ok
20:31:45.0122 6064 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:31:45.0122 6064 avkmgr - ok
20:31:45.0152 6064 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:31:45.0152 6064 AxInstSV - ok
20:31:45.0172 6064 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:31:45.0182 6064 b06bdrv - ok
20:31:45.0192 6064 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:31:45.0192 6064 b57nd60a - ok
20:31:45.0212 6064 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:31:45.0212 6064 BDESVC - ok
20:31:45.0232 6064 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:31:45.0232 6064 Beep - ok
20:31:45.0272 6064 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:31:45.0272 6064 BFE - ok
20:31:45.0292 6064 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:31:45.0302 6064 BITS - ok
20:31:45.0312 6064 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:31:45.0312 6064 blbdrive - ok
20:31:45.0332 6064 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:31:45.0332 6064 bowser - ok
20:31:45.0352 6064 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:31:45.0352 6064 BrFiltLo - ok
20:31:45.0352 6064 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:31:45.0352 6064 BrFiltUp - ok
20:31:45.0382 6064 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:31:45.0382 6064 Browser - ok
20:31:45.0392 6064 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:31:45.0392 6064 Brserid - ok
20:31:45.0402 6064 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:31:45.0402 6064 BrSerWdm - ok
20:31:45.0402 6064 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:31:45.0402 6064 BrUsbMdm - ok
20:31:45.0402 6064 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:31:45.0402 6064 BrUsbSer - ok
20:31:45.0442 6064 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:31:45.0442 6064 BTATH_A2DP - ok
20:31:45.0462 6064 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:31:45.0472 6064 BTATH_BUS - ok
20:31:45.0482 6064 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:31:45.0482 6064 BTATH_HCRP - ok
20:31:45.0502 6064 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:31:45.0502 6064 BTATH_LWFLT - ok
20:31:45.0512 6064 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:31:45.0512 6064 BTATH_RCP - ok
20:31:45.0532 6064 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:31:45.0532 6064 BtFilter - ok
20:31:45.0552 6064 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:31:45.0562 6064 BthEnum - ok
20:31:45.0582 6064 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:31:45.0582 6064 BTHMODEM - ok
20:31:45.0592 6064 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:31:45.0592 6064 BthPan - ok
20:31:45.0612 6064 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:31:45.0622 6064 BTHPORT - ok
20:31:45.0642 6064 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:31:45.0642 6064 bthserv - ok
20:31:45.0652 6064 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:31:45.0652 6064 BTHUSB - ok
20:31:45.0672 6064 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:31:45.0672 6064 cdfs - ok
20:31:45.0692 6064 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:31:45.0692 6064 cdrom - ok
20:31:45.0712 6064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:31:45.0712 6064 CertPropSvc - ok
20:31:45.0722 6064 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:31:45.0722 6064 circlass - ok
20:31:45.0742 6064 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:31:45.0742 6064 CLFS - ok
20:31:45.0792 6064 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:31:45.0802 6064 CLKMSVC10_38F51D56 - ok
20:31:45.0942 6064 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:31:45.0942 6064 clr_optimization_v2.0.50727_32 - ok
20:31:45.0982 6064 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:31:45.0982 6064 clr_optimization_v2.0.50727_64 - ok
20:31:46.0012 6064 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:31:46.0022 6064 clr_optimization_v4.0.30319_32 - ok
20:31:46.0032 6064 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:31:46.0032 6064 clr_optimization_v4.0.30319_64 - ok
20:31:46.0052 6064 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:31:46.0052 6064 CmBatt - ok
20:31:46.0052 6064 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:31:46.0052 6064 cmdide - ok
20:31:46.0092 6064 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:31:46.0092 6064 CNG - ok
20:31:46.0102 6064 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:31:46.0102 6064 Compbatt - ok
20:31:46.0112 6064 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:31:46.0112 6064 CompositeBus - ok
20:31:46.0122 6064 COMSysApp - ok
20:31:46.0182 6064 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:31:46.0182 6064 cphs - ok
20:31:46.0192 6064 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:31:46.0192 6064 crcdisk - ok
20:31:46.0222 6064 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:31:46.0222 6064 CryptSvc - ok
20:31:46.0252 6064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:31:46.0262 6064 DcomLaunch - ok
20:31:46.0282 6064 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:31:46.0282 6064 defragsvc - ok
20:31:46.0292 6064 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:31:46.0292 6064 DfsC - ok
20:31:46.0332 6064 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:31:46.0332 6064 Dhcp - ok
20:31:46.0342 6064 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:31:46.0342 6064 discache - ok
20:31:46.0352 6064 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:31:46.0352 6064 Disk - ok
20:31:46.0382 6064 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:31:46.0382 6064 Dnscache - ok
20:31:46.0402 6064 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:31:46.0402 6064 dot3svc - ok
20:31:46.0422 6064 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:31:46.0422 6064 DPS - ok
20:31:46.0442 6064 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:31:46.0442 6064 drmkaud - ok
20:31:46.0482 6064 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:31:46.0482 6064 DXGKrnl - ok
20:31:46.0512 6064 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:31:46.0512 6064 EapHost - ok
20:31:46.0572 6064 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:31:46.0582 6064 ebdrv - ok
20:31:46.0612 6064 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:31:46.0612 6064 EFS - ok
20:31:46.0652 6064 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:31:46.0652 6064 ehRecvr - ok
20:31:46.0672 6064 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:31:46.0672 6064 ehSched - ok
20:31:46.0692 6064 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:31:46.0702 6064 elxstor - ok
20:31:46.0712 6064 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:31:46.0712 6064 ErrDev - ok
20:31:46.0742 6064 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:31:46.0742 6064 ETD - ok
20:31:46.0762 6064 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:31:46.0762 6064 EventSystem - ok
20:31:46.0782 6064 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:31:46.0782 6064 exfat - ok
20:31:46.0792 6064 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:31:46.0792 6064 fastfat - ok
20:31:46.0822 6064 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:31:46.0832 6064 Fax - ok
20:31:46.0842 6064 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:31:46.0842 6064 fdc - ok
20:31:46.0852 6064 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:31:46.0852 6064 fdPHost - ok
20:31:46.0872 6064 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:31:46.0872 6064 FDResPub - ok
20:31:46.0882 6064 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:31:46.0882 6064 FileInfo - ok
20:31:46.0892 6064 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:31:46.0892 6064 Filetrace - ok
20:31:46.0912 6064 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:31:46.0912 6064 flpydisk - ok
20:31:46.0932 6064 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:31:46.0932 6064 FltMgr - ok
20:31:46.0952 6064 [ 10B5AB16C34D4E316EDB825386F57DA6 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
20:31:46.0952 6064 FLxHCIc - ok
20:31:46.0972 6064 [ 66DE264C2DEFE746CB2E71F3A5EB5C2C ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
20:31:46.0972 6064 FLxHCIh - ok
20:31:47.0032 6064 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:31:47.0042 6064 FontCache - ok
20:31:47.0092 6064 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:31:47.0092 6064 FontCache3.0.0.0 - ok
20:31:47.0112 6064 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:31:47.0112 6064 FsDepends - ok
20:31:47.0132 6064 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:31:47.0132 6064 fssfltr - ok
20:31:47.0182 6064 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:31:47.0192 6064 fsssvc - ok
20:31:47.0212 6064 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:31:47.0212 6064 Fs_Rec - ok
20:31:47.0232 6064 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
20:31:47.0232 6064 FTDIBUS - ok
20:31:47.0262 6064 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
20:31:47.0262 6064 FTSER2K - ok
20:31:47.0282 6064 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:31:47.0282 6064 fvevol - ok
20:31:47.0302 6064 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:31:47.0302 6064 gagp30kx - ok
20:31:47.0332 6064 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:31:47.0332 6064 gpsvc - ok
20:31:47.0382 6064 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:47.0382 6064 gupdate - ok
20:31:47.0392 6064 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:31:47.0392 6064 gupdatem - ok
20:31:47.0412 6064 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:31:47.0412 6064 gusvc - ok
20:31:47.0422 6064 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:31:47.0422 6064 hcw85cir - ok
20:31:47.0442 6064 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:31:47.0442 6064 HdAudAddService - ok
20:31:47.0462 6064 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:31:47.0462 6064 HDAudBus - ok
20:31:47.0482 6064 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:31:47.0482 6064 HidBatt - ok
20:31:47.0482 6064 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:31:47.0482 6064 HidBth - ok
20:31:47.0492 6064 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:31:47.0492 6064 HidIr - ok
20:31:47.0512 6064 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:31:47.0512 6064 hidserv - ok
20:31:47.0522 6064 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:31:47.0522 6064 HidUsb - ok
20:31:47.0552 6064 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:31:47.0562 6064 hkmsvc - ok
20:31:47.0582 6064 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:31:47.0582 6064 HomeGroupListener - ok
20:31:47.0612 6064 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:31:47.0622 6064 HomeGroupProvider - ok
20:31:47.0632 6064 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:31:47.0642 6064 HpSAMD - ok
20:31:47.0662 6064 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:31:47.0672 6064 HTTP - ok
20:31:47.0692 6064 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:31:47.0702 6064 hwpolicy - ok
20:31:47.0712 6064 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:31:47.0722 6064 i8042prt - ok
20:31:47.0742 6064 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:31:47.0752 6064 iaStor - ok
20:31:47.0782 6064 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:31:47.0782 6064 iaStorV - ok
20:31:47.0852 6064 [ 54E99BFCF960C1299A0E63F77127E5C8 ] IB Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
20:31:47.0852 6064 IB Updater - ok
20:31:47.0922 6064 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:31:47.0922 6064 IDriverT - ok
20:31:47.0972 6064 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:31:47.0972 6064 idsvc - ok
20:31:48.0072 6064 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:31:48.0102 6064 igfx - ok
20:31:48.0152 6064 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:31:48.0152 6064 iirsp - ok
20:31:48.0192 6064 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:31:48.0202 6064 IKEEXT - ok
20:31:48.0262 6064 [ 177B4E48C7A288E70779B42AB81D2D06 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:31:48.0282 6064 IntcAzAudAddService - ok
20:31:48.0292 6064 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:31:48.0292 6064 IntcDAud - ok
20:31:48.0312 6064 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:31:48.0312 6064 intelide - ok
20:31:48.0322 6064 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:31:48.0322 6064 intelppm - ok
20:31:48.0342 6064 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:31:48.0342 6064 IPBusEnum - ok
20:31:48.0362 6064 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:31:48.0372 6064 IpFilterDriver - ok
20:31:48.0402 6064 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:31:48.0402 6064 iphlpsvc - ok
20:31:48.0422 6064 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:31:48.0422 6064 IPMIDRV - ok
20:31:48.0442 6064 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:31:48.0442 6064 IPNAT - ok
20:31:48.0452 6064 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:31:48.0452 6064 IRENUM - ok
20:31:48.0512 6064 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:31:48.0512 6064 isapnp - ok
20:31:48.0532 6064 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:31:48.0532 6064 iScsiPrt - ok
20:31:48.0552 6064 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:31:48.0552 6064 kbdclass - ok
20:31:48.0562 6064 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:31:48.0562 6064 kbdhid - ok
20:31:48.0592 6064 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
20:31:48.0592 6064 kbfiltr - ok
20:31:48.0602 6064 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:31:48.0602 6064 KeyIso - ok
20:31:48.0622 6064 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:31:48.0622 6064 KSecDD - ok
20:31:48.0652 6064 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:31:48.0652 6064 KSecPkg - ok
20:31:48.0682 6064 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:31:48.0682 6064 ksthunk - ok
20:31:48.0702 6064 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:31:48.0712 6064 KtmRm - ok
20:31:48.0742 6064 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:31:48.0742 6064 LanmanServer - ok
20:31:48.0772 6064 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:31:48.0772 6064 LanmanWorkstation - ok
20:31:48.0782 6064 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:31:48.0782 6064 lltdio - ok
20:31:48.0802 6064 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:31:48.0802 6064 lltdsvc - ok
20:31:48.0822 6064 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:31:48.0822 6064 lmhosts - ok
20:31:48.0862 6064 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:31:48.0872 6064 LMS - ok
20:31:48.0892 6064 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:31:48.0902 6064 LSI_FC - ok
20:31:48.0902 6064 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:31:48.0902 6064 LSI_SAS - ok
