Viele Probleme auf den Laptop

clntbestwud · 29.07.2013, 13:41

Hallo Trojaner-Board , ich habe mal heute das Tool HijackThis Laufen lassen und anscheinend hat er auch Probleme gefunden, da man ja leider den Log nicht posten darf , poste ich die Einzelheiten die auch gefunden worden sind.

1. Problem : Hosts: 255.255.255.255 easyanticheat.com # misleading site , ich weiß nicht wie ich dies fixen kann? Mit was für ein Programm oder wie?
2. Problem : Hosts: 46.23.70.78 pagead2.googlesyndication.com
Nun zum größeren Problem,
Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll anscheinend sollte dies spyware sein? Laut Hijack sollte man dies nicht manuell löschen, keine Ahnung warum^^.

Wäre sehr dankbar für Hilfe

Mit freundlichen Grüßen

clntbeastwud

cosinus · 29.07.2013, 13:51

Hallo und

Zitat:

ich habe mal heute das Tool HijackThis Laufen lassen, da man ja leider den Log nicht posten darf

Bei HJT geht es weniger darum, dass man das Log nicht poste darf, sondern eher darum, dass das Tool weitgehend wirkungslos und auf Rechnern mit Windows Vista/7/8 nicht vernünftig läuft.

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

clntbestwud · 29.07.2013, 13:57

Hallo danke für die schnelle Antwort, nein leider nichts gefunden, Habe mal Malwarebytes laufen lassen und Adwcleaner

FRST
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-07-2013
Ran by ***** (administrator) on 29-07-2013 14:50:27
Running from C:\Users\Patrick\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(IObit) C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Spotify Ltd) C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
(Egis Incorporated) C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgemcx.exe
() C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor Corp.) C:\Users\Patrick\AppData\Local\Temp\RtkBtMnt.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Acer Incorporated) C:\PROGRAM FILES\ACER\EMPOWERING TECHNOLOGY\EAUDIO\EAUDIO.EXE
(Microsoft Corporation) C:\Windows\system32\wbem\unsecapp.exe
(Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LMANAGER.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Windows\system32\Taskmgr.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(acer) C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgcfgex.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2013\avgui.exe [3147384 2012-12-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [IObit Malware Fighter] - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1514816 2013-06-07] (IObit)
HKLM\...\Run: [Windows Defender] - C:\Program Files\windows defender\msascui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] - c:\program files\realtek\audio\hda\rthdvcpl.exe [10996368 2012-06-11] (Realtek Semiconductor)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Patrick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
MountPoints2: H - H:\setup.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-10] (Microsoft Corporation)
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [AcerScrSav] - C:\Windows\Acer\run_NB.exe [ 2007-08-21] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0212&m=aspire_8730
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll (Egis)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Lyrics-Pal - {AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68} - C:\Program Files\LyricsPal\125.dll (LyricsPal Soft. LTD)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~1\BROWER~1\ASCPLU~1.DLL (IObit)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0BF43445-2F28-4351-9252-17FE6E806AA0} -  No File
Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog5 08 %SystemRoot%\system32\PrxerNsp.dll [56424] ()
Winsock: Catalog9 01 %SystemRoot%\system32\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 02 %SystemRoot%\system32\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 03 %SystemRoot%\system32\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 04 %SystemRoot%\system32\PrxerDrv.dll [70248] (Initex)
Winsock: Catalog9 16 %SystemRoot%\system32\PrxerDrv.dll [70248] (Initex)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default
FF user.js: detected! => C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\user.js
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Patrick\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Patrick\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\ascsurfingprotection@iobit.com
FF Extension: ProxTube - Gesperrte YouTube Videos entsperren - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\ich@maltegoetz.de
FF Extension: Yahoo! Toolbar - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
FF Extension: FoxyDeal - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D}
FF Extension: leethax - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\leethax@leethax.net.xpi
FF Extension: putlockerdownloader - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\putlockerdownloader@putlockerdownloader.com.xpi
FF Extension: No Name - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
FF Extension: No Name - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\g9zlkry0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKCU\...\Firefox\Extensions: [{9309FA47-1B48-4768-AFA4-9E0556F5DC81}] C:\Program Files\LyricsPal\125.xpi
FF Extension: No Name - C:\Program Files\LyricsPal\125.xpi

Chrome: 
=======
CHR Extension: (AdBlock) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.3_0
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0
CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0
CHR HKLM\...\Chrome\Extension: [mmiopbgcekanlhpjkonogoljpfmhpkhf] - C:\Program Files\LyricsPal\125.crx
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Advanced SystemCare 6\BrowerProtect\ASC_GhromePlugin.crx
CHR StartMenuInternet: Google Chrome - "C:\Users\Patrick\AppData\Local\Google\Chrome\Application\chrome.exe"

========================== Services (Whitelisted) =================

R2 AdvancedSystemCareService6; C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe [574272 2013-04-18] (IObit)
R2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1342024 2012-12-10] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [5814904 2012-11-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 BUNAgentSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.)
R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-11-28] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [136896 2012-09-20] (Futuremark Corporation)
S3 GoogleDesktopManager-080708-050100; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [24064 2012-02-18] (Google)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
S2 MBAMScheduler; D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 MobilityService; C:\Acer\Mobility Center\MobilityService.exe [110592 2007-12-06] ()
S3 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] ()
S2 RichVideo; c:\Program Files\Cyberlink\Shared files\RichVideo.exe [272024 2007-01-09] ()
S3 ST2012_Svc; C:\Program Files\Spyware Terminator\st_rsser.exe [587912 2013-04-03] (Crawler.com)
S3 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6x.sys [50296 2012-09-04] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [179936 2012-10-22] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [55776 2012-10-15] (AVG Technologies CZ, s.r.o. )
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [19936 2012-09-21] (AVG Technologies CZ, s.r.o. )
S1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [159712 2012-10-02] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [177376 2012-09-21] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [94048 2012-11-16] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35552 2012-09-14] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [164832 2012-09-21] (AVG Technologies CZ, s.r.o.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-06-21] (DT Soft Ltd)
R3 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; C:\Windows\system32\drivers\int15.sys [12832 2008-10-01] (Acer, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [31752 2013-03-26] (IObit.com)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [60032 2010-01-26] (Razer USA Ltd)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
R1 sp_rsdrv2; C:\Windows\system32\drivers\sp_rsdrv2.sys [32768 2011-06-21] ()
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
R3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [20944 2013-03-26] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 2sonxkhc3; No ImagePath
S3 ci3k8t1pt; No ImagePath
S3 cpuz135; No ImagePath
S3 ESEADriver2; No ImagePath
S3 guardian; No ImagePath
S3 h3zest73x; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 WisINT15; No ImagePath
S3 x3f2tvaih; No ImagePath
S3 znpaqr4ne; No ImagePath