20:31:48.0912 6064 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:31:48.0912 6064 LSI_SAS2 - ok
20:31:48.0922 6064 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:31:48.0922 6064 LSI_SCSI - ok
20:31:48.0932 6064 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:31:48.0932 6064 luafv - ok
20:31:48.0992 6064 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:31:48.0992 6064 MBAMProtector - ok
20:31:49.0032 6064 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:31:49.0042 6064 MBAMScheduler - ok
20:31:49.0062 6064 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:31:49.0072 6064 MBAMService - ok
20:31:49.0092 6064 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:31:49.0092 6064 Mcx2Svc - ok
20:31:49.0102 6064 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:31:49.0112 6064 megasas - ok
20:31:49.0132 6064 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:31:49.0132 6064 MegaSR - ok
20:31:49.0162 6064 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:31:49.0162 6064 MEIx64 - ok
20:31:49.0202 6064 Microsoft SharePoint Workspace Audit Service - ok
20:31:49.0222 6064 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:31:49.0232 6064 MMCSS - ok
20:31:49.0232 6064 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:31:49.0232 6064 Modem - ok
20:31:49.0252 6064 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:31:49.0252 6064 monitor - ok
20:31:49.0262 6064 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:31:49.0262 6064 mouclass - ok
20:31:49.0262 6064 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:31:49.0272 6064 mouhid - ok
20:31:49.0292 6064 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:31:49.0292 6064 mountmgr - ok
20:31:49.0312 6064 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:31:49.0312 6064 mpio - ok
20:31:49.0332 6064 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:31:49.0332 6064 mpsdrv - ok
20:31:49.0372 6064 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:31:49.0372 6064 MpsSvc - ok
20:31:49.0402 6064 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:31:49.0402 6064 MRxDAV - ok
20:31:49.0422 6064 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:31:49.0422 6064 mrxsmb - ok
20:31:49.0442 6064 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:31:49.0442 6064 mrxsmb10 - ok
20:31:49.0472 6064 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:31:49.0482 6064 mrxsmb20 - ok
20:31:49.0492 6064 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:31:49.0492 6064 msahci - ok
20:31:49.0522 6064 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:31:49.0522 6064 msdsm - ok
20:31:49.0532 6064 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:31:49.0532 6064 MSDTC - ok
20:31:49.0562 6064 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:31:49.0562 6064 Msfs - ok
20:31:49.0572 6064 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:31:49.0572 6064 mshidkmdf - ok
20:31:49.0582 6064 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:31:49.0582 6064 msisadrv - ok
20:31:49.0612 6064 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:31:49.0612 6064 MSiSCSI - ok
20:31:49.0622 6064 msiserver - ok
20:31:49.0632 6064 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:31:49.0632 6064 MSKSSRV - ok
20:31:49.0642 6064 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:31:49.0642 6064 MSPCLOCK - ok
20:31:49.0652 6064 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:31:49.0652 6064 MSPQM - ok
20:31:49.0682 6064 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:31:49.0682 6064 MsRPC - ok
20:31:49.0702 6064 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:31:49.0712 6064 mssmbios - ok
20:31:49.0772 6064 MSSQL$SQLEXPRESS - ok
20:31:49.0802 6064 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:31:49.0802 6064 MSSQLServerADHelper100 - ok
20:31:49.0832 6064 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:31:49.0832 6064 MSTEE - ok
20:31:49.0832 6064 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:31:49.0832 6064 MTConfig - ok
20:31:49.0842 6064 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:31:49.0852 6064 Mup - ok
20:31:49.0882 6064 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:31:49.0892 6064 napagent - ok
20:31:49.0902 6064 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:31:49.0902 6064 NativeWifiP - ok
20:31:49.0942 6064 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:31:49.0952 6064 NDIS - ok
20:31:49.0962 6064 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:31:49.0962 6064 NdisCap - ok
20:31:49.0982 6064 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:31:49.0982 6064 NdisTapi - ok
20:31:50.0002 6064 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:31:50.0002 6064 Ndisuio - ok
20:31:50.0022 6064 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:31:50.0032 6064 NdisWan - ok
20:31:50.0032 6064 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:31:50.0042 6064 NDProxy - ok
20:31:50.0052 6064 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:31:50.0052 6064 NetBIOS - ok
20:31:50.0092 6064 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:31:50.0092 6064 NetBT - ok
20:31:50.0112 6064 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:31:50.0112 6064 Netlogon - ok
20:31:50.0132 6064 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:31:50.0132 6064 Netman - ok
20:31:50.0172 6064 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:31:50.0172 6064 NetMsmqActivator - ok
20:31:50.0172 6064 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:31:50.0172 6064 NetPipeActivator - ok
20:31:50.0212 6064 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:31:50.0212 6064 netprofm - ok
20:31:50.0212 6064 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:31:50.0212 6064 NetTcpActivator - ok
20:31:50.0222 6064 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:31:50.0222 6064 NetTcpPortSharing - ok
20:31:50.0232 6064 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:31:50.0232 6064 nfrd960 - ok
20:31:50.0252 6064 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:31:50.0252 6064 NlaSvc - ok
20:31:50.0262 6064 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:31:50.0262 6064 Npfs - ok
20:31:50.0282 6064 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:31:50.0282 6064 nsi - ok
20:31:50.0302 6064 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:31:50.0302 6064 nsiproxy - ok
20:31:50.0352 6064 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:31:50.0362 6064 Ntfs - ok
20:31:50.0372 6064 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:31:50.0372 6064 Null - ok
20:31:50.0572 6064 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:31:50.0632 6064 nvlddmkm - ok
20:31:50.0652 6064 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:31:50.0652 6064 nvpciflt - ok
20:31:50.0672 6064 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:31:50.0672 6064 nvraid - ok
20:31:50.0702 6064 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:31:50.0702 6064 nvstor - ok
20:31:50.0732 6064 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
20:31:50.0732 6064 NVSvc - ok
20:31:50.0762 6064 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:31:50.0772 6064 nvUpdatusService - ok
20:31:50.0792 6064 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:31:50.0792 6064 nv_agp - ok
20:31:50.0802 6064 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:31:50.0802 6064 ohci1394 - ok
20:31:50.0842 6064 [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
20:31:50.0842 6064 OpenVPNService - ok
20:31:50.0882 6064 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:31:50.0882 6064 ose - ok
20:31:50.0972 6064 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:31:50.0992 6064 osppsvc - ok
20:31:51.0012 6064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:31:51.0022 6064 p2pimsvc - ok
20:31:51.0042 6064 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:31:51.0052 6064 p2psvc - ok
20:31:51.0072 6064 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:31:51.0072 6064 Parport - ok
20:31:51.0092 6064 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:31:51.0092 6064 partmgr - ok
20:31:51.0112 6064 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:31:51.0112 6064 PcaSvc - ok
20:31:51.0132 6064 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:31:51.0132 6064 pci - ok
20:31:51.0152 6064 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:31:51.0152 6064 pciide - ok
20:31:51.0172 6064 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:31:51.0182 6064 pcmcia - ok
20:31:51.0192 6064 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:31:51.0192 6064 pcw - ok
20:31:51.0212 6064 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:31:51.0212 6064 PEAUTH - ok
20:31:51.0262 6064 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:31:51.0262 6064 PerfHost - ok
20:31:51.0322 6064 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:31:51.0332 6064 pla - ok
20:31:51.0362 6064 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:31:51.0372 6064 PlugPlay - ok
20:31:51.0382 6064 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:31:51.0382 6064 PNRPAutoReg - ok
20:31:51.0402 6064 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:31:51.0402 6064 PNRPsvc - ok
20:31:51.0422 6064 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:31:51.0432 6064 PolicyAgent - ok
20:31:51.0452 6064 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:31:51.0462 6064 Power - ok
20:31:51.0492 6064 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:31:51.0492 6064 PptpMiniport - ok
20:31:51.0512 6064 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:31:51.0512 6064 Processor - ok
20:31:51.0542 6064 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:31:51.0542 6064 ProfSvc - ok
20:31:51.0562 6064 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:31:51.0562 6064 ProtectedStorage - ok
20:31:51.0582 6064 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:31:51.0582 6064 Psched - ok
20:31:51.0632 6064 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:31:51.0632 6064 PxHlpa64 - ok
20:31:51.0672 6064 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:31:51.0672 6064 ql2300 - ok
20:31:51.0682 6064 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:31:51.0682 6064 ql40xx - ok
20:31:51.0712 6064 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:31:51.0712 6064 QWAVE - ok
20:31:51.0722 6064 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:31:51.0722 6064 QWAVEdrv - ok
20:31:51.0732 6064 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:31:51.0732 6064 RasAcd - ok
20:31:51.0742 6064 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:31:51.0742 6064 RasAgileVpn - ok
20:31:51.0752 6064 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:31:51.0752 6064 RasAuto - ok
20:31:51.0782 6064 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:31:51.0782 6064 Rasl2tp - ok
20:31:51.0812 6064 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:31:51.0822 6064 RasMan - ok
20:31:51.0832 6064 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:31:51.0832 6064 RasPppoe - ok
20:31:51.0842 6064 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:31:51.0842 6064 RasSstp - ok
20:31:51.0862 6064 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:31:51.0862 6064 rdbss - ok
20:31:51.0872 6064 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:31:51.0872 6064 rdpbus - ok
20:31:51.0882 6064 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:31:51.0882 6064 RDPCDD - ok
20:31:51.0902 6064 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:31:51.0902 6064 RDPENCDD - ok
20:31:51.0912 6064 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:31:51.0912 6064 RDPREFMP - ok
20:31:51.0982 6064 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:31:51.0982 6064 RdpVideoMiniport - ok
20:31:52.0002 6064 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:31:52.0012 6064 RDPWD - ok
20:31:52.0042 6064 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:31:52.0042 6064 rdyboost - ok
20:31:52.0082 6064 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:31:52.0082 6064 RemoteAccess - ok
20:31:52.0092 6064 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:31:52.0092 6064 RemoteRegistry - ok
20:31:52.0122 6064 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:31:52.0122 6064 RFCOMM - ok
20:31:52.0182 6064 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:31:52.0182 6064 RichVideo - ok
20:31:52.0202 6064 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:31:52.0202 6064 RpcEptMapper - ok
20:31:52.0212 6064 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:31:52.0212 6064 RpcLocator - ok
20:31:52.0242 6064 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:31:52.0242 6064 RpcSs - ok
20:31:52.0272 6064 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
20:31:52.0272 6064 RsFx0103 - ok
20:31:52.0302 6064 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:31:52.0302 6064 rspndr - ok
20:31:52.0332 6064 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:31:52.0332 6064 RTL8167 - ok
20:31:52.0352 6064 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:31:52.0352 6064 SamSs - ok
20:31:52.0372 6064 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:31:52.0372 6064 sbp2port - ok
20:31:52.0402 6064 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:31:52.0402 6064 SCardSvr - ok
20:31:52.0432 6064 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:31:52.0432 6064 scfilter - ok
20:31:52.0472 6064 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:31:52.0472 6064 Schedule - ok
20:31:52.0502 6064 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:31:52.0502 6064 SCPolicySvc - ok
20:31:52.0532 6064 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:31:52.0542 6064 SDRSVC - ok
20:31:52.0562 6064 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:31:52.0562 6064 secdrv - ok
20:31:52.0572 6064 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:31:52.0572 6064 seclogon - ok
20:31:52.0602 6064 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:31:52.0602 6064 SENS - ok
20:31:52.0622 6064 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:31:52.0622 6064 SensrSvc - ok
20:31:52.0642 6064 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:31:52.0642 6064 Serenum - ok
20:31:52.0642 6064 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:31:52.0652 6064 Serial - ok
20:31:52.0672 6064 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:31:52.0672 6064 sermouse - ok
20:31:52.0712 6064 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:31:52.0712 6064 SessionEnv - ok
20:31:52.0732 6064 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:31:52.0732 6064 sffdisk - ok
20:31:52.0742 6064 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:31:52.0742 6064 sffp_mmc - ok
20:31:52.0752 6064 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:31:52.0762 6064 sffp_sd - ok
20:31:52.0762 6064 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:31:52.0762 6064 sfloppy - ok
20:31:52.0792 6064 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:31:52.0802 6064 SharedAccess - ok
20:31:52.0832 6064 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:31:52.0832 6064 ShellHWDetection - ok
20:31:52.0842 6064 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
20:31:52.0842 6064 SiSGbeLH - ok
20:31:52.0842 6064 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:31:52.0842 6064 SiSRaid2 - ok
20:31:52.0852 6064 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:31:52.0852 6064 SiSRaid4 - ok
20:31:52.0882 6064 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:31:52.0882 6064 SkypeUpdate - ok
20:31:52.0902 6064 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:31:52.0902 6064 Smb - ok
20:31:52.0942 6064 [ 446EB38CE4A6D040F548B2F547CA96FF ] snapman C:\Windows\system32\DRIVERS\snapman.sys
20:31:52.0942 6064 snapman - ok
20:31:52.0962 6064 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:31:52.0962 6064 SNMPTRAP - ok
20:31:53.0032 6064 [ C98375D19F9E9966F6201BAE65FB3728 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
20:31:53.0032 6064 SNP2UVC - ok
20:31:53.0052 6064 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:31:53.0052 6064 spldr - ok
20:31:53.0092 6064 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:31:53.0092 6064 Spooler - ok
20:31:53.0162 6064 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:31:53.0182 6064 sppsvc - ok
20:31:53.0332 6064 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:31:53.0332 6064 sppuinotify - ok
20:31:53.0362 6064 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:31:53.0362 6064 SQLAgent$SQLEXPRESS - ok
20:31:53.0402 6064 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:31:53.0402 6064 SQLBrowser - ok
20:31:53.0422 6064 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:31:53.0422 6064 SQLWriter - ok
20:31:53.0462 6064 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:31:53.0462 6064 srv - ok
20:31:53.0482 6064 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:31:53.0482 6064 srv2 - ok
20:31:53.0492 6064 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:31:53.0502 6064 srvnet - ok
20:31:53.0532 6064 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:31:53.0542 6064 SSDPSRV - ok
20:31:53.0552 6064 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:31:53.0552 6064 SstpSvc - ok
20:31:53.0582 6064 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:31:53.0582 6064 stexstor - ok
20:31:53.0612 6064 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:31:53.0622 6064 stisvc - ok
20:31:53.0652 6064 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:31:53.0652 6064 swenum - ok
20:31:53.0672 6064 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:31:53.0682 6064 swprv - ok
20:31:53.0742 6064 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:31:53.0752 6064 SysMain - ok
20:31:53.0782 6064 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:31:53.0782 6064 TabletInputService - ok
20:31:53.0872 6064 [ B5B736216FF7C71D320BF493825752A1 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
20:31:53.0902 6064 TabletServicePen - ok
20:31:53.0922 6064 [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:31:53.0922 6064 tap0901 - ok
20:31:53.0942 6064 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:31:53.0942 6064 TapiSrv - ok
20:31:53.0972 6064 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:31:53.0972 6064 TBS - ok
20:31:54.0022 6064 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:31:54.0032 6064 Tcpip - ok
20:31:54.0072 6064 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:31:54.0082 6064 TCPIP6 - ok
20:31:54.0112 6064 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:31:54.0112 6064 tcpipreg - ok
20:31:54.0132 6064 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:31:54.0132 6064 TDPIPE - ok
20:31:54.0172 6064 [ DF9179B7BDF0C5B71F9C3D93C016BAE5 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
20:31:54.0182 6064 tdrpman251 - ok
20:31:54.0202 6064 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:31:54.0202 6064 TDTCP - ok
20:31:54.0232 6064 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:31:54.0232 6064 tdx - ok
20:31:54.0242 6064 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:31:54.0252 6064 TermDD - ok
20:31:54.0272 6064 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:31:54.0272 6064 TermService - ok
20:31:54.0292 6064 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:31:54.0292 6064 Themes - ok
20:31:54.0312 6064 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:31:54.0322 6064 THREADORDER - ok
20:31:54.0352 6064 [ F7546EAD58CC3000AC02CF9529B9934E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
20:31:54.0352 6064 timounter - ok
20:31:54.0362 6064 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:31:54.0362 6064 TrkWks - ok
20:31:54.0402 6064 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:31:54.0412 6064 TrustedInstaller - ok
20:31:54.0442 6064 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:31:54.0442 6064 tssecsrv - ok
20:31:54.0472 6064 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:31:54.0472 6064 TsUsbFlt - ok
20:31:54.0542 6064 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
20:31:54.0552 6064 TuneUp.UtilitiesSvc - ok
20:31:54.0572 6064 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
20:31:54.0572 6064 TuneUpUtilitiesDrv - ok
20:31:54.0602 6064 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:31:54.0602 6064 tunnel - ok
20:31:54.0622 6064 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:31:54.0622 6064 TurboB - ok
20:31:54.0652 6064 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:31:54.0652 6064 TurboBoost - ok
20:31:54.0672 6064 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:31:54.0672 6064 uagp35 - ok
20:31:54.0712 6064 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:31:54.0712 6064 udfs - ok
20:31:54.0742 6064 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:31:54.0752 6064 UI0Detect - ok
20:31:54.0772 6064 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:31:54.0772 6064 uliagpkx - ok
20:31:54.0792 6064 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:31:54.0792 6064 umbus - ok
20:31:54.0792 6064 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:31:54.0802 6064 UmPass - ok
20:31:54.0872 6064 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:31:54.0892 6064 UNS - ok
20:31:54.0902 6064 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:31:54.0902 6064 upnphost - ok
20:31:54.0922 6064 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:31:54.0922 6064 usbccgp - ok
20:31:54.0942 6064 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:31:54.0942 6064 usbcir - ok
20:31:54.0962 6064 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:31:54.0962 6064 usbehci - ok
20:31:54.0982 6064 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:31:54.0982 6064 usbhub - ok
20:31:55.0002 6064 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:31:55.0002 6064 usbohci - ok
20:31:55.0022 6064 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:31:55.0022 6064 usbprint - ok
20:31:55.0032 6064 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:31:55.0032 6064 USBSTOR - ok
20:31:55.0042 6064 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:31:55.0042 6064 usbuhci - ok
20:31:55.0062 6064 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:31:55.0062 6064 usbvideo - ok
20:31:55.0122 6064 [ 622FCF264119F7DF127BE353F796B319 ] UtilityChest_49Service C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
20:31:55.0122 6064 UtilityChest_49Service - ok
20:31:55.0142 6064 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:31:55.0142 6064 UxSms - ok
20:31:55.0162 6064 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
20:31:55.0172 6064 UxTuneUp - ok
20:31:55.0182 6064 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:31:55.0182 6064 VaultSvc - ok
20:31:55.0192 6064 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:31:55.0192 6064 vdrvroot - ok
20:31:55.0222 6064 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:31:55.0232 6064 vds - ok
20:31:55.0252 6064 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:31:55.0252 6064 vga - ok
20:31:55.0272 6064 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:31:55.0272 6064 VgaSave - ok
20:31:55.0292 6064 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:31:55.0292 6064 vhdmp - ok
20:31:55.0322 6064 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:31:55.0332 6064 viaide - ok
20:31:55.0362 6064 [ 0ADF410187B71C9B855721C8D59CEC7A ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
20:31:55.0362 6064 VideAceWindowsService - ok
20:31:55.0372 6064 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:31:55.0382 6064 volmgr - ok
20:31:55.0422 6064 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:31:55.0422 6064 volmgrx - ok
20:31:55.0432 6064 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:31:55.0432 6064 volsnap - ok
20:31:55.0462 6064 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:31:55.0462 6064 vsmraid - ok
20:31:55.0512 6064 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:31:55.0522 6064 VSS - ok
20:31:55.0542 6064 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:31:55.0542 6064 vwifibus - ok
20:31:55.0562 6064 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:31:55.0562 6064 vwififlt - ok
20:31:55.0582 6064 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:31:55.0582 6064 W32Time - ok
20:31:55.0602 6064 [ 6B6718DC4B4597EC10F4F8C614282EE1 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:31:55.0602 6064 wacmoumonitor - ok
20:31:55.0632 6064 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:31:55.0632 6064 wacommousefilter - ok
20:31:55.0642 6064 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:31:55.0642 6064 WacomPen - ok
20:31:55.0662 6064 [ 26B430E7C5F598FE7353E3BC4B261321 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
20:31:55.0662 6064 wacomvhid - ok
20:31:55.0702 6064 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:31:55.0702 6064 WANARP - ok
20:31:55.0702 6064 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:31:55.0702 6064 Wanarpv6 - ok
20:31:55.0752 6064 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:31:55.0762 6064 wbengine - ok
20:31:55.0772 6064 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:31:55.0772 6064 WbioSrvc - ok
20:31:55.0792 6064 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:31:55.0792 6064 wcncsvc - ok
20:31:55.0812 6064 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:31:55.0812 6064 WcsPlugInService - ok
20:31:55.0832 6064 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:31:55.0832 6064 Wd - ok
20:31:55.0872 6064 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:31:55.0872 6064 Wdf01000 - ok
20:31:55.0892 6064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:31:55.0892 6064 WdiServiceHost - ok
20:31:55.0892 6064 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:31:55.0902 6064 WdiSystemHost - ok
20:31:55.0932 6064 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:31:55.0932 6064 WebClient - ok
20:31:55.0972 6064 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:31:55.0972 6064 Wecsvc - ok
20:31:55.0992 6064 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:31:56.0002 6064 wercplsupport - ok
20:31:56.0012 6064 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:31:56.0012 6064 WerSvc - ok
20:31:56.0032 6064 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:31:56.0032 6064 WfpLwf - ok
20:31:56.0062 6064 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:31:56.0062 6064 WimFltr - ok
20:31:56.0082 6064 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:31:56.0082 6064 WIMMount - ok
20:31:56.0102 6064 WinDefend - ok
20:31:56.0122 6064 WinHttpAutoProxySvc - ok
20:31:56.0172 6064 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:31:56.0172 6064 Winmgmt - ok
20:31:56.0232 6064 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
20:31:56.0242 6064 WinRM - ok
20:31:56.0302 6064 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:31:56.0312 6064 Wlansvc - ok
20:31:56.0352 6064 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:31:56.0352 6064 wlcrasvc - ok
20:31:56.0432 6064 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:31:56.0442 6064 wlidsvc - ok
20:31:56.0482 6064 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:31:56.0482 6064 WmiAcpi - ok
20:31:56.0532 6064 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:31:56.0532 6064 wmiApSrv - ok
20:31:56.0552 6064 WMPNetworkSvc - ok
20:31:56.0562 6064 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:31:56.0562 6064 WPCSvc - ok
20:31:56.0592 6064 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:31:56.0592 6064 WPDBusEnum - ok
20:31:56.0612 6064 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:31:56.0622 6064 ws2ifsl - ok
20:31:56.0632 6064 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:31:56.0632 6064 wscsvc - ok
20:31:56.0642 6064 WSearch - ok
20:31:56.0672 6064 [ A2CC9A9BC30C6141FF99D85A4E26D7A7 ] WTouchService C:\Program Files\WTouch\WTouchService.exe
20:31:56.0672 6064 WTouchService - ok
20:31:56.0722 6064 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:31:56.0732 6064 wuauserv - ok
20:31:56.0762 6064 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:31:56.0762 6064 WudfPf - ok
20:31:56.0772 6064 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:31:56.0772 6064 WUDFRd - ok
20:31:56.0782 6064 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:31:56.0782 6064 wudfsvc - ok
20:31:56.0812 6064 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:31:56.0812 6064 WwanSvc - ok
20:31:56.0832 6064 ================ Scan global ===============================
20:31:56.0902 6064 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:31:56.0922 6064 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:31:56.0932 6064 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:31:56.0952 6064 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:31:56.0962 6064 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:31:56.0962 6064 [Global] - ok
20:31:56.0972 6064 ================ Scan MBR ==================================
20:31:56.0982 6064 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:31:57.0132 6064 \Device\Harddisk0\DR0 - ok
20:31:57.0132 6064 ================ Scan VBR ==================================
20:31:57.0142 6064 [ 91F0CCE4C2EFA35442976DF4745FB6B3 ] \Device\Harddisk0\DR0\Partition1
20:31:57.0142 6064 \Device\Harddisk0\DR0\Partition1 - ok
20:31:57.0172 6064 [ F89FCDD9BA327BA8FB54E8B0021E763D ] \Device\Harddisk0\DR0\Partition2
20:31:57.0172 6064 \Device\Harddisk0\DR0\Partition2 - ok
20:31:57.0172 6064 ============================================================
20:31:57.0172 6064 Scan finished
20:31:57.0172 6064 ============================================================
20:31:57.0182 3480 Detected object count: 0
20:31:57.0182 3480 Actual detected object count: 0