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-29 14:49 - 2013-07-29 14:50 - 01221130 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe
2013-07-29 14:28 - 2013-07-29 14:28 - 00000000 ____D C:\Users\Patrick\Downloads\backups
2013-07-29 14:25 - 2013-07-29 14:25 - 00011328 _____ C:\Users\Patrick\Downloads\hijackthis.log
2013-07-29 14:25 - 2013-07-29 14:25 - 00011328 _____ C:\Users\Patrick\Desktop\hijackthis.log
2013-07-29 14:22 - 2013-07-29 14:22 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HiJackThis204.exe
2013-07-28 17:51 - 2013-07-29 14:12 - 00001802 _____ C:\Windows\PFRO.log
2013-07-28 17:42 - 2013-05-22 18:49 - 00029528 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2013-07-28 17:41 - 2013-07-28 17:41 - 00000967 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-07-28 17:41 - 2013-05-22 18:49 - 00015672 _____ C:\Windows\system32\Drivers\SmartDefragDriver.sys
2013-07-28 17:38 - 2013-07-28 17:38 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-28 17:38 - 2013-07-28 17:38 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-28 17:38 - 2013-07-28 17:38 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-28 17:38 - 2013-07-28 17:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-28 17:38 - 2013-07-28 17:38 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-28 17:37 - 2013-07-28 17:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-28 17:31 - 2013-07-28 17:31 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-28 17:30 - 2013-07-28 17:30 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-28 16:59 - 2013-07-28 16:59 - 00000000 ____D C:\Windows\pss
2013-07-28 16:46 - 2013-07-28 16:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-07-26 00:23 - 2013-07-26 00:23 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-26 00:23 - 2013-07-26 00:22 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-26 00:23 - 2013-07-26 00:22 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-26 00:23 - 2013-07-26 00:22 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-26 00:23 - 2013-07-26 00:22 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-26 00:18 - 2013-07-26 00:18 - 00903080 _____ (Oracle Corporation) C:\Users\Patrick\Downloads\chromeinstall-7u25.exe
2013-07-24 00:26 - 2013-07-24 00:26 - 00225202 _____ C:\Users\Patrick\Downloads\PlateBuffs (1).zip
2013-07-23 14:39 - 2013-07-23 14:39 - 00000000 ____D C:\Program Files\LyricsPal
2013-07-20 20:47 - 2013-07-20 20:47 - 00002520 _____ C:\Users\Patrick\Downloads\0ba3980ef08c337aff70695044613acf.dlc
2013-07-19 21:01 - 2013-07-19 21:01 - 00002608 _____ C:\Users\Patrick\Downloads\relink.us__RSDrive_c5989bf89dc07386198099d53b64b2.dlc
2013-07-15 13:04 - 2013-07-29 01:11 - 00000972 _____ C:\Users\Patrick\Desktop\Morph.txt
2013-07-15 00:14 - 2013-07-15 22:17 - 00000000 ____D C:\Users\Patrick\Desktop\Neuer Ordner
2013-07-15 00:13 - 2013-07-15 00:13 - 00134843 _____ C:\Users\Patrick\Downloads\Just A Morpher.zip
2013-07-13 16:37 - 2013-07-29 14:14 - 00000354 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-13 16:37 - 2013-07-13 16:37 - 00000000 ____D C:\Program Files\FoxyDeal
2013-07-13 16:36 - 2013-07-13 16:36 - 00158168 _____ () C:\Users\Patrick\Downloads\CheatEngine62 (1).exe
2013-07-12 20:02 - 2013-07-12 20:03 - 00006052 _____ C:\AdwCleaner[S6].txt
2013-07-12 16:26 - 2013-07-12 16:31 - 76010748 _____ C:\Users\Patrick\Downloads\ps-snitchmd720.part01.rar
2013-07-12 16:22 - 2013-07-12 16:22 - 00002628 _____ C:\Users\Patrick\Downloads\6125elsclethawp.dlc
2013-07-12 16:22 - 2013-07-12 16:22 - 00000700 _____ C:\Users\Patrick\Desktop\JDownloader.lnk
2013-07-12 16:20 - 2013-07-12 16:20 - 00077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Patrick\Downloads\jDownloaderWebInstaller09581 (4).exe
2013-07-12 16:20 - 2013-07-12 16:20 - 00077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Patrick\Downloads\jDownloaderWebInstaller09581 (3).exe
2013-07-12 02:31 - 2013-06-15 20:18 - 1149185276 _____ C:\Users\Patrick\Desktop\alf-snitch-xvid-repack.avi
2013-07-07 22:32 - 2013-07-07 21:21 - 00672314 _____ C:\Users\Patrick\Desktop\oqueue.lua
2013-07-07 22:08 - 2013-07-07 22:12 - 30951606 _____ C:\Users\Patrick\Downloads\gijoe55.rar
2013-07-07 22:05 - 2013-07-07 22:05 - 00260784 _____ C:\Users\Patrick\Downloads\joe-EMULE.mp4.exe
2013-07-07 13:06 - 2013-07-07 13:10 - 136662059 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part6.rar
2013-07-07 12:41 - 2013-07-07 12:58 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part2.rar
2013-07-07 11:50 - 2013-07-07 12:38 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part5.rar
2013-07-07 11:50 - 2013-07-07 12:38 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part4.rar
2013-07-07 11:50 - 2013-07-07 12:37 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part3.rar
2013-07-07 11:33 - 2013-07-07 11:48 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part1.rar
2013-07-07 00:49 - 2013-07-07 00:49 - 01065720 _____ C:\Users\Patrick\Downloads\Booster.zip
2013-07-07 00:48 - 2013-07-07 00:48 - 00468959 _____ C:\Users\Patrick\Downloads\Edge.zip
2013-07-07 00:48 - 2013-07-07 00:48 - 00122475 _____ C:\Users\Patrick\Downloads\Impulse.zip
2013-07-07 00:47 - 2013-07-07 00:47 - 00569403 _____ C:\Users\Patrick\Downloads\ManaCore.zip
2013-07-07 00:15 - 2013-07-06 23:39 - 00007921 _____ C:\Users\Patrick\Desktop\README.txt
2013-07-07 00:15 - 2013-05-26 11:52 - 00000000 ____D C:\Users\Patrick\Desktop\TycoonContent
2013-07-07 00:15 - 2013-05-26 11:52 - 00000000 ____D C:\Users\Patrick\Desktop\Tycoon
2013-07-07 00:11 - 2013-07-07 00:12 - 00000137 _____ C:\Users\Patrick\Desktop\Neues Textdokument (2).txt
2013-07-07 00:08 - 2013-07-07 00:09 - 58143180 _____ C:\Users\Patrick\Downloads\sample (2).mkv
2013-07-06 20:59 - 2013-07-07 00:24 - 03003274 _____ C:\Users\Patrick\Desktop\Tycoon.zip
2013-07-06 20:59 - 2013-07-06 20:59 - 03251811 _____ C:\Users\Patrick\Downloads\Manaview.5.3.zip
2013-07-05 02:54 - 2013-07-28 17:07 - 48660480 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-07-05 02:54 - 2013-07-28 17:07 - 42369024 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-05 02:54 - 2013-07-28 17:07 - 00450560 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-07-05 02:54 - 2013-07-28 17:07 - 00057344 _____ C:\Windows\system32\config\SAM.iobit
2013-07-05 02:54 - 2013-07-28 17:07 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-05 02:54 - 2013-07-05 02:54 - 23609344 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-07-03 21:51 - 2013-07-03 21:51 - 00225202 _____ C:\Users\Patrick\Downloads\PlateBuffs.zip
2013-07-03 14:59 - 2013-07-03 15:00 - 00009684 _____ C:\Users\Patrick\Downloads\Bitte dringend Einsatzbereitschaft schriftl. bestätigen   Danke!.html
2013-07-01 23:51 - 2013-07-01 23:51 - 21516064 _____ (IObit                                                       ) C:\Users\Patrick\Downloads\imf-setup.exe
2013-07-01 16:59 - 2013-07-01 16:59 - 00219136 _____ C:\Users\Patrick\Downloads\Just A Morpher (16992).exe
100