markusg · 13.06.2013, 19:36

tdss killer nach anleitung konfigurieren und noch mal scannen bitte.

reporter · 13.06.2013, 19:42

OTL Logfile:

Code:

ATTFilter

OTL logfile created on: 13.06.2013 20:31:34 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\kappen\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
15,91 Gb Total Physical Memory | 12,50 Gb Available Physical Memory | 78,52% Memory free
31,82 Gb Paging File | 28,39 Gb Available in Paging File | 89,22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 279,45 Gb Total Space | 190,41 Gb Free Space | 68,14% Space Free | Partition Type: NTFS
Drive D: | 394,18 Gb Total Space | 394,08 Gb Free Space | 99,97% Space Free | Partition Type: NTFS
 
Computer Name: KAPPEN-PC | User Name: kappen | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe
PRC - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
PRC - [2013.06.13 14:04:59 | 000,030,096 | ---- | M] (VER_COMPANY_NAME) -- C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49brmon.exe
PRC - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013.01.29 15:30:00 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012.08.17 17:02:07 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
PRC - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
PRC - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2011.05.18 01:55:33 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2011.01.25 20:32:28 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.11.24 03:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010.11.20 14:17:56 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
PRC - [2010.08.21 03:47:58 | 000,077,312 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2010.08.17 23:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010.02.03 09:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010.01.21 08:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009.11.03 00:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2009.09.12 18:09:48 | 000,357,800 | ---- | M] (Acronis) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2009.09.12 18:09:14 | 005,082,488 | ---- | M] (Acronis) -- C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2009.06.19 19:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009.06.19 19:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
PRC - [2009.05.06 02:06:06 | 000,222,496 | ---- | M] (Acresso Corporation) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
PRC - [2008.12.23 02:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008.08.14 06:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
PRC - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.25 17:23:34 | 000,042,496 | ---- | M] () -- C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe
MOD - [2013.01.29 15:30:00 | 000,170,840 | ---- | M] () -- C:\Program Files\IB Updater\Extension32.dll
MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2009.11.03 00:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009.11.03 00:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2007.11.30 20:20:44 | 000,051,768 | ---- | M] () -- C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.01.29 15:30:00 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater)
SRV:64bit: - [2012.05.29 13:09:50 | 000,035,680 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.01.25 23:11:56 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010.11.30 00:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2010.09.23 04:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009.11.24 01:53:58 | 000,127,784 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\WTouch\WTouchService.exe -- (WTouchService)
SRV:64bit: - [2009.11.24 01:53:54 | 005,556,520 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Windows\SysNative\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
SRV - [2013.06.13 14:04:59 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe -- (UtilityChest_49Service)
SRV - [2013.06.12 10:17:28 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.10.10 03:22:26 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.10.08 12:42:54 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.09.17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.07.01 10:10:07 | 002,326,920 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe -- (afcdpsrv)
SRV - [2012.06.22 09:23:22 | 000,465,360 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2012.06.22 09:23:22 | 000,375,760 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2012.06.22 09:23:22 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.06.22 09:23:22 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.29 13:09:52 | 002,143,072 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.05.29 13:09:50 | 000,029,024 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2011.03.13 19:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011.03.13 19:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe -- (AtherosSvc)
SRV - [2010.12.21 03:24:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.12.21 03:24:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.11.13 00:24:12 | 000,241,648 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe -- (CLKMSVC10_38F51D56)
SRV - [2010.08.21 03:47:58 | 000,077,312 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2010.08.20 22:08:46 | 000,036,352 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.12.15 19:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009.09.12 18:10:04 | 000,891,848 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2009.06.16 02:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe -- (ASLDRService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.10.10 03:22:28 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.10.08 12:42:36 | 000,030,056 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.10 04:01:00 | 000,056,336 | ---- | M] (Corel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2012.07.01 10:10:08 | 000,250,400 | ---- | M] (Acronis) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\afcdp.sys -- (afcdp)
DRV:64bit: - [2012.07.01 10:10:06 | 001,455,648 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\tdrpm251.sys -- (tdrpman251)
DRV:64bit: - [2012.07.01 10:10:05 | 000,929,312 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012.07.01 10:10:01 | 000,254,496 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012.06.22 09:23:22 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.06.22 09:23:22 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.13 05:05:16 | 000,075,016 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2012.04.13 05:05:02 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.15 16:18:31 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.10.07 10:49:50 | 002,770,944 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2011.03.13 19:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011.03.13 19:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011.03.13 19:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011.03.13 19:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011.03.13 19:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011.03.13 19:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011.03.13 19:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.02.25 02:01:14 | 000,302,592 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2011.02.25 02:01:14 | 000,081,920 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011.02.16 11:11:08 | 000,428,136 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.11.30 00:00:04 | 000,016,120 | ---- | M] (Intel(R) Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.05 17:45:48 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.10.20 01:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.09.23 10:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010.09.08 13:39:32 | 000,129,024 | ---- | M] (ELAN Microelectronic Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2010.09.07 11:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010.08.20 22:08:46 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2009.08.28 00:06:34 | 000,018,216 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:64bit: - [2009.07.20 11:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.20 20:54:06 | 000,015,656 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2008.05.24 02:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV:64bit: - [2007.02.16 20:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2012.02.01 13:24:02 | 000,011,856 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2010.07.26 22:57:20 | 000,017,024 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.07.03 02:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZO^xdm071^YY^de&si=EL_UT_GER_20&ptb=600273F1-5872-4C79-BC42-0ECF327882B9&ind=2013061308&n=77fce0bc&psa=&st=sb&searchfor={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = Babylon Search
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google
IE - HKCU\..\URLSearchHook: {7a55cbb2-2b2e-4a41-9de1-6ac5d2c2be0a} - No CLSID value found
IE - HKCU\..\SearchScopes,bProtectorDefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=115888&tt=031012_ccp_4012_5&babsrc=SP_ss&mntrId=3e1f182700000000000000ff5a565f83
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{84dc9f6c-c9a5-4c64-ab67-d6ef60f963c8}: "URL" = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?p2=^ZO^xdm071^YY^de&si=EL_UT_GER_20&ptb=600273F1-5872-4C79-BC42-0ECF327882B9&ind=2013061308&n=77fce0bc&psa=&st=sb&searchfor={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6OyQkc0g40&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7BFE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052%7D:2.0.0.576
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.10.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@phonostar.de/phonostar: C:\Program Files (x86)\phonostar-Player\npphonostarDetectNP.dll ( )
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.02.27 20:25:10 | 000,000,000 | ---D | M]
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.02.27 20:25:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013.02.27 20:25:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}: C:\Program Files\IB Updater\Firefox [2013.02.27 20:25:10 | 000,000,000 | ---D | M]
 
[2013.02.08 22:15:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Extensions
[2013.02.27 20:25:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\extensions
[2012.10.07 14:25:03 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com
[2013.02.08 22:33:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\Firefox\Profiles\dv6b6w9r.default\Extensions
[2012.10.04 17:57:36 | 000,214,514 | ---- | M] () (No name found) -- C:\Users\kappen\AppData\Roaming\mozilla\firefox\profiles\extensions\TorrentHandler@TorrentHandler.com.xpi
[2013.02.27 20:25:10 | 000,000,000 | ---D | M] (IB Updater) -- C:\PROGRAM FILES\IB UPDATER\FIREFOX
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - Extension: Torrent Handler = C:\Users\kappen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hphibigbodkkohoglgfkddblldpfohjl\1.1_0\
CHR - Extension: AdblockPlus = C:\Users\kappen\AppData\Local\Google\Chrome\User Data\Default\Extensions\oajhdafmlgdbnceanjdnahnblimohpdc\2.2.13_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Search Assistant BHO) - {06e05b40-77fa-40b6-9077-ed1a7577b1ef} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49SrcAs.dll (MindSpark)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (Toolbar BHO) - {58f7b5ca-1162-42e8-8bbc-d543b4edd780} - C:\PROGRA~2\UTILIT~2\bar\1.bin\49bar.dll (MindSpark)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (AdblockPlus) - {9FD6379A-EF46-4193-BC64-99F59DF1334F} - C:\Users\kappen\AppData\LocalLow\AdblockPlus\IE\AdblockPlus.dll (Wladimir Palant)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Utility Chest) - {cf67755f-9265-449c-87cf-b945519e073b} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Utility Chest) - {CF67755F-9265-449C-87CF-B945519E073B} - C:\Program Files (x86)\UtilityChest_49\bar\1.bin\49bar.dll (MindSpark)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4:64bit: - HKLM..\Run: [Utility Chest Home Page Guard 64 bit] "C:\PROGRA~2\UTILIT~2\bar\1.bin\AppIntegrator64.exe" File not found
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis)
O4 - HKLM..\Run: [Utility Chest Search Scope Monitor] "C:\PROGRA~2\UTILIT~2\bar\1.bin\49srchmn.exe" /m=2 /w /h File not found
O4 - HKLM..\Run: [UtilityChest_49 Browser Plugin Loader] C:\PROGRA~2\UTILIT~2\bar\1.bin\49brmon.exe (VER_COMPANY_NAME)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [phonostar-PlayerTimer] C:\Program Files (x86)\phonostar-Player\phonostarTimer.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload.adobe.com/pub/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: DhcpNameServer = 134.108.34.5 134.108.34.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5A565F83-0F5D-40A5-A167-5A6FFD777046}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{920FAD4C-3077-416D-B08A-C443A04CFD16}: NameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.13 20:03:18 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe
[2013.06.13 14:19:31 | 000,000,000 | ---D | C] -- C:\Users\kappen\AppData\Local\UtilityChest_49
[2013.06.13 14:06:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe
[2013.06.13 14:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UtilityChest_49
[5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.13 20:17:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.06.13 20:03:24 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\kappen\Desktop\tdsskiller.exe
[2013.06.13 19:48:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.13 18:10:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 18:10:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.13 18:03:30 | 000,001,641 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.06.13 18:02:58 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.13 18:02:48 | 000,002,638 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.06.13 18:02:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.13 18:02:26 | 4225,032,190 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.13 14:06:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\kappen\Desktop\OTL.exe
[2013.06.11 16:37:46 | 000,001,729 | ---- | M] () -- C:\Users\kappen\Desktop\matlab.exe.lnk
[2013.06.11 15:54:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysNative\acovcnt.exe
[2013.06.08 17:05:04 | 002,494,968 | ---- | M] () -- C:\Users\kappen\Desktop\DSC_0128.JPG
[2013.06.07 16:49:34 | 001,020,922 | ---- | M] () -- C:\Users\kappen\Documents\fische2.jpg
[2013.06.06 21:59:28 | 003,499,923 | ---- | M] () -- C:\Users\kappen\Desktop\teezeremonie-zu-dritt-eg.jpg
[2013.06.05 12:05:31 | 003,002,894 | ---- | M] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg
[2013.06.05 12:04:08 | 005,591,548 | ---- | M] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg
[2013.06.01 14:43:17 | 000,000,132 | ---- | M] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
[2013.05.31 10:32:12 | 000,603,078 | ---- | M] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg
[2013.05.29 18:13:18 | 004,620,189 | ---- | M] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf
[2013.05.23 20:24:12 | 000,000,024 | ---- | M] () -- C:\Windows\ATKPF.ini
[2013.05.15 17:46:04 | 002,063,280 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.15 14:12:47 | 004,607,747 | ---- | M] () -- C:\Users\kappen\Documents\DSC_0117c.jpg
[2013.05.15 12:52:14 | 004,588,162 | ---- | M] () -- C:\Users\kappen\Documents\DSC_0117a.jpg
[5 C:\Users\kappen\Desktop\*.tmp files -> C:\Users\kappen\Desktop\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.06.08 19:24:48 | 002,494,968 | ---- | C] () -- C:\Users\kappen\Desktop\DSC_0128.JPG
[2013.06.07 16:49:34 | 001,020,922 | ---- | C] () -- C:\Users\kappen\Documents\fische2.jpg
[2013.06.06 21:59:26 | 003,499,923 | ---- | C] () -- C:\Users\kappen\Desktop\teezeremonie-zu-dritt-eg.jpg
[2013.06.05 12:05:29 | 003,002,894 | ---- | C] () -- C:\Users\kappen\Desktop\baumgartes-mit-teebauer-grossa.jpg
[2013.06.05 12:04:06 | 005,591,548 | ---- | C] () -- C:\Users\kappen\Desktop\jadequell-mit-geschirra.jpg
[2013.06.01 14:43:17 | 000,000,132 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\Adobe CS5-Voreinstellungen für PNG-Format
[2013.05.31 10:32:11 | 000,603,078 | ---- | C] () -- C:\Users\kappen\Documents\King_Willem-Alexander,_Queen_Maxima_and_their_daughters_13.jpg
[2013.05.29 18:13:18 | 004,620,189 | ---- | C] () -- C:\Users\kappen\Desktop\Trott-war_Juni_2013.pdf
[2013.05.15 14:12:44 | 004,607,747 | ---- | C] () -- C:\Users\kappen\Documents\DSC_0117c.jpg
[2013.05.15 12:52:12 | 004,588,162 | ---- | C] () -- C:\Users\kappen\Documents\DSC_0117a.jpg
[2012.11.06 20:58:05 | 000,000,018 | -HS- | C] () -- C:\Windows\WINPROD.DLL
[2012.10.10 03:22:34 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.10.10 03:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.10.10 03:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.02.13 21:18:27 | 000,000,600 | ---- | C] () -- C:\Users\kappen\AppData\Roaming\winscp.rnd
[2012.01.27 15:57:11 | 001,804,860 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.15 16:56:21 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.01.12 18:02:43 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.08.21 15:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.08.21 15:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.08.21 15:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.10.06 11:35:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\101Panda PDF Reader
[2012.07.01 10:17:12 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Acronis
[2012.01.15 15:37:18 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Asus WebStorage
[2012.10.04 18:57:31 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Babylon
[2013.01.27 21:07:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Buca
[2013.02.14 18:39:04 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\cef-cache
[2012.04.18 18:48:00 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Drivers For Free
[2012.10.15 20:50:17 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\f-secure
[2013.02.14 01:30:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Hefi
[2012.10.02 16:24:01 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\minimalarts_temp
[2012.01.15 17:22:43 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Nuance
[2013.02.09 00:34:14 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Party
[2012.10.02 16:23:35 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\phonostar GmbH
[2012.11.06 20:59:28 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Processor Expert
[2012.04.18 17:25:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Softland
[2012.03.31 15:34:05 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\TuneUp Software
[2013.02.08 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Ubidra
[2012.04.18 19:01:21 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\WTouch
[2012.01.15 17:22:41 | 000,000,000 | ---D | M] -- C:\Users\kappen\AppData\Roaming\Zeon
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 141 bytes -> C:\ProgramData\Temp:52DBE86F

< End of report >

--- --- ---

markusg · 13.06.2013, 19:44

wieso otl. ich wollte ein tdss killer log nach anleitung

reporter · 13.06.2013, 19:45

hey Chef
habs geändert und jetzt hat er 5 Bedrohungen gefunden, kann die aber nicht reinkopieren
atheros Agent
IdriverT
nochmal was mit atheros
openvpnservice
wideacewindowsservice

markusg · 13.06.2013, 19:47

na die txt nach anleitung öffnen, log posten.

reporter · 13.06.2013, 19:50

20:43:45.0186 4060 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
20:43:45.0516 4060 ============================================================
20:43:45.0516 4060 Current date / time: 2013/06/13 20:43:45.0516
20:43:45.0516 4060 SystemInfo:
20:43:45.0516 4060
20:43:45.0516 4060 OS Version: 6.1.7601 ServicePack: 1.0
20:43:45.0516 4060 Product type: Workstation
20:43:45.0516 4060 ComputerName: KAPPEN-PC
20:43:45.0516 4060 UserName: kappen
20:43:45.0516 4060 Windows directory: C:\Windows
20:43:45.0516 4060 System windows directory: C:\Windows
20:43:45.0516 4060 Running under WOW64
20:43:45.0516 4060 Processor architecture: Intel x64
20:43:45.0516 4060 Number of processors: 8
20:43:45.0516 4060 Page size: 0x1000
20:43:45.0516 4060 Boot type: Normal boot
20:43:45.0516 4060 ============================================================
20:43:46.0086 4060 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:43:46.0106 4060 ============================================================
20:43:46.0106 4060 \Device\Harddisk0\DR0:
20:43:46.0106 4060 MBR partitions:
20:43:46.0106 4060 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x22EE8928
20:43:46.0116 4060 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x260EA000, BlocksNum 0x3145B800
20:43:46.0116 4060 ============================================================
20:43:46.0156 4060 C: <-> \Device\Harddisk0\DR0\Partition1
20:43:46.0176 4060 D: <-> \Device\Harddisk0\DR0\Partition2
20:43:46.0176 4060 ============================================================
20:43:46.0176 4060 Initialize success
20:43:46.0176 4060 ============================================================
20:44:10.0116 7496 ============================================================
20:44:10.0116 7496 Scan started
20:44:10.0116 7496 Mode: Manual; SigCheck; TDLFS;
20:44:10.0116 7496 ============================================================
20:44:10.0586 7496 ================ Scan system memory ========================
20:44:10.0586 7496 System memory - ok
20:44:10.0586 7496 ================ Scan services =============================
20:44:10.0686 7496 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:44:10.0766 7496 1394ohci - ok
20:44:10.0796 7496 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:44:10.0806 7496 ACPI - ok
20:44:10.0826 7496 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:44:10.0876 7496 AcpiPmi - ok
20:44:10.0966 7496 [ EAC4C4CB23EA3C267062F1EA0F9FFBB3 ] AcrSch2Svc C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
20:44:10.0986 7496 AcrSch2Svc - ok
20:44:11.0056 7496 [ BF3818B441955E4D438EC72F06F1FE61 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
20:44:11.0066 7496 AdobeActiveFileMonitor11.0 - ok
20:44:11.0136 7496 [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:44:11.0146 7496 AdobeFlashPlayerUpdateSvc - ok
20:44:11.0166 7496 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:44:11.0186 7496 adp94xx - ok
20:44:11.0206 7496 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:44:11.0216 7496 adpahci - ok
20:44:11.0226 7496 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:44:11.0236 7496 adpu320 - ok
20:44:11.0256 7496 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:44:11.0356 7496 AeLookupSvc - ok
20:44:11.0386 7496 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
20:44:11.0406 7496 AFBAgent - ok
20:44:11.0426 7496 [ 3426A6EAA09077F3AB946FB9CEB85D8E ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
20:44:11.0436 7496 afcdp - ok
20:44:11.0476 7496 [ 986A134B1A1770599B7AF9354CBB066F ] afcdpsrv C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
20:44:11.0516 7496 afcdpsrv - ok
20:44:11.0556 7496 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
20:44:11.0606 7496 AFD - ok
20:44:11.0616 7496 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
20:44:11.0626 7496 agp440 - ok
20:44:11.0656 7496 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
20:44:11.0676 7496 ALG - ok
20:44:11.0686 7496 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
20:44:11.0696 7496 aliide - ok
20:44:11.0706 7496 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
20:44:11.0716 7496 amdide - ok
20:44:11.0736 7496 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:44:11.0776 7496 AmdK8 - ok
20:44:11.0776 7496 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:44:11.0816 7496 AmdPPM - ok
20:44:11.0836 7496 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:44:11.0846 7496 amdsata - ok
20:44:11.0856 7496 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:44:11.0866 7496 amdsbs - ok
20:44:11.0876 7496 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:44:11.0886 7496 amdxata - ok
20:44:11.0926 7496 [ 56BEB1292DC71E49C824455EC582BFCE ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
20:44:11.0936 7496 AntiVirMailService - ok
20:44:11.0956 7496 [ 7ABE4092C35E7D4596487DFA075D84E1 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:44:11.0966 7496 AntiVirSchedulerService - ok
20:44:11.0996 7496 [ 5A37FFA608AE126C9702F5C07E07FC08 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:44:12.0006 7496 AntiVirService - ok
20:44:12.0026 7496 [ 5F2F39626586536CA86F402A1C947463 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
20:44:12.0036 7496 AntiVirWebService - ok
20:44:12.0056 7496 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
20:44:12.0176 7496 AppID - ok
20:44:12.0196 7496 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:44:12.0236 7496 AppIDSvc - ok
20:44:12.0256 7496 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
20:44:12.0296 7496 Appinfo - ok
20:44:12.0316 7496 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
20:44:12.0326 7496 arc - ok
20:44:12.0336 7496 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:44:12.0346 7496 arcsas - ok
20:44:12.0396 7496 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
20:44:12.0406 7496 ASLDRService - ok
20:44:12.0416 7496 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
20:44:12.0426 7496 ASMMAP64 - ok
20:44:12.0496 7496 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:44:12.0496 7496 aspnet_state - ok
20:44:12.0526 7496 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:44:12.0566 7496 AsyncMac - ok
20:44:12.0596 7496 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
20:44:12.0596 7496 atapi - ok
20:44:12.0626 7496 [ CBE61B4494165F458BD87E37181EE934 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:44:12.0656 7496 AthBTPort - ok
20:44:12.0706 7496 [ 4C4A576818EA028257C624AE36FF7A03 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:44:12.0726 7496 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - warning
20:44:12.0726 7496 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic (1)
20:44:12.0746 7496 [ 21753130331188C4B474E1D3B396E629 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:44:12.0766 7496 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
20:44:12.0766 7496 AtherosSvc - detected UnsignedFile.Multi.Generic (1)
20:44:12.0826 7496 [ B4174564AD5834A1680610572477878C ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:44:12.0906 7496 athr - ok
20:44:12.0916 7496 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
20:44:12.0926 7496 ATKGFNEXSrv - ok
20:44:12.0946 7496 [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
20:44:12.0956 7496 ATKWMIACPIIO - ok
20:44:12.0986 7496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:44:13.0036 7496 AudioEndpointBuilder - ok
20:44:13.0066 7496 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:44:13.0096 7496 AudioSrv - ok
20:44:13.0116 7496 [ 26E38B5A58C6C55FAFBC563EEDDB0867 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:44:13.0126 7496 avgntflt - ok
20:44:13.0146 7496 [ 9D1F00BEFF84CBBF46D7F052BC7E0565 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:44:13.0156 7496 avipbb - ok
20:44:13.0156 7496 [ 248DB59FC86DE44D2779F4C7FB1A567D ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:44:13.0166 7496 avkmgr - ok
20:44:13.0196 7496 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:44:13.0226 7496 AxInstSV - ok
20:44:13.0246 7496 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
20:44:13.0276 7496 b06bdrv - ok
20:44:13.0296 7496 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:44:13.0316 7496 b57nd60a - ok
20:44:13.0336 7496 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
20:44:13.0346 7496 BDESVC - ok
20:44:13.0366 7496 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
20:44:13.0396 7496 Beep - ok
20:44:13.0436 7496 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
20:44:13.0476 7496 BFE - ok
20:44:13.0506 7496 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
20:44:13.0546 7496 BITS - ok
20:44:13.0566 7496 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:44:13.0586 7496 blbdrive - ok
20:44:13.0606 7496 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:44:13.0636 7496 bowser - ok
20:44:13.0656 7496 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:44:13.0706 7496 BrFiltLo - ok
20:44:13.0716 7496 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:44:13.0726 7496 BrFiltUp - ok
20:44:13.0756 7496 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
20:44:13.0786 7496 Browser - ok
20:44:13.0806 7496 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:44:13.0826 7496 Brserid - ok
20:44:13.0836 7496 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:44:13.0846 7496 BrSerWdm - ok
20:44:13.0856 7496 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:44:13.0896 7496 BrUsbMdm - ok
20:44:13.0896 7496 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:44:13.0916 7496 BrUsbSer - ok
20:44:13.0936 7496 [ FE70889A85C57A9268101B2DB0474509 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:44:13.0976 7496 BTATH_A2DP - ok
20:44:14.0006 7496 [ A83A91D07D1FE6BBE7A9DB46CA00434B ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
20:44:14.0036 7496 BTATH_BUS - ok
20:44:14.0056 7496 [ C864FF85EE16D61C2BDD5EF76824625F ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
20:44:14.0086 7496 BTATH_HCRP - ok
20:44:14.0096 7496 [ 0DEA505EFB5D771826D177EF8B8A208F ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:44:14.0126 7496 BTATH_LWFLT - ok
20:44:14.0136 7496 [ 724C8088C96EFE7A3E63FEC21D4681C0 ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
20:44:14.0186 7496 BTATH_RCP - ok
20:44:14.0216 7496 [ AA0F5AFCF077C5246589B32ECEEAE566 ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:44:14.0226 7496 BtFilter - ok
20:44:14.0256 7496 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:44:14.0296 7496 BthEnum - ok
20:44:14.0336 7496 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:44:14.0346 7496 BTHMODEM - ok
20:44:14.0356 7496 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:44:14.0376 7496 BthPan - ok
20:44:14.0416 7496 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:44:14.0446 7496 BTHPORT - ok
20:44:14.0476 7496 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
20:44:14.0506 7496 bthserv - ok
20:44:14.0536 7496 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:44:14.0566 7496 BTHUSB - ok
20:44:14.0576 7496 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:44:14.0606 7496 cdfs - ok
20:44:14.0626 7496 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\drivers\cdrom.sys
20:44:14.0646 7496 cdrom - ok
20:44:14.0666 7496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
20:44:14.0706 7496 CertPropSvc - ok
20:44:14.0726 7496 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:44:14.0746 7496 circlass - ok
20:44:14.0766 7496 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
20:44:14.0776 7496 CLFS - ok
20:44:14.0846 7496 [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
20:44:14.0856 7496 CLKMSVC10_38F51D56 - ok
20:44:14.0906 7496 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:44:14.0906 7496 clr_optimization_v2.0.50727_32 - ok
20:44:14.0946 7496 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:44:14.0956 7496 clr_optimization_v2.0.50727_64 - ok
20:44:14.0996 7496 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:44:15.0006 7496 clr_optimization_v4.0.30319_32 - ok
20:44:15.0016 7496 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:44:15.0026 7496 clr_optimization_v4.0.30319_64 - ok
20:44:15.0046 7496 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:44:15.0056 7496 CmBatt - ok
20:44:15.0066 7496 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:44:15.0076 7496 cmdide - ok
20:44:15.0106 7496 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
20:44:15.0126 7496 CNG - ok
20:44:15.0136 7496 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:44:15.0146 7496 Compbatt - ok
20:44:15.0166 7496 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:44:15.0186 7496 CompositeBus - ok
20:44:15.0196 7496 COMSysApp - ok
20:44:15.0256 7496 [ 78AF1C499BF02F9814DF959A04A4F9C9 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
20:44:15.0276 7496 cphs - ok
20:44:15.0286 7496 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:44:15.0296 7496 crcdisk - ok
20:44:15.0316 7496 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:44:15.0336 7496 CryptSvc - ok
20:44:15.0366 7496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:44:15.0406 7496 DcomLaunch - ok
20:44:15.0436 7496 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
20:44:15.0476 7496 defragsvc - ok
20:44:15.0506 7496 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:44:15.0536 7496 DfsC - ok
20:44:15.0566 7496 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
20:44:15.0586 7496 Dhcp - ok
20:44:15.0606 7496 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
20:44:15.0636 7496 discache - ok
20:44:15.0646 7496 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:44:15.0656 7496 Disk - ok
20:44:15.0676 7496 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:44:15.0696 7496 Dnscache - ok