==================== One Month Modified Files and Folders =======

2013-07-29 14:50 - 2013-07-29 14:49 - 01221130 _____ (Farbar) C:\Users\Patrick\Downloads\FRST.exe
2013-07-29 14:36 - 2013-02-10 16:54 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-29 14:28 - 2013-07-29 14:28 - 00000000 ____D C:\Users\Patrick\Downloads\backups
2013-07-29 14:25 - 2013-07-29 14:25 - 00011328 _____ C:\Users\Patrick\Downloads\hijackthis.log
2013-07-29 14:25 - 2013-07-29 14:25 - 00011328 _____ C:\Users\Patrick\Desktop\hijackthis.log
2013-07-29 14:22 - 2013-07-29 14:22 - 00388608 _____ (Trend Micro Inc.) C:\Users\Patrick\Downloads\HiJackThis204.exe
2013-07-29 14:20 - 2013-02-21 18:25 - 00000000 ____D C:\ProgramData\MFAData
2013-07-29 14:20 - 2012-02-18 18:27 - 01259515 _____ C:\Windows\WindowsUpdate.log
2013-07-29 14:15 - 2012-02-25 16:08 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-29 14:15 - 2012-02-25 16:08 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-29 14:15 - 2006-11-02 14:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-29 14:15 - 2006-11-02 14:47 - 00003344 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-29 14:14 - 2013-07-13 16:37 - 00000354 _____ C:\Windows\Tasks\Lyrics-Pal Update.job
2013-07-29 14:14 - 2012-02-18 18:48 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml
2013-07-29 14:14 - 2008-11-20 05:53 - 00000147 _____ C:\Windows\system32\agent.log
2013-07-29 14:13 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-29 14:12 - 2013-07-28 17:51 - 00001802 _____ C:\Windows\PFRO.log
2013-07-29 04:02 - 2012-04-15 12:22 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\TS3Client
2013-07-29 04:02 - 2006-11-02 15:01 - 00032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-29 04:00 - 2013-05-27 01:52 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Spotify
2013-07-29 03:58 - 2012-02-18 19:01 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA.job
2013-07-29 03:22 - 2012-11-24 19:17 - 00000936 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA.job
2013-07-29 01:11 - 2013-07-15 13:04 - 00000972 _____ C:\Users\Patrick\Desktop\Morph.txt
2013-07-29 00:56 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-28 18:22 - 2012-11-24 19:17 - 00000914 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core.job
2013-07-28 17:58 - 2012-02-18 19:01 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core.job
2013-07-28 17:53 - 2006-11-02 14:47 - 00342328 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-28 17:45 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-28 17:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-28 17:41 - 2013-07-28 17:41 - 00000967 _____ C:\Users\Public\Desktop\Smart Defrag 2.lnk
2013-07-28 17:41 - 2013-06-06 22:08 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\IObit
2013-07-28 17:41 - 2013-06-06 22:07 - 00000000 ____D C:\Program Files\IObit
2013-07-28 17:38 - 2013-07-28 17:38 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-28 17:38 - 2013-07-28 17:38 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-28 17:38 - 2013-07-28 17:38 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-28 17:38 - 2013-07-28 17:38 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-28 17:38 - 2013-07-28 17:38 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-28 17:38 - 2013-07-28 17:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-28 17:37 - 2013-07-28 17:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-28 17:34 - 2006-11-02 12:33 - 01468726 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-28 17:31 - 2013-07-28 17:31 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-28 17:30 - 2013-07-28 17:30 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-28 17:30 - 2013-07-28 17:30 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-28 17:07 - 2013-07-05 02:54 - 48660480 _____ C:\Windows\system32\config\SOFTWARE.iobit
2013-07-28 17:07 - 2013-07-05 02:54 - 42369024 _____ C:\Windows\system32\config\COMPONENTS.iobit
2013-07-28 17:07 - 2013-07-05 02:54 - 00450560 _____ C:\Windows\system32\config\DEFAULT.iobit
2013-07-28 17:07 - 2013-07-05 02:54 - 00057344 _____ C:\Windows\system32\config\SAM.iobit
2013-07-28 17:07 - 2013-07-05 02:54 - 00028672 _____ C:\Windows\system32\config\SECURITY.iobit
2013-07-28 17:07 - 2012-02-18 18:36 - 00000000 ____D C:\Users\Patrick
2013-07-28 16:59 - 2013-07-28 16:59 - 00000000 ____D C:\Windows\pss
2013-07-28 16:46 - 2013-07-28 16:46 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-07-28 16:46 - 2006-11-02 13:18 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2013-07-28 16:40 - 2012-02-18 19:01 - 00000000 ____D C:\Users\Patrick\AppData\Local\Deployment
2013-07-28 03:18 - 2012-02-18 18:37 - 00000000 ____D C:\Program Files\Google
2013-07-27 14:29 - 2012-07-24 15:38 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Skype
2013-07-26 00:23 - 2013-07-26 00:23 - 00000000 ____D C:\Program Files\Common Files\Java
2013-07-26 00:22 - 2013-07-26 00:23 - 00263592 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2013-07-26 00:22 - 2013-07-26 00:23 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2013-07-26 00:22 - 2013-07-26 00:23 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2013-07-26 00:22 - 2013-07-26 00:23 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2013-07-26 00:22 - 2012-03-11 22:07 - 00867240 _____ (Oracle Corporation) C:\Windows\system32\npdeployJava1.dll
2013-07-26 00:22 - 2012-03-11 22:07 - 00789416 _____ (Oracle Corporation) C:\Windows\system32\deployJava1.dll