20:44:15.0746 7496 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
20:44:15.0786 7496 dot3svc - ok
20:44:15.0806 7496 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
20:44:15.0846 7496 DPS - ok
20:44:15.0866 7496 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:44:15.0896 7496 drmkaud - ok
20:44:15.0926 7496 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:44:15.0946 7496 DXGKrnl - ok
20:44:15.0976 7496 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
20:44:16.0006 7496 EapHost - ok
20:44:16.0056 7496 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
20:44:16.0136 7496 ebdrv - ok
20:44:16.0156 7496 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
20:44:16.0176 7496 EFS - ok
20:44:16.0226 7496 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:44:16.0256 7496 ehRecvr - ok
20:44:16.0276 7496 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
20:44:16.0296 7496 ehSched - ok
20:44:16.0326 7496 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:44:16.0336 7496 elxstor - ok
20:44:16.0366 7496 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:44:16.0376 7496 ErrDev - ok
20:44:16.0396 7496 [ 05B0DCDA418E297A1B4CD8D7B8ADE403 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
20:44:16.0426 7496 ETD - ok
20:44:16.0446 7496 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
20:44:16.0496 7496 EventSystem - ok
20:44:16.0516 7496 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
20:44:16.0556 7496 exfat - ok
20:44:16.0576 7496 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:44:16.0616 7496 fastfat - ok
20:44:16.0646 7496 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
20:44:16.0676 7496 Fax - ok
20:44:16.0696 7496 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:44:16.0726 7496 fdc - ok
20:44:16.0736 7496 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
20:44:16.0776 7496 fdPHost - ok
20:44:16.0786 7496 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
20:44:16.0816 7496 FDResPub - ok
20:44:16.0836 7496 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:44:16.0836 7496 FileInfo - ok
20:44:16.0856 7496 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:44:16.0896 7496 Filetrace - ok
20:44:16.0916 7496 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:44:16.0936 7496 flpydisk - ok
20:44:16.0956 7496 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:44:16.0966 7496 FltMgr - ok
20:44:16.0986 7496 [ 10B5AB16C34D4E316EDB825386F57DA6 ] FLxHCIc C:\Windows\system32\DRIVERS\FLxHCIc.sys
20:44:17.0046 7496 FLxHCIc - ok
20:44:17.0046 7496 [ 66DE264C2DEFE746CB2E71F3A5EB5C2C ] FLxHCIh C:\Windows\system32\DRIVERS\FLxHCIh.sys
20:44:17.0076 7496 FLxHCIh - ok
20:44:17.0136 7496 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
20:44:17.0166 7496 FontCache - ok
20:44:17.0226 7496 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:44:17.0236 7496 FontCache3.0.0.0 - ok
20:44:17.0246 7496 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:44:17.0256 7496 FsDepends - ok
20:44:17.0276 7496 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
20:44:17.0286 7496 fssfltr - ok
20:44:17.0346 7496 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
20:44:17.0366 7496 fsssvc - ok
20:44:17.0386 7496 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:44:17.0386 7496 Fs_Rec - ok
20:44:17.0406 7496 [ 35FD2BB5131714E657B7AB3A78642854 ] FTDIBUS C:\Windows\system32\drivers\ftdibus.sys
20:44:17.0416 7496 FTDIBUS - ok
20:44:17.0446 7496 [ 196C9BDDBEF9B6D0973F398BEF5B2EEE ] FTSER2K C:\Windows\system32\drivers\ftser2k.sys
20:44:17.0446 7496 FTSER2K - ok
20:44:17.0476 7496 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:44:17.0486 7496 fvevol - ok
20:44:17.0506 7496 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:44:17.0516 7496 gagp30kx - ok
20:44:17.0546 7496 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
20:44:17.0596 7496 gpsvc - ok
20:44:17.0646 7496 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:44:17.0656 7496 gupdate - ok
20:44:17.0666 7496 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:44:17.0666 7496 gupdatem - ok
20:44:17.0686 7496 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:44:17.0686 7496 gusvc - ok
20:44:17.0716 7496 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:44:17.0736 7496 hcw85cir - ok
20:44:17.0756 7496 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:44:17.0786 7496 HdAudAddService - ok
20:44:17.0796 7496 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:44:17.0816 7496 HDAudBus - ok
20:44:17.0836 7496 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:44:17.0846 7496 HidBatt - ok
20:44:17.0856 7496 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:44:17.0866 7496 HidBth - ok
20:44:17.0876 7496 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:44:17.0896 7496 HidIr - ok
20:44:17.0916 7496 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
20:44:17.0946 7496 hidserv - ok
20:44:17.0966 7496 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:44:17.0976 7496 HidUsb - ok
20:44:18.0006 7496 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:44:18.0046 7496 hkmsvc - ok
20:44:18.0066 7496 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:44:18.0096 7496 HomeGroupListener - ok
20:44:18.0126 7496 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:44:18.0146 7496 HomeGroupProvider - ok
20:44:18.0176 7496 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:44:18.0186 7496 HpSAMD - ok
20:44:18.0216 7496 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:44:18.0266 7496 HTTP - ok
20:44:18.0296 7496 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:44:18.0306 7496 hwpolicy - ok
20:44:18.0326 7496 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
20:44:18.0336 7496 i8042prt - ok
20:44:18.0366 7496 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
20:44:18.0376 7496 iaStor - ok
20:44:18.0406 7496 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:44:18.0416 7496 iaStorV - ok
20:44:18.0486 7496 [ 54E99BFCF960C1299A0E63F77127E5C8 ] IB Updater C:\Program Files\IB Updater\ExtensionUpdaterService.exe
20:44:18.0496 7496 IB Updater - ok
20:44:18.0596 7496 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
20:44:18.0616 7496 IDriverT ( UnsignedFile.Multi.Generic ) - warning
20:44:18.0616 7496 IDriverT - detected UnsignedFile.Multi.Generic (1)
20:44:18.0666 7496 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:44:18.0676 7496 idsvc - ok
20:44:18.0776 7496 [ A1CF07D24EDCDC6870535471654D957C ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
20:44:18.0866 7496 igfx - ok
20:44:18.0896 7496 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:44:18.0906 7496 iirsp - ok
20:44:18.0936 7496 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
20:44:18.0976 7496 IKEEXT - ok
20:44:19.0046 7496 [ 177B4E48C7A288E70779B42AB81D2D06 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
20:44:19.0086 7496 IntcAzAudAddService - ok
20:44:19.0106 7496 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
20:44:19.0136 7496 IntcDAud - ok
20:44:19.0146 7496 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
20:44:19.0156 7496 intelide - ok
20:44:19.0176 7496 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:44:19.0206 7496 intelppm - ok
20:44:19.0216 7496 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:44:19.0256 7496 IPBusEnum - ok
20:44:19.0286 7496 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:44:19.0316 7496 IpFilterDriver - ok
20:44:19.0356 7496 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:44:19.0386 7496 iphlpsvc - ok
20:44:19.0406 7496 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:44:19.0426 7496 IPMIDRV - ok
20:44:19.0446 7496 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:44:19.0486 7496 IPNAT - ok
20:44:19.0496 7496 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:44:19.0516 7496 IRENUM - ok
20:44:19.0556 7496 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:44:19.0556 7496 isapnp - ok
20:44:19.0576 7496 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:44:19.0586 7496 iScsiPrt - ok
20:44:19.0606 7496 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:44:19.0616 7496 kbdclass - ok
20:44:19.0636 7496 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:44:19.0656 7496 kbdhid - ok
20:44:19.0676 7496 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
20:44:19.0686 7496 kbfiltr - ok
20:44:19.0696 7496 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
20:44:19.0706 7496 KeyIso - ok
20:44:19.0716 7496 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:44:19.0726 7496 KSecDD - ok
20:44:19.0756 7496 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:44:19.0766 7496 KSecPkg - ok
20:44:19.0796 7496 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:44:19.0826 7496 ksthunk - ok
20:44:19.0846 7496 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
20:44:19.0886 7496 KtmRm - ok
20:44:19.0916 7496 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:44:19.0956 7496 LanmanServer - ok
20:44:19.0986 7496 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:44:20.0026 7496 LanmanWorkstation - ok
20:44:20.0036 7496 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:44:20.0076 7496 lltdio - ok
20:44:20.0096 7496 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:44:20.0136 7496 lltdsvc - ok
20:44:20.0146 7496 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:44:20.0176 7496 lmhosts - ok
20:44:20.0236 7496 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:44:20.0246 7496 LMS - ok
20:44:20.0276 7496 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:44:20.0276 7496 LSI_FC - ok
20:44:20.0286 7496 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:44:20.0296 7496 LSI_SAS - ok
20:44:20.0306 7496 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:44:20.0316 7496 LSI_SAS2 - ok
20:44:20.0316 7496 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:44:20.0326 7496 LSI_SCSI - ok
20:44:20.0346 7496 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
20:44:20.0376 7496 luafv - ok
20:44:20.0436 7496 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
20:44:20.0446 7496 MBAMProtector - ok
20:44:20.0496 7496 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:44:20.0506 7496 MBAMScheduler - ok
20:44:20.0536 7496 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
20:44:20.0546 7496 MBAMService - ok
20:44:20.0566 7496 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:44:20.0586 7496 Mcx2Svc - ok
20:44:20.0596 7496 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:44:20.0606 7496 megasas - ok
20:44:20.0626 7496 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:44:20.0646 7496 MegaSR - ok
20:44:20.0666 7496 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
20:44:20.0676 7496 MEIx64 - ok
20:44:20.0716 7496 Microsoft SharePoint Workspace Audit Service - ok
20:44:20.0736 7496 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
20:44:20.0786 7496 MMCSS - ok
20:44:20.0796 7496 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
20:44:20.0826 7496 Modem - ok
20:44:20.0856 7496 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:44:20.0876 7496 monitor - ok
20:44:20.0886 7496 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:44:20.0896 7496 mouclass - ok
20:44:20.0906 7496 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:44:20.0916 7496 mouhid - ok
20:44:20.0946 7496 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:44:20.0956 7496 mountmgr - ok
20:44:20.0966 7496 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
20:44:20.0976 7496 mpio - ok
20:44:20.0986 7496 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:44:21.0026 7496 mpsdrv - ok
20:44:21.0066 7496 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:44:21.0106 7496 MpsSvc - ok
20:44:21.0126 7496 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:44:21.0156 7496 MRxDAV - ok
20:44:21.0186 7496 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:44:21.0216 7496 mrxsmb - ok
20:44:21.0226 7496 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:44:21.0246 7496 mrxsmb10 - ok
20:44:21.0276 7496 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:44:21.0306 7496 mrxsmb20 - ok
20:44:21.0326 7496 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
20:44:21.0336 7496 msahci - ok
20:44:21.0356 7496 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:44:21.0366 7496 msdsm - ok
20:44:21.0376 7496 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
20:44:21.0396 7496 MSDTC - ok
20:44:21.0416 7496 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:44:21.0446 7496 Msfs - ok
20:44:21.0456 7496 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:44:21.0496 7496 mshidkmdf - ok
20:44:21.0516 7496 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:44:21.0526 7496 msisadrv - ok
20:44:21.0546 7496 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:44:21.0586 7496 MSiSCSI - ok
20:44:21.0596 7496 msiserver - ok
20:44:21.0616 7496 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:44:21.0646 7496 MSKSSRV - ok
20:44:21.0656 7496 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:44:21.0696 7496 MSPCLOCK - ok
20:44:21.0706 7496 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:44:21.0746 7496 MSPQM - ok
20:44:21.0776 7496 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:44:21.0786 7496 MsRPC - ok
20:44:21.0806 7496 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:44:21.0816 7496 mssmbios - ok
20:44:21.0856 7496 MSSQL$SQLEXPRESS - ok
20:44:21.0886 7496 [ 7A2A8C975356858EB38466A6B1592E8D ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:44:21.0896 7496 MSSQLServerADHelper100 - ok
20:44:21.0916 7496 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:44:21.0946 7496 MSTEE - ok
20:44:21.0946 7496 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:44:21.0976 7496 MTConfig - ok
20:44:21.0986 7496 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
20:44:21.0996 7496 Mup - ok
20:44:22.0036 7496 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
20:44:22.0066 7496 napagent - ok
20:44:22.0076 7496 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:44:22.0106 7496 NativeWifiP - ok
20:44:22.0146 7496 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:44:22.0166 7496 NDIS - ok
20:44:22.0176 7496 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:44:22.0216 7496 NdisCap - ok
20:44:22.0236 7496 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:44:22.0276 7496 NdisTapi - ok
20:44:22.0286 7496 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:44:22.0326 7496 Ndisuio - ok
20:44:22.0356 7496 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:44:22.0396 7496 NdisWan - ok
20:44:22.0406 7496 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:44:22.0436 7496 NDProxy - ok
20:44:22.0466 7496 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:44:22.0496 7496 NetBIOS - ok
20:44:22.0536 7496 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:44:22.0576 7496 NetBT - ok
20:44:22.0586 7496 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
20:44:22.0596 7496 Netlogon - ok
20:44:22.0616 7496 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
20:44:22.0656 7496 Netman - ok
20:44:22.0686 7496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:22.0696 7496 NetMsmqActivator - ok
20:44:22.0706 7496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:22.0716 7496 NetPipeActivator - ok
20:44:22.0736 7496 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
20:44:22.0766 7496 netprofm - ok
20:44:22.0776 7496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:22.0776 7496 NetTcpActivator - ok
20:44:22.0786 7496 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:44:22.0796 7496 NetTcpPortSharing - ok
20:44:22.0836 7496 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:44:22.0846 7496 nfrd960 - ok
20:44:22.0856 7496 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:44:22.0886 7496 NlaSvc - ok
20:44:22.0896 7496 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:44:22.0926 7496 Npfs - ok
20:44:22.0946 7496 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
20:44:22.0986 7496 nsi - ok
20:44:22.0996 7496 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:44:23.0036 7496 nsiproxy - ok
20:44:23.0076 7496 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:44:23.0106 7496 Ntfs - ok
20:44:23.0126 7496 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
20:44:23.0166 7496 Null - ok
20:44:23.0366 7496 [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:44:23.0526 7496 nvlddmkm - ok
20:44:23.0556 7496 [ 918841B2454F4F2BD94479692079490B ] nvpciflt C:\Windows\system32\DRIVERS\nvpciflt.sys
20:44:23.0566 7496 nvpciflt - ok
20:44:23.0576 7496 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:44:23.0586 7496 nvraid - ok
20:44:23.0616 7496 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:44:23.0626 7496 nvstor - ok
20:44:23.0656 7496 [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc C:\Windows\system32\nvvsvc.exe
20:44:23.0666 7496 NVSvc - ok
20:44:23.0726 7496 [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:44:23.0746 7496 nvUpdatusService - ok
20:44:23.0766 7496 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:44:23.0776 7496 nv_agp - ok
20:44:23.0786 7496 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:44:23.0816 7496 ohci1394 - ok
20:44:23.0856 7496 [ D8A0164A79D4BFD6083945C5431E41E7 ] OpenVPNService C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe
20:44:23.0886 7496 OpenVPNService ( UnsignedFile.Multi.Generic ) - warning
20:44:23.0886 7496 OpenVPNService - detected UnsignedFile.Multi.Generic (1)
20:44:23.0916 7496 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:44:23.0926 7496 ose - ok
20:44:24.0026 7496 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:44:24.0096 7496 osppsvc - ok
20:44:24.0126 7496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:44:24.0146 7496 p2pimsvc - ok
20:44:24.0176 7496 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:44:24.0196 7496 p2psvc - ok
20:44:24.0226 7496 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:44:24.0246 7496 Parport - ok
20:44:24.0266 7496 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:44:24.0276 7496 partmgr - ok
20:44:24.0286 7496 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:44:24.0316 7496 PcaSvc - ok
20:44:24.0336 7496 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
20:44:24.0346 7496 pci - ok
20:44:24.0366 7496 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
20:44:24.0376 7496 pciide - ok
20:44:24.0396 7496 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:44:24.0406 7496 pcmcia - ok
20:44:24.0416 7496 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
20:44:24.0426 7496 pcw - ok
20:44:24.0446 7496 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:44:24.0486 7496 PEAUTH - ok
20:44:24.0546 7496 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:44:24.0566 7496 PerfHost - ok
20:44:24.0616 7496 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
20:44:24.0666 7496 pla - ok
20:44:24.0696 7496 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:44:24.0716 7496 PlugPlay - ok
20:44:24.0726 7496 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:44:24.0746 7496 PNRPAutoReg - ok
20:44:24.0766 7496 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:44:24.0776 7496 PNRPsvc - ok
20:44:24.0816 7496 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:44:24.0856 7496 PolicyAgent - ok
20:44:24.0886 7496 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
20:44:24.0916 7496 Power - ok
20:44:24.0956 7496 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:44:24.0996 7496 PptpMiniport - ok
20:44:25.0006 7496 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:44:25.0026 7496 Processor - ok
20:44:25.0046 7496 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
20:44:25.0066 7496 ProfSvc - ok
20:44:25.0086 7496 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:44:25.0096 7496 ProtectedStorage - ok
20:44:25.0116 7496 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:44:25.0156 7496 Psched - ok
20:44:25.0196 7496 [ 07D57B890DD5693A6AB660CBAE8F91B4 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:44:25.0206 7496 PxHlpa64 - ok
20:44:25.0246 7496 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:44:25.0266 7496 ql2300 - ok
20:44:25.0286 7496 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:44:25.0296 7496 ql40xx - ok
20:44:25.0306 7496 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
20:44:25.0326 7496 QWAVE - ok
20:44:25.0336 7496 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:44:25.0356 7496 QWAVEdrv - ok
20:44:25.0366 7496 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:44:25.0396 7496 RasAcd - ok
20:44:25.0416 7496 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:44:25.0456 7496 RasAgileVpn - ok
20:44:25.0476 7496 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
20:44:25.0516 7496 RasAuto - ok
20:44:25.0546 7496 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:44:25.0576 7496 Rasl2tp - ok
20:44:25.0616 7496 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
20:44:25.0646 7496 RasMan - ok
20:44:25.0666 7496 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:44:25.0706 7496 RasPppoe - ok
20:44:25.0716 7496 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:44:25.0756 7496 RasSstp - ok
20:44:25.0776 7496 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:44:25.0816 7496 rdbss - ok
20:44:25.0826 7496 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:44:25.0846 7496 rdpbus - ok
20:44:25.0856 7496 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:44:25.0896 7496 RDPCDD - ok
20:44:25.0916 7496 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:44:25.0956 7496 RDPENCDD - ok
20:44:25.0966 7496 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:44:25.0996 7496 RDPREFMP - ok
20:44:26.0056 7496 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:44:26.0066 7496 RdpVideoMiniport - ok
20:44:26.0096 7496 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:44:26.0116 7496 RDPWD - ok
20:44:26.0146 7496 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:44:26.0156 7496 rdyboost - ok
20:44:26.0206 7496 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:44:26.0236 7496 RemoteAccess - ok
20:44:26.0266 7496 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:44:26.0296 7496 RemoteRegistry - ok
20:44:26.0396 7496 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:44:26.0426 7496 RFCOMM - ok
20:44:26.0486 7496 [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
20:44:26.0496 7496 RichVideo - ok
20:44:26.0516 7496 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:44:26.0556 7496 RpcEptMapper - ok
20:44:26.0576 7496 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
20:44:26.0596 7496 RpcLocator - ok
20:44:26.0626 7496 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
20:44:26.0656 7496 RpcSs - ok
20:44:26.0676 7496 [ CD553B8633466A6D1C115812F2619F1F ] RsFx0103 C:\Windows\system32\DRIVERS\RsFx0103.sys
20:44:26.0686 7496 RsFx0103 - ok
20:44:26.0716 7496 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:44:26.0756 7496 rspndr - ok
20:44:26.0786 7496 [ ED5873F7DFB2F96D37F13322211B6BDC ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:44:26.0796 7496 RTL8167 - ok
20:44:26.0816 7496 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
20:44:26.0826 7496 SamSs - ok
20:44:26.0836 7496 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:44:26.0846 7496 sbp2port - ok
20:44:26.0876 7496 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:44:26.0916 7496 SCardSvr - ok
20:44:26.0946 7496 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:44:26.0976 7496 scfilter - ok
20:44:27.0016 7496 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
20:44:27.0056 7496 Schedule - ok
20:44:27.0096 7496 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
20:44:27.0136 7496 SCPolicySvc - ok
20:44:27.0166 7496 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:44:27.0176 7496 SDRSVC - ok
20:44:27.0206 7496 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:44:27.0246 7496 secdrv - ok
20:44:27.0276 7496 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
20:44:27.0316 7496 seclogon - ok
20:44:27.0336 7496 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
20:44:27.0376 7496 SENS - ok
20:44:27.0386 7496 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:44:27.0406 7496 SensrSvc - ok
20:44:27.0436 7496 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:44:27.0456 7496 Serenum - ok
20:44:27.0456 7496 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:44:27.0466 7496 Serial - ok
20:44:27.0496 7496 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:44:27.0516 7496 sermouse - ok
20:44:27.0556 7496 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
20:44:27.0586 7496 SessionEnv - ok
20:44:27.0606 7496 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:44:27.0636 7496 sffdisk - ok
20:44:27.0656 7496 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:44:27.0666 7496 sffp_mmc - ok
20:44:27.0676 7496 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:44:27.0686 7496 sffp_sd - ok
20:44:27.0706 7496 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:44:27.0726 7496 sfloppy - ok
20:44:27.0766 7496 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:44:27.0806 7496 SharedAccess - ok
20:44:27.0836 7496 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:44:27.0876 7496 ShellHWDetection - ok
20:44:27.0876 7496 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
20:44:27.0896 7496 SiSGbeLH - ok
20:44:27.0906 7496 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:44:27.0916 7496 SiSRaid2 - ok
20:44:27.0926 7496 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:44:27.0936 7496 SiSRaid4 - ok
20:44:27.0966 7496 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:44:27.0976 7496 SkypeUpdate - ok
20:44:27.0986 7496 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:44:28.0026 7496 Smb - ok
20:44:28.0066 7496 [ 446EB38CE4A6D040F548B2F547CA96FF ] snapman C:\Windows\system32\DRIVERS\snapman.sys
20:44:28.0076 7496 snapman - ok
20:44:28.0096 7496 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:44:28.0116 7496 SNMPTRAP - ok
20:44:28.0176 7496 [ C98375D19F9E9966F6201BAE65FB3728 ] SNP2UVC C:\Windows\system32\DRIVERS\snp2uvc.sys
20:44:28.0216 7496 SNP2UVC - ok
20:44:28.0246 7496 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
20:44:28.0246 7496 spldr - ok
20:44:28.0286 7496 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
20:44:28.0306 7496 Spooler - ok
20:44:28.0376 7496 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
20:44:28.0436 7496 sppsvc - ok
20:44:28.0476 7496 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:44:28.0516 7496 sppuinotify - ok
20:44:28.0536 7496 [ 12E6D95CDE974B131DEFAA44BAB8B056 ] SQLAgent$SQLEXPRESS C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:44:28.0546 7496 SQLAgent$SQLEXPRESS - ok
20:44:28.0586 7496 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:44:28.0586 7496 SQLBrowser - ok
20:44:28.0606 7496 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:44:28.0616 7496 SQLWriter - ok
20:44:28.0656 7496 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
20:44:28.0696 7496 srv - ok
20:44:28.0716 7496 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:44:28.0726 7496 srv2 - ok
20:44:28.0746 7496 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:44:28.0766 7496 srvnet - ok
20:44:28.0806 7496 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:44:28.0846 7496 SSDPSRV - ok
20:44:28.0866 7496 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:44:28.0906 7496 SstpSvc - ok
20:44:28.0936 7496 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:44:28.0936 7496 stexstor - ok
20:44:28.0976 7496 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
20:44:28.0996 7496 stisvc - ok
20:44:29.0016 7496 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
20:44:29.0026 7496 swenum - ok
20:44:29.0056 7496 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
20:44:29.0086 7496 swprv - ok
20:44:29.0146 7496 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
20:44:29.0186 7496 SysMain - ok
20:44:29.0216 7496 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:44:29.0246 7496 TabletInputService - ok
20:44:29.0336 7496 [ B5B736216FF7C71D320BF493825752A1 ] TabletServicePen C:\Windows\system32\Pen_Tablet.exe
20:44:29.0406 7496 TabletServicePen - ok