2013-07-26 00:18 - 2013-07-26 00:18 - 00903080 _____ (Oracle Corporation) C:\Users\Patrick\Downloads\chromeinstall-7u25.exe
2013-07-24 00:26 - 2013-07-24 00:26 - 00225202 _____ C:\Users\Patrick\Downloads\PlateBuffs (1).zip
2013-07-23 14:39 - 2013-07-23 14:39 - 00000000 ____D C:\Program Files\LyricsPal
2013-07-20 23:17 - 2012-02-19 11:43 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\vlc
2013-07-20 21:26 - 2012-10-14 18:46 - 00000069 _____ C:\Windows\NeroDigital.ini
2013-07-20 21:26 - 2012-02-19 11:40 - 00101888 _____ C:\Users\Patrick\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-07-20 20:47 - 2013-07-20 20:47 - 00002520 _____ C:\Users\Patrick\Downloads\0ba3980ef08c337aff70695044613acf.dlc
2013-07-19 21:01 - 2013-07-19 21:01 - 00002608 _____ C:\Users\Patrick\Downloads\relink.us__RSDrive_c5989bf89dc07386198099d53b64b2.dlc
2013-07-17 17:10 - 2013-05-27 01:53 - 00000000 ____D C:\Users\Patrick\AppData\Local\Spotify
2013-07-16 12:43 - 2012-04-18 20:30 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-15 22:17 - 2013-07-15 00:14 - 00000000 ____D C:\Users\Patrick\Desktop\Neuer Ordner
2013-07-15 00:13 - 2013-07-15 00:13 - 00134843 _____ C:\Users\Patrick\Downloads\Just A Morpher.zip
2013-07-13 16:37 - 2013-07-13 16:37 - 00000000 ____D C:\Program Files\FoxyDeal
2013-07-13 16:36 - 2013-07-13 16:36 - 00158168 _____ () C:\Users\Patrick\Downloads\CheatEngine62 (1).exe
2013-07-13 14:03 - 2012-02-18 19:01 - 00002056 _____ C:\Users\Patrick\Desktop\Google Chrome.lnk
2013-07-12 20:03 - 2013-07-12 20:02 - 00006052 _____ C:\AdwCleaner[S6].txt
2013-07-12 20:02 - 2013-05-11 16:53 - 00662345 _____ C:\Users\Patrick\Downloads\adwcleaner.exe
2013-07-12 16:31 - 2013-07-12 16:26 - 76010748 _____ C:\Users\Patrick\Downloads\ps-snitchmd720.part01.rar
2013-07-12 16:22 - 2013-07-12 16:22 - 00002628 _____ C:\Users\Patrick\Downloads\6125elsclethawp.dlc
2013-07-12 16:22 - 2013-07-12 16:22 - 00000700 _____ C:\Users\Patrick\Desktop\JDownloader.lnk
2013-07-12 16:20 - 2013-07-12 16:20 - 00077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Patrick\Downloads\jDownloaderWebInstaller09581 (4).exe
2013-07-12 16:20 - 2013-07-12 16:20 - 00077236 _____ (AppWork UG (haftungsbeschränkt)) C:\Users\Patrick\Downloads\jDownloaderWebInstaller09581 (3).exe
2013-07-12 00:22 - 2013-03-22 00:11 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-12 00:22 - 2013-02-01 14:06 - 00000000 ____D C:\Program Files\EslWire
2013-07-09 13:05 - 2012-07-18 12:59 - 00000000 ____D C:\Users\Patrick\AppData\Roaming\.minecraft
2013-07-07 22:12 - 2013-07-07 22:08 - 30951606 _____ C:\Users\Patrick\Downloads\gijoe55.rar
2013-07-07 22:05 - 2013-07-07 22:05 - 00260784 _____ C:\Users\Patrick\Downloads\joe-EMULE.mp4.exe
2013-07-07 21:21 - 2013-07-07 22:32 - 00672314 _____ C:\Users\Patrick\Desktop\oqueue.lua
2013-07-07 13:10 - 2013-07-07 13:06 - 136662059 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part6.rar
2013-07-07 12:58 - 2013-07-07 12:41 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part2.rar
2013-07-07 12:38 - 2013-07-07 11:50 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part5.rar
2013-07-07 12:38 - 2013-07-07 11:50 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part4.rar
2013-07-07 12:37 - 2013-07-07 11:50 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part3.rar
2013-07-07 11:48 - 2013-07-07 11:33 - 536870915 _____ C:\Users\Patrick\Downloads\Man.of.Steel.2013-HQX.part1.rar
2013-07-07 00:49 - 2013-07-07 00:49 - 01065720 _____ C:\Users\Patrick\Downloads\Booster.zip
2013-07-07 00:48 - 2013-07-07 00:48 - 00468959 _____ C:\Users\Patrick\Downloads\Edge.zip
2013-07-07 00:48 - 2013-07-07 00:48 - 00122475 _____ C:\Users\Patrick\Downloads\Impulse.zip
2013-07-07 00:47 - 2013-07-07 00:47 - 00569403 _____ C:\Users\Patrick\Downloads\ManaCore.zip
2013-07-07 00:24 - 2013-07-06 20:59 - 03003274 _____ C:\Users\Patrick\Desktop\Tycoon.zip
2013-07-07 00:12 - 2013-07-07 00:11 - 00000137 _____ C:\Users\Patrick\Desktop\Neues Textdokument (2).txt
2013-07-07 00:09 - 2013-07-07 00:08 - 58143180 _____ C:\Users\Patrick\Downloads\sample (2).mkv
2013-07-06 23:39 - 2013-07-07 00:15 - 00007921 _____ C:\Users\Patrick\Desktop\README.txt
2013-07-06 20:59 - 2013-07-06 20:59 - 03251811 _____ C:\Users\Patrick\Downloads\Manaview.5.3.zip
2013-07-05 02:54 - 2013-07-05 02:54 - 23609344 _____ C:\Windows\system32\config\SYSTEM.iobit
2013-07-05 02:51 - 2013-02-21 18:31 - 00000000 ____D C:\ProgramData\AVG2013
2013-07-05 02:51 - 2008-11-20 05:36 - 00000000 ____D C:\ProgramData\SiteAdvisor
2013-07-05 02:51 - 2008-11-11 05:27 - 00000000 ____D C:\Acer
2013-07-03 21:51 - 2013-07-03 21:51 - 00225202 _____ C:\Users\Patrick\Downloads\PlateBuffs.zip
2013-07-03 15:00 - 2013-07-03 14:59 - 00009684 _____ C:\Users\Patrick\Downloads\Bitte dringend Einsatzbereitschaft schriftl. bestätigen   Danke!.html
2013-07-01 23:52 - 2013-06-07 00:02 - 00000970 _____ C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2013-07-01 23:51 - 2013-07-01 23:51 - 21516064 _____ (IObit                                                       ) C:\Users\Patrick\Downloads\imf-setup.exe
2013-07-01 23:41 - 2013-06-07 17:50 - 00000000 ____D C:\Users\Patrick\Desktop\jewhunter
2013-07-01 23:41 - 2013-01-27 23:47 - 00000000 ___RD C:\Users\Patrick\Desktop\Neuer Ordner (2)
2013-07-01 16:59 - 2013-07-01 16:59 - 00219136 _____ C:\Users\Patrick\Downloads\Just A Morpher (16992).exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-29 14:20

==================== End Of Log ============================

--- --- ---

Additional

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 28-07-2013
Ran by **** at 2013-07-29 14:50:54
Running from C:\Users\Patrick\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acer Crystal Eye Webcam 2.0.9.2 (Version: 2.0.9.2)
Acer eAudio Management (Version: 3.0.3009)
Acer eDataSecurity Management (Version: 3.0.3065)
Acer Empowering Technology (Version: 3.0.3013)
Acer ePower Management (Version: 3.0.3016)
Acer eRecovery Management (Version: 3.0.3014)
Acer eSettings Management (Version: 3.0.3007)
Acer GridVista (Version: 2.72.317)
Acer Mobility Center Plug-In (Version: 3.0.3000)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver (Version: 1.01.1111)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader 9 - Deutsch (Version: 9.0.0)
Adobe Shockwave Player 12.0 (Version: 12.0.2.122)
Advanced SystemCare 6 (Version: 6.2)
Apple Application Support (Version: 2.3)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (Version: 2.1.3.127)
AVG 2013 (Version: 13.0.2904)
AVG 2013 (Version: 13.0.3209)
AVG 2013 (Version: 2013.0.2904)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit Integrated Controller (Version: 11.32.03)
Bundled software uninstaller
CCleaner (Version: 3.28)
CDBurnerXP (Version: 4.4.0.2971)
Curse Client (HKCU Version: 5.1.1.792)
CyberLink PowerDirector (Version: 6.5.3023d)
DAEMON Tools Lite (Version: 4.45.4.0314)
DC Universe Online Live
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
EPSON SX420W Series Printer Uninstall
eSobi v2 (Version: 2.0.3.000201)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
FileZilla Client 3.6.0.2 (Version: 3.6.0.2)
FoxyDeal (Version: 1.1.0)
Free M4a to MP3 Converter 7.0
Free YouTube Download version 3.0.22.221 (Version: 3.0.22.221)
Free YouTube to MP3 Converter version 3.11.37.1212 (Version: 3.11.37.1212)
Futuremark SystemInfo (Version: 4.12.0)
Game Booster 3 (Version: 3.4)
Google Chrome (HKCU Version: 28.0.1500.72)
Google Desktop (Version: 5.7.0808.07150)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4209.2358)
Google Update Helper (Version: 1.3.21.153)
HDAUDIO Soft Data Fax Modem with SmartCP
HLSW v1.4.0.2
HxD Hex Editor Version 1.7.7.0 (Version: 1.7.7.0)
IObit Malware Fighter (Version: 2.0)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JavaFX 2.1.1 (Version: 2.1.1)
JDownloader 0.9 (Version: 0.9)
Launch Manager
LightScribe  1.4.142.1 (Version: 1.4.142.1)
Lyrics-Pal
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30320)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30320)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Works (Version: 08.05.0822)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0)
Mozilla Firefox 14.0.1 (x86 de) (Version: 14.0.1)
Mozilla Maintenance Service (Version: 14.0.1)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Premium (Version: 7.02.6445)
neroxml (Version: 1.0.0)
NTI Backup Now 5 (Version: 5.1.2.606)
NTI Backup Now Standard (Version: 5.1.2.606)
NTI Media Maker 8 (Version: 8.0.2.6329)
Nuvoton EC Generic HID Driver (Version: 7.80.5000)
NVIDIA Grafiktreiber 314.07 (Version: 314.07)
NVIDIA HD-Audiotreiber 1.3.23.1 (Version: 1.3.23.1)
NVIDIA Install Application (Version: 2.1002.109.706)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX-Systemsoftware 9.12.1031 (Version: 9.12.1031)
NVIDIA Systemsteuerung 314.07 (Version: 314.07)
NVIDIA Update 1.12.12 (Version: 1.12.12)
NVIDIA Update Components (Version: 1.12.12)
OpenAL
Orion (Version: 2.0.1)
PhotoNow! (Version: 1.1.4619)
PhotoScape
Proxifier version 3.21 (Version: 3.21)
PS3 Media Server (Version: 1.70.1)
Rapture3D 2.4.9 Game
Razer Naga (Version: 2.01.10)
Realtek High Definition Audio Driver (Version: 3.50)
Realtek USB 2.0 Card Reader (Version: 3.0.1.3)
Skype™ 6.3 (Version: 6.3.105)
Smart Defrag 2 (Version: 2.8)
Spotify (HKCU Version: 0.9.1.57.ge7405149)
Spyware Terminator 2012 (Version: 3.0.0.82)
Steam (Version: 1.0.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 11.1.4.0)
System Requirements Lab CYRI (Version: 5.0.6.0)
TeamSpeak 3 Client (Version: 3.0.10.1)
TeamViewer 7 (Version: 7.0.13852)
The Rise of Atlantis
True Crime® New York City (Version: 1.00.0000)
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 12.0.3600.73)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
VistaGlazz 2.4 (Version: 2.4)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
WinRAR 4.11 (32-Bit) (Version: 4.11.0)
Yahoo! Toolbar
 

==================== Restore Points  =========================

27-07-2013 16:02:00 Geplanter Prüfpunkt
27-07-2013 16:02:00 Geplanter Prüfpunkt
28-07-2013 15:24:19 Windows-Modulinstallation

==================== Hosts content: ==========================

2006-11-02 12:23 - 2013-05-26 23:45 - 00001629 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
255.255.255.255    easyanticheat.se    # misleading site
255.255.255.255    www.easyanticheat.se    # misleading site
255.255.255.255    easyanticheat.com    # misleading site
255.255.255.255    www.easyanticheat.com    # misleading site
255.255.255.255    easyanticheat.info    # misleading site
255.255.255.255    www.easyanticheat.info    # misleading site
255.255.255.255    easyanticheat.org    # misleading site
255.255.255.255    www.easyanticheat.org    # misleading site
46.23.70.78 pagead2.googlesyndication.com


==================== Scheduled Tasks (whitelisted) =============

Task: {003F87CF-EA74-4412-BC94-0405BE1F8420} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {08EEC257-F185-4C0E-ACC8-926817DE9129} - System32\Tasks\{2E9B8D2D-ACAA-44B4-A4CE-8F5076DEAEC4} => c:\users\patrick\appdata\local\google\chrome\application\chrome.exe [2013-07-12] (Google Inc.)
Task: {0AC8B34D-0414-4E39-B0F2-F95A7579F1BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {0EA10FC3-7B56-4A84-898B-E725B3FBFA07} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {1306DE42-5376-4B32-B429-07B4CFD465AB} - System32\Tasks\{6AD7FE8B-6FB6-4005-B5D5-E39A665CC61B} => c:\users\patrick\appdata\local\google\chrome\application\chrome.exe [2013-07-12] (Google Inc.)
Task: {1458B4F1-AAC9-4570-9075-FA2262EE6CD3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1CE1959C-7803-4C00-95BB-9B5743CAD9F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {1DAE200E-E2FE-4E7A-A7E6-32785A1EDEE8} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {321A9EE8-88D1-487A-9436-07FEB1263ADC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-02-19] (Piriform Ltd)
Task: {3978730D-CB1F-4221-8F03-577E249EC687} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-25] (Google Inc.)
Task: {3BA63360-0BF8-4DA7-BF0D-EE18E0EDFE2D} - System32\Tasks\SmartDefragUpdate => C:\Program Files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {48DCB0B6-D8E0-45D2-B537-7CA3B237CB69} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-09-20] ()
Task: {5BA042F0-1AFA-4F60-BA84-4DBBBC05C04F} - System32\Tasks\DealPly => C:\Users\Patrick\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE No File
Task: {63DC44A9-C44B-428A-869D-257DA86C740F} - System32\Tasks\Google Updater and Installer => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {7E51D29B-29FA-49F4-9E04-AEA8E34D7A0E} - System32\Tasks\Lyrics-Pal Update => C:\Program Files\LyricsPal\Lyrics.exe [2013-07-22] (LyricsPal Soft. LTD)
Task: {7F9A7D47-FFF4-4CD8-A730-C06877851814} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-06-08] ()
Task: {A56B22F5-4ABE-4CB2-9F14-06850A40B719} - System32\Tasks\ASC6_AutoClean => C:\Program Files\IObit\Advanced SystemCare 6\AutoSweep.exe [2013-04-16] (IObit)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {AB9B56C9-A61E-4998-B075-5F4E37266A64} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-11-24] (Facebook Inc.)
Task: {AE3543BE-0D50-4E54-9085-A57075F7210A} - System32\Tasks\ASC6_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 6\Monitor.exe [2013-04-08] (IObit)
Task: {B8771B99-D60B-47EC-BBF4-E8A2DF5707D1} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-21] (Microsoft Corporation)
Task: {C1758BDA-3C37-4FD7-A801-74B9E1D413C9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {C28A7EA3-E384-4F86-8204-0C7CE5C2BB5B} - System32\Tasks\EPUpdater => C:\Users\Patrick\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe No File
Task: {D319442B-E0FA-43CD-8350-80D7D88D1AEA} - System32\Tasks\SmartDefrag_Startup => C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe [2013-06-30] (IObit)
Task: {DFF77BC4-21F1-43A1-BDEA-4A58AE65E98D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-02-25] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E6B231C1-9C78-43B8-A6E8-4E847CDDFDFB} - System32\Tasks\{091618F5-5094-4ADD-8260-19D316AE9A0D} => c:\users\patrick\appdata\local\google\chrome\application\chrome.exe [2013-07-12] (Google Inc.)
Task: {F06BB2E8-930C-4E21-B05A-5BDB0A30C8D2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core.job => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA.job => C:\Users\Patrick\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000Core.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1972761961-1720249301-3694633806-1000UA.job => C:\Users\Patrick\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Lyrics-Pal Update.job => C:\Program Files\LyricsPal\Lyrics.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/29/2013 02:14:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 04:02:33 AM) (Source: IMFservice) (User: )
Description: Das Handle ist ungültig