20:44:29.0426 7496 [ 3B73C849B41FB20D77B0E553214061A5 ] tap0901 C:\Windows\system32\DRIVERS\tap0901.sys
20:44:29.0456 7496 tap0901 - ok
20:44:29.0496 7496 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:44:29.0526 7496 TapiSrv - ok
20:44:29.0546 7496 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
20:44:29.0586 7496 TBS - ok
20:44:29.0636 7496 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:44:29.0666 7496 Tcpip - ok
20:44:29.0716 7496 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:44:29.0746 7496 TCPIP6 - ok
20:44:29.0786 7496 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:44:29.0796 7496 tcpipreg - ok
20:44:29.0806 7496 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:44:29.0826 7496 TDPIPE - ok
20:44:29.0866 7496 [ DF9179B7BDF0C5B71F9C3D93C016BAE5 ] tdrpman251 C:\Windows\system32\DRIVERS\tdrpm251.sys
20:44:29.0886 7496 tdrpman251 - ok
20:44:29.0916 7496 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:44:29.0926 7496 TDTCP - ok
20:44:29.0956 7496 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:44:29.0986 7496 tdx - ok
20:44:30.0006 7496 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
20:44:30.0016 7496 TermDD - ok
20:44:30.0036 7496 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
20:44:30.0076 7496 TermService - ok
20:44:30.0096 7496 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
20:44:30.0116 7496 Themes - ok
20:44:30.0136 7496 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
20:44:30.0166 7496 THREADORDER - ok
20:44:30.0206 7496 [ F7546EAD58CC3000AC02CF9529B9934E ] timounter C:\Windows\system32\DRIVERS\timntr.sys
20:44:30.0216 7496 timounter - ok
20:44:30.0236 7496 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
20:44:30.0276 7496 TrkWks - ok
20:44:30.0316 7496 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:44:30.0356 7496 TrustedInstaller - ok
20:44:30.0386 7496 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:44:30.0416 7496 tssecsrv - ok
20:44:30.0446 7496 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:44:30.0466 7496 TsUsbFlt - ok
20:44:30.0536 7496 [ 811A229718C85356BC81EB20F35EB7F6 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
20:44:30.0566 7496 TuneUp.UtilitiesSvc - ok
20:44:30.0576 7496 [ DCC94C51D27C7EC0DADECA8F64C94FCF ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys
20:44:30.0586 7496 TuneUpUtilitiesDrv - ok
20:44:30.0616 7496 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:44:30.0646 7496 tunnel - ok
20:44:30.0676 7496 [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB C:\Windows\system32\DRIVERS\TurboB.sys
20:44:30.0676 7496 TurboB - ok
20:44:30.0706 7496 [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost C:\Program Files\Intel\TurboBoost\TurboBoost.exe
20:44:30.0716 7496 TurboBoost - ok
20:44:30.0736 7496 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:44:30.0746 7496 uagp35 - ok
20:44:30.0776 7496 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:44:30.0826 7496 udfs - ok
20:44:30.0856 7496 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:44:30.0886 7496 UI0Detect - ok
20:44:30.0896 7496 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:44:30.0906 7496 uliagpkx - ok
20:44:30.0926 7496 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
20:44:30.0936 7496 umbus - ok
20:44:30.0956 7496 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:44:30.0976 7496 UmPass - ok
20:44:31.0086 7496 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:44:31.0126 7496 UNS - ok
20:44:31.0146 7496 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
20:44:31.0186 7496 upnphost - ok
20:44:31.0206 7496 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:44:31.0216 7496 usbccgp - ok
20:44:31.0236 7496 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:44:31.0256 7496 usbcir - ok
20:44:31.0266 7496 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:44:31.0286 7496 usbehci - ok
20:44:31.0306 7496 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:44:31.0326 7496 usbhub - ok
20:44:31.0356 7496 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:44:31.0376 7496 usbohci - ok
20:44:31.0406 7496 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:44:31.0426 7496 usbprint - ok
20:44:31.0436 7496 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:44:31.0446 7496 USBSTOR - ok
20:44:31.0456 7496 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:44:31.0466 7496 usbuhci - ok
20:44:31.0496 7496 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:44:31.0516 7496 usbvideo - ok
20:44:31.0586 7496 [ 622FCF264119F7DF127BE353F796B319 ] UtilityChest_49Service C:\PROGRA~2\UTILIT~2\bar\1.bin\49barsvc.exe
20:44:31.0596 7496 UtilityChest_49Service - ok
20:44:31.0616 7496 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
20:44:31.0656 7496 UxSms - ok
20:44:31.0676 7496 [ 5BF180F7F7C2F68ED6D5777840270BCE ] UxTuneUp C:\Windows\System32\uxtuneup.dll
20:44:31.0676 7496 UxTuneUp - ok
20:44:31.0696 7496 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
20:44:31.0706 7496 VaultSvc - ok
20:44:31.0716 7496 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:44:31.0726 7496 vdrvroot - ok
20:44:31.0746 7496 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
20:44:31.0786 7496 vds - ok
20:44:31.0816 7496 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:44:31.0826 7496 vga - ok
20:44:31.0846 7496 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
20:44:31.0886 7496 VgaSave - ok
20:44:31.0906 7496 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:44:31.0916 7496 vhdmp - ok
20:44:31.0946 7496 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
20:44:31.0956 7496 viaide - ok
20:44:31.0986 7496 [ 0ADF410187B71C9B855721C8D59CEC7A ] VideAceWindowsService C:\ExpressGateUtil\VAWinService.exe
20:44:31.0996 7496 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - warning
20:44:31.0996 7496 VideAceWindowsService - detected UnsignedFile.Multi.Generic (1)
20:44:32.0016 7496 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:44:32.0026 7496 volmgr - ok
20:44:32.0056 7496 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:44:32.0066 7496 volmgrx - ok
20:44:32.0086 7496 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:44:32.0096 7496 volsnap - ok
20:44:32.0116 7496 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:44:32.0126 7496 vsmraid - ok
20:44:32.0176 7496 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
20:44:32.0226 7496 VSS - ok
20:44:32.0246 7496 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:44:32.0266 7496 vwifibus - ok
20:44:32.0276 7496 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:44:32.0296 7496 vwififlt - ok
20:44:32.0326 7496 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
20:44:32.0356 7496 W32Time - ok
20:44:32.0386 7496 [ 6B6718DC4B4597EC10F4F8C614282EE1 ] wacmoumonitor C:\Windows\system32\DRIVERS\wacmoumonitor.sys
20:44:32.0386 7496 wacmoumonitor - ok
20:44:32.0416 7496 [ E04D43C7D1641E95D35CAE6086C7E350 ] wacommousefilter C:\Windows\system32\DRIVERS\wacommousefilter.sys
20:44:32.0426 7496 wacommousefilter - ok
20:44:32.0436 7496 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:44:32.0456 7496 WacomPen - ok
20:44:32.0476 7496 [ 26B430E7C5F598FE7353E3BC4B261321 ] wacomvhid C:\Windows\system32\DRIVERS\wacomvhid.sys
20:44:32.0476 7496 wacomvhid - ok
20:44:32.0506 7496 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:44:32.0546 7496 WANARP - ok
20:44:32.0546 7496 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:44:32.0576 7496 Wanarpv6 - ok
20:44:32.0666 7496 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
20:44:32.0706 7496 wbengine - ok
20:44:32.0726 7496 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:44:32.0736 7496 WbioSrvc - ok
20:44:32.0776 7496 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:44:32.0796 7496 wcncsvc - ok
20:44:32.0806 7496 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:44:32.0826 7496 WcsPlugInService - ok
20:44:32.0856 7496 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:44:32.0856 7496 Wd - ok
20:44:32.0896 7496 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:44:32.0916 7496 Wdf01000 - ok
20:44:32.0926 7496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:44:32.0946 7496 WdiServiceHost - ok
20:44:32.0956 7496 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:44:32.0966 7496 WdiSystemHost - ok
20:44:32.0996 7496 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
20:44:33.0026 7496 WebClient - ok
20:44:33.0066 7496 [ D5BA7D43FA2EF656BF7E98A188391E40 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:44:33.0076 7496 Wecsvc - ok
20:44:33.0096 7496 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:44:33.0136 7496 wercplsupport - ok
20:44:33.0156 7496 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
20:44:33.0186 7496 WerSvc - ok
20:44:33.0216 7496 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:44:33.0246 7496 WfpLwf - ok
20:44:33.0266 7496 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
20:44:33.0276 7496 WimFltr - ok
20:44:33.0296 7496 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:44:33.0306 7496 WIMMount - ok
20:44:33.0326 7496 WinDefend - ok
20:44:33.0346 7496 WinHttpAutoProxySvc - ok
20:44:33.0396 7496 [ 136760C1E9697BAF4ECDEAE5590A0806 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:44:33.0416 7496 Winmgmt - ok
20:44:33.0476 7496 [ 3BB6B401A780BF434C8F58137DE10BF7 ] WinRM C:\Windows\system32\WsmSvc.dll
20:44:33.0526 7496 WinRM - ok
20:44:33.0576 7496 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
20:44:33.0596 7496 Wlansvc - ok
20:44:33.0646 7496 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
20:44:33.0646 7496 wlcrasvc - ok
20:44:33.0726 7496 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:44:33.0756 7496 wlidsvc - ok
20:44:33.0786 7496 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:44:33.0796 7496 WmiAcpi - ok
20:44:33.0856 7496 [ 4DF841632B62A7CF19A79A05046A8AB1 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:44:33.0866 7496 wmiApSrv - ok
20:44:33.0876 7496 WMPNetworkSvc - ok
20:44:33.0896 7496 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:44:33.0906 7496 WPCSvc - ok
20:44:33.0936 7496 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:44:33.0946 7496 WPDBusEnum - ok
20:44:33.0966 7496 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:44:33.0996 7496 ws2ifsl - ok
20:44:34.0016 7496 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
20:44:34.0026 7496 wscsvc - ok
20:44:34.0036 7496 WSearch - ok
20:44:34.0066 7496 [ A2CC9A9BC30C6141FF99D85A4E26D7A7 ] WTouchService C:\Program Files\WTouch\WTouchService.exe
20:44:34.0066 7496 WTouchService - ok
20:44:34.0116 7496 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
20:44:34.0156 7496 wuauserv - ok
20:44:34.0206 7496 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:44:34.0216 7496 WudfPf - ok
20:44:34.0236 7496 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:44:34.0256 7496 WUDFRd - ok
20:44:34.0256 7496 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:44:34.0276 7496 wudfsvc - ok
20:44:34.0306 7496 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:44:34.0326 7496 WwanSvc - ok
20:44:34.0346 7496 ================ Scan global ===============================
20:44:34.0396 7496 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
20:44:34.0426 7496 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:44:34.0436 7496 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
20:44:34.0446 7496 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
20:44:34.0466 7496 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
20:44:34.0466 7496 [Global] - ok
20:44:34.0466 7496 ================ Scan MBR ==================================
20:44:34.0486 7496 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:44:34.0856 7496 \Device\Harddisk0\DR0 - ok
20:44:34.0856 7496 ================ Scan VBR ==================================
20:44:34.0856 7496 [ 91F0CCE4C2EFA35442976DF4745FB6B3 ] \Device\Harddisk0\DR0\Partition1
20:44:34.0856 7496 \Device\Harddisk0\DR0\Partition1 - ok
20:44:34.0876 7496 [ F89FCDD9BA327BA8FB54E8B0021E763D ] \Device\Harddisk0\DR0\Partition2
20:44:34.0876 7496 \Device\Harddisk0\DR0\Partition2 - ok
20:44:34.0876 7496 ============================================================
20:44:34.0876 7496 Scan finished
20:44:34.0876 7496 ============================================================
20:44:34.0886 6132 Detected object count: 5
20:44:34.0886 6132 Actual detected object count: 5
20:49:53.0249 6132 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:53.0249 6132 Atheros Bt&Wlan Coex Agent ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:53.0249 6132 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:53.0249 6132 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:53.0249 6132 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:53.0249 6132 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:53.0249 6132 OpenVPNService ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:53.0249 6132 OpenVPNService ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:49:53.0249 6132 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - skipped by user
20:49:53.0249 6132 VideAceWindowsService ( UnsignedFile.Multi.Generic ) - User select action: Skip

13.06.2013, 13:27	#4
markusg /// Malware-holic	Massenemails von meinem T-Online Account Hi na vollständig währ schon gut __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

13.06.2013, 19:44	#12
markusg /// Malware-holic	Massenemails von meinem T-Online Account wieso otl. ich wollte ein tdss killer log nach anleitung __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

13.06.2013, 19:47	#14
markusg /// Malware-holic	Massenemails von meinem T-Online Account na die txt nach anleitung öffnen, log posten. __________________ -Verdächtige mails bitte an uns zur Analyse weiterleiten: markusg.trojaner-board@web.de Weiterleiten Anleitung: http://markusg.trojaner-board.de Mails bitte vorerst nach obiger Anleitung an markusg.trojaner-board@web.de Weiterleiten Wenn Ihr uns unterstützen möchtet

Massenemails von meinem T-Online Account

Plagegeister aller Art und deren Bekämpfung: Massenemails von meinem T-Online Account