Error: (07/29/2013 04:02:32 AM) (Source: IMFservice) (User: )
Description: Das Handle ist ungültig

Error: (07/28/2013 06:07:23 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020

Error: (07/28/2013 06:07:06 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.AddIn, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020

Error: (07/28/2013 05:54:05 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2013 04:41:12 PM) (Source: Perflib) (User: )
Description: SpoolerC:\Windows\system32\winspool.drv4

Error: (07/28/2013 04:41:12 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (07/28/2013 04:41:11 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/28/2013 04:41:11 PM) (Source: Perflib) (User: )
Description: BITSC:\Windows\system32\bitsperf.dll4


System errors:
=============
Error: (07/29/2013 02:44:58 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:44:58 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:44:58 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.

Error: (07/29/2013 02:28:47 PM) (Source: atapi) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort0 gefunden.


Microsoft Office Sessions:
=========================
Error: (07/29/2013 02:14:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/29/2013 04:02:33 AM) (Source: IMFservice)(User: )
Description: Das Handle ist ungültig

Error: (07/29/2013 04:02:32 AM) (Source: IMFservice)(User: )
Description: Das Handle ist ungültig

Error: (07/28/2013 06:07:23 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a . Error code = 0x80070020 
System.DirectoryServices, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a

Error: (07/28/2013 06:07:06 PM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: System.AddIn, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020 
System.AddIn, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (07/28/2013 05:54:05 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/28/2013 04:41:12 PM) (Source: Perflib)(User: )
Description: SpoolerC:\Windows\system32\winspool.drv4

Error: (07/28/2013 04:41:12 PM) (Source: Perflib)(User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4

Error: (07/28/2013 04:41:11 PM) (Source: Perflib)(User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4

Error: (07/28/2013 04:41:11 PM) (Source: Perflib)(User: )
Description: BITSC:\Windows\system32\bitsperf.dll4


CodeIntegrity Errors:
===================================
  Date: 2013-07-29 14:50:33.857
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:50:33.707
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:50:33.550
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:50:33.398
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:28:29.694
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:28:29.544
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:28:29.390
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:28:29.239
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:24:55.624
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-29 14:24:55.473
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 3066.12 MB
Available physical RAM: 1557.95 MB
Total Pagefile: 6332.64 MB
Available Pagefile: 4687.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1898.07 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:142.65 GB) (Free:56.34 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:142.67 GB) (Free:46.36 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 48D171C8)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=12)

==================== End Of Log ============================

cosinus · 29.07.2013, 14:00

Wurd denn jemals etwas gefunden oder nur beim letzten Durchlauf nicht? Bitte genauer beschreiben und Logs posten wenn da Funde waren.
Das Log von adwCleaner bitte auch posten

clntbestwud · 29.07.2013, 14:02

Zitat:

Zitat von cosinus

Wurd denn jemals etwas gefunden oder nur beim letzten Durchlauf nicht? Bitte genauer beschreiben und Logs posten wenn da Funde waren.
Das Log von adwCleaner bitte auch posten

Nur beim letzten Durchlauf nichts, vor gut 2 Wochen war nen Malware auf dem Rechner der durch Adwcleaner beseitigt worden ist.(Dieser Log ist leider nicht mehr vorhanden.)
Ich weiß nicht ob es dazu gehört , jedoch habe ich nun auch das Problem seit gut 3 Tagen wenn ich den Laptop starten will das er um die 5-6 Minuten braucht zum hochfahren.
Mit freundlichen Grüßen

cosinus · 29.07.2013, 14:30

Rootkitscan mit GMER

Bitte lade dir

GMER herunter: (Dateiname zufällig)

Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
WARNING !!!
GMER has found system modification, which might have been caused by ROOTKIT activity.
Do you want to fully scan your system ?

Unbedingt auf "No" klicken.
Entferne rechts den Haken bei: IAT/EAT und Show All
Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
Starte den Scan mit "Scan".
Mache nichts am Computer während der Scan läuft.
Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.

Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!

Tauchen Probleme auf?

Probiere alternativ den abgesicherten Modus.
Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.

Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

clntbestwud · 29.07.2013, 16:18

GMER

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-07-29 16:26:20
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD3200BEVT-22ZCT0 rev.11.01A11 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Patrick\AppData\Local\Temp\axliyfob.sys


---- Registry - GMER 2.1 ----

Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Animals\Bat.pcf                                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Anims\Addict.tag                                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\AssetlistsDev\AmbSndGen.tag                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CBVO\CBINTRO_A.wma                                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Char\Bodies\Body_F_Bum.pcf                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Char\Heads\Head_F_Burglar.pcf                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\BC01\CaseIntro_BC1.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\BC02\CaseIntro_BC2.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\BC03\CaseIntro_BC3.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\BC04\CaseIntro_BC4.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\CI\Cabby_Intro.cin                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\END\GrandCentral_B.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\EndB\NavarroFight.cin                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\EndG\GrandCentral.cin                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CINE\INT\BackAtPrecinct.cin                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\CITasks\MadamBigMouth.pcf                                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\city\Brick_NYC.exm                                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\city\Brick_NYC\-1_-1.g                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\AR_A_01.EXP                                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\BC01\CaseIntro_BC1.pcf                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\BC02\CaseIntro_BC2.pcf                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\BC03\CaseIntro_BC3.pcf                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\BC04\CaseIntro_BC4.pcf                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\EndGame\Conclusion_B.pcf                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\FC\FightClubBar.pcf                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\Intro\M1_CrackHouse.GER.pcf                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\ModuLife\LO_COM_1.pcf                                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\INT\SR\SR_01.pcf                                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\Eng\LangTable.dat                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\FRE\LangTable.dat                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\GER\LangTable.dat                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\ITA\LangTable.dat                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\SPA\LangTable.dat                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Lang\UK\LangTable.dat                                        1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\LResChar\LowPed.pcf                                          1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\LResChar\Bodies\Body_F_Bum.pcf                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\LResChar\Heads\Head_F_Burglar.pcf                            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Misc\Arrow.pcf                                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Missions\BC01.exm                                            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Movies\Aspyr.bik                                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\ARFem_C.wma                                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\BadCop\ARfem_A.wma                                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\CI_Cabby\CI_Cabby_BuckleUp_Marcus_01.wma              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\CI_King\CI_Kng_Exchange_02_Marcus.wma                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\CI_Madam\CI_Madam_BigMouth_Marcus_01.wma              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\FC_Promoter\FC_01_Prom_Announce.wma                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NickVO\Redman\BEETLE_01.wma                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M1\GN_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M1_Gino\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M3\AL_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M4_Alfie\BCRY_A_A.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M5\CD_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M5_Candy\BCRY_A_A.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M6\GN_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M6_Tony\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M8\TZC_01.wma                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC1_M8_Tuzzi\HURT_A_A.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M1\DG_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M1_PLincoln\BCRY_A_A.wma                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M2\BC2_M2_PL_01.wma                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M2_PHamilton\DIE_A.wma                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M3\KO_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M5\PG_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M5_PGrant\BCRY_A_A.wma                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M7\GA_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M8\BC2_M8_PL_01.wma                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC2_M8_BJ\BCRY_A.wma                                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M1\DL_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M2_Handler\BCRY_A_A.wma                            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M4\CB_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M4_Rey\BCRY_A_A.wma                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M5\GD_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M5_Director\HURT_A_A.wma                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M6\NR_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M6_Warden\BCRY_B_A.wma                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M8\TR_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC3_M8_Teresa\HURT_A_A.wma                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M1\FV_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M1_Nosferatu\BCRY_A_A.wma                          1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M2\ANGRY_A.wma                                     1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M3\Nick_Ext_ABSE_A.wma                             1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M4\LN_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M4_Lin\BCRY_A.wma                                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M5\JN_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M5_Jing\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M7\BM_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M8\Lee_01.wma                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\BC4_M8_Leeland\BCRY_A_A.wma                            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\CI\CI_Cby_PrmptC_T1.wma                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\CityCrimes\CRM_LOC_02_Crowd.wma                        1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\CI_Cabby\MissionVOs\CI_Cabby_BuckleUp_Cabby_01.wma     1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\CI_King\MissionVOs\CI_King_Exchange_01_Boss.wma        1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\CI_Madam\MissionVOs\CI_Madam_BigMouth_Driver_01.wma    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\Deena\Deena_ArrestLow_01.wma                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\DrillInstructor\M2D_DI_01.wma                          1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\EndB_M1\VN_01.wma                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\EndG_M1\TH_01.wma                                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\ENDT\END_M1_01.wma                                     1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\Gabriel\Gabe_Call_BC1_M1.wma                           1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC01_M01\Int_BRKN.wma                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC01_M04\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC01_M05\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC01_M06\Int_BRKN.wma                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC02_M01\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC02_M02\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC02_M05\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC03_M02\Int_BRKN.wma                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC03_M04\INT_SCREAM_A.wma                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC03_M05\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC04_M03_Clerk_A\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC04_M03_Clerk_B\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC04_M03_Clerk_C\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC04_M04\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\BC04_M05\Int_BREATH.wma                  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_Cabby5\CI_Cabby_Kidnap_Marcus_03.wma  1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_King1_Vendor1\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_King1_Vendor2\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_King1_Vendor3\EXT_BRKN.wma            1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_King5\INT_BRKN.wma                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INTERROGATION\CI_Madam1\EXT_BRKN.wma                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INT_M1\KL_01.wma                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INT_M4\M4_CarTalk_A.wma                                1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INT_M5\M5_TR_01.wma                                    1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\INT_M6F\INT_M6F_01.wma                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\Navarro\Victor_ClothesNice_01.wma                      1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Bum\FSW\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Bum\MSW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAA\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAC\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAIn\ABORTSEX.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAIt\ABORTSEX.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAJ\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAL\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAR\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAS\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FAW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FSA\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FSB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FSL\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FSW\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FYA\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FYB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FYL\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\FYW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAA\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAC\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAIn\ABORTSEX.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAIt\ABORTSEX.wma                              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAJ\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAL\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAR\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAS\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MAW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MHJ\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MSA\BCRY_A_A.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MSB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MSL\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\MSW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Civ\Ringtones\Moto_Chopped.wma                     1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\Clrk_Arms\Clrk_Arms_Cancel.wma                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\Clrk_Booth\Clrk_Cars_Cancel_A.wma              1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\Clrk_Cars\Clrk_Cars_Cancel_A.wma               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\Clrk_Evid\Clrk_Evid_Cancel.wma                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\Clrk_Pay\Clrk_Pay_Cancel.wma                   1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\FAB\BACKUP.wma                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\FAW\BACKUP.wma                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\MAB\BACKUP.wma                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Cop\MAW\BACKUP.wma                                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\FAB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\FAW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\MAA\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\MAB\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\MAL\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\NPC_Crm\MAW\ABORTSEX.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\SR_Promoter\SR_CR_00_Prom_Announce.wma                 1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\StreetMusicians\Fast_GuitarRiff_EthnicDisk.wma         1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\NPCVO\StreetRacing\ReadyGo.wma                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\RCRIMES\AR_A_01.pcf                                          1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\ScriptDev\AI_BC1M1.tag                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Shell\AutoShopMenu.tag                                       1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\Sounds\110.wma                                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\VEH\CARLOW.pcf                                               1
Reg   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs@C:\Program Files\Aspyr Media, Inc\True Crime\xae New York City\Data\VEH\Vehicles\ultraLo.pcf                                     1

---- Disk sectors - GMER 2.1 ----

Disk  \Device\Harddisk0\DR0                                                                                                                                                                      unknown MBR code

---- EOF - GMER 2.1 ----

mbar

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.06.0.1004
www.malwarebytes.org

Database version: v2013.07.29.04

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Patrick :: PATRICK-PC [administrator]

29.07.2013 16:37:18
mbar-log-2013-07-29 (16-37-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: PUP
Objects scanned: 243155
Time elapsed: 23 minute(s), 30 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Users\Patrick\Desktop\Neuer Ordner (2)\tmorph\Hartz IV Hook [V4.2].exe (HackTool.GamesCheat.Gen) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus · 29.07.2013, 22:38

Wir sollten imho den MBR nochmal unter die Lupe nehmen:

aswMBR

Downloade dir bitte

aswMBR.exe und speichere die Datei auf deinem Desktop.

Starte die aswMBR.exe - (aswMBR.exe Anleitung)
Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
Klicke auf Scan.
Warte bitte bis Scan finished successfully im DOS-Fenster steht.
Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).

TDSS-Killer

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

clntbestwud · 30.07.2013, 17:33

(edit)
Fullquote entfernt
--
cosinus
(/edit)

kann AswMBR exe nicht herunterladen. obwohl es 4,5 MB nur sind brauche ich dafür 2 Stunden und tdsskiller lädt direkt.

Tdss

Code:

ATTFilter

18:32:14.0627 0172  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:32:14.0878 0172  ============================================================
18:32:14.0878 0172  Current date / time: 2013/07/30 18:32:14.0878
18:32:14.0878 0172  SystemInfo:
18:32:14.0878 0172  
18:32:14.0878 0172  OS Version: 6.0.6002 ServicePack: 2.0
18:32:14.0878 0172  Product type: Workstation
18:32:14.0878 0172  ComputerName: PATRICK-PC
18:32:14.0879 0172  UserName: Patrick
18:32:14.0879 0172  Windows directory: C:\Windows
18:32:14.0879 0172  System windows directory: C:\Windows
18:32:14.0879 0172  Processor architecture: Intel x86
18:32:14.0879 0172  Number of processors: 2
18:32:14.0879 0172  Page size: 0x1000
18:32:14.0879 0172  Boot type: Normal boot
18:32:14.0879 0172  ============================================================
18:32:16.0076 0172  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:32:16.0078 0172  ============================================================
18:32:16.0078 0172  \Device\Harddisk0\DR0:
18:32:16.0078 0172  MBR partitions:
18:32:16.0078 0172  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x11D4D000
18:32:16.0078 0172  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x130D5800, BlocksNum 0x11D58800
18:32:16.0078 0172  ============================================================
18:32:16.0103 0172  C: <-> \Device\Harddisk0\DR0\Partition1
18:32:16.0165 0172  D: <-> \Device\Harddisk0\DR0\Partition2
18:32:16.0165 0172  ============================================================
18:32:16.0165 0172  Initialize success
18:32:16.0165 0172  ============================================================
18:32:26.0572 3880  ============================================================
18:32:26.0573 3880  Scan started
18:32:26.0573 3880  Mode: Manual; 
18:32:26.0573 3880  ============================================================
18:32:27.0858 3880  ================ Scan system memory ========================
18:32:27.0858 3880  System memory - ok
18:32:27.0859 3880  ================ Scan services =============================
18:32:28.0207 3880  2sonxkhc3 - ok
18:32:28.0250 3880  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:32:28.0256 3880  ACPI - ok
18:32:28.0333 3880  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:32:28.0335 3880  AdobeFlashPlayerUpdateSvc - ok
18:32:28.0410 3880  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:32:28.0419 3880  adp94xx - ok
18:32:28.0457 3880  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:32:28.0463 3880  adpahci - ok
18:32:28.0485 3880  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:32:28.0487 3880  adpu160m - ok
18:32:28.0518 3880  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:32:28.0521 3880  adpu320 - ok
18:32:28.0670 3880  [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
18:32:28.0694 3880  AdvancedSystemCareService6 - ok
18:32:28.0739 3880  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:32:28.0740 3880  AeLookupSvc - ok
18:32:28.0806 3880  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
18:32:28.0812 3880  AFD - ok
18:32:28.0843 3880  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:32:28.0845 3880  agp440 - ok
18:32:28.0888 3880  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:32:28.0890 3880  aic78xx - ok
18:32:28.0910 3880  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
18:32:28.0913 3880  ALG - ok
18:32:28.0934 3880  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:32:28.0935 3880  aliide - ok
18:32:28.0953 3880  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:32:28.0954 3880  amdagp - ok
18:32:28.0968 3880  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:32:28.0969 3880  amdide - ok
18:32:28.0988 3880  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
18:32:28.0990 3880  AmdK7 - ok
18:32:29.0012 3880  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:32:29.0014 3880  AmdK8 - ok
18:32:29.0061 3880  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
18:32:29.0063 3880  Appinfo - ok
18:32:29.0148 3880  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:32:29.0149 3880  Apple Mobile Device - ok
18:32:29.0268 3880  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
18:32:29.0294 3880  arc - ok
18:32:29.0353 3880  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:32:29.0388 3880  arcsas - ok
18:32:29.0413 3880  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:32:29.0413 3880  AsyncMac - ok
18:32:29.0454 3880  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:32:29.0454 3880  atapi - ok
18:32:29.0539 3880  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:32:29.0545 3880  AudioEndpointBuilder - ok
18:32:29.0555 3880  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:32:29.0557 3880  Audiosrv - ok
18:32:29.0617 3880  [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6x.sys
18:32:29.0618 3880  Avgfwfd - ok
18:32:29.0736 3880  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files\AVG\AVG2013\avgfws.exe
18:32:29.0768 3880  avgfws - ok
18:32:29.0956 3880  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
18:32:30.0108 3880  AVGIDSAgent - ok
18:32:30.0164 3880  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:32:30.0167 3880  AVGIDSDriver - ok
18:32:30.0195 3880  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
18:32:30.0197 3880  AVGIDSHX - ok
18:32:30.0213 3880  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:32:30.0214 3880  AVGIDSShim - ok
18:32:30.0250 3880  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
18:32:30.0254 3880  Avgldx86 - ok
18:32:30.0286 3880  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
18:32:30.0289 3880  Avglogx - ok
18:32:30.0298 3880  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
18:32:30.0300 3880  Avgmfx86 - ok
18:32:30.0329 3880  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
18:32:30.0330 3880  Avgrkx86 - ok
18:32:30.0344 3880  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
18:32:30.0348 3880  Avgtdix - ok
18:32:30.0371 3880  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
18:32:30.0376 3880  avgwd - ok
18:32:30.0434 3880  [ 6FB43F0DADB3FDC287D080C19666AF8D ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:32:30.0439 3880  b57nd60x - ok
18:32:30.0480 3880  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:32:30.0481 3880  Beep - ok
18:32:30.0690 3880  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
18:32:30.0698 3880  BFE - ok
18:32:30.0747 3880  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
18:32:30.0769 3880  BITS - ok
18:32:30.0827 3880  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:32:30.0828 3880  blbdrive - ok
18:32:30.0900 3880  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:32:30.0908 3880  Bonjour Service - ok
18:32:30.0958 3880  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:32:30.0960 3880  bowser - ok
18:32:30.0991 3880  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:32:30.0993 3880  BrFiltLo - ok
18:32:31.0066 3880  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:32:31.0067 3880  BrFiltUp - ok
18:32:31.0094 3880  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
18:32:31.0097 3880  Browser - ok
18:32:31.0114 3880  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:32:31.0117 3880  Brserid - ok
18:32:31.0134 3880  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:32:31.0137 3880  BrSerWdm - ok
18:32:31.0153 3880  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:32:31.0154 3880  BrUsbMdm - ok
18:32:31.0168 3880  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:32:31.0169 3880  BrUsbSer - ok
18:32:31.0182 3880  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:32:31.0184 3880  BTHMODEM - ok
18:32:31.0248 3880  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
18:32:31.0249 3880  BUNAgentSvc - ok
18:32:31.0327 3880  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:32:31.0329 3880  cdfs - ok
18:32:31.0369 3880  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:32:31.0371 3880  cdrom - ok
18:32:31.0422 3880  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:32:31.0424 3880  CertPropSvc - ok
18:32:31.0442 3880  ci3k8t1pt - ok
18:32:31.0523 3880  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
18:32:31.0524 3880  circlass - ok
18:32:31.0542 3880  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
18:32:31.0548 3880  CLFS - ok
18:32:31.0642 3880  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:32:31.0645 3880  clr_optimization_v2.0.50727_32 - ok
18:32:31.0744 3880  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:32:31.0763 3880  clr_optimization_v4.0.30319_32 - ok
18:32:31.0811 3880  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:32:31.0814 3880  CmBatt - ok
18:32:31.0888 3880  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:32:31.0890 3880  cmdide - ok
18:32:31.0905 3880  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:32:31.0906 3880  Compbatt - ok
18:32:31.0912 3880  COMSysApp - ok
18:32:31.0956 3880  cpuz135 - ok
18:32:31.0973 3880  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:32:31.0975 3880  crcdisk - ok
18:32:31.0990 3880  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
18:32:31.0992 3880  Crusoe - ok
18:32:32.0041 3880  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:32:32.0045 3880  CryptSvc - ok
18:32:32.0129 3880  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:32:32.0153 3880  DcomLaunch - ok
18:32:32.0215 3880  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:32:32.0217 3880  DfsC - ok
18:32:32.0308 3880  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
18:32:32.0408 3880  DFSR - ok
18:32:32.0465 3880  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:32:32.0469 3880  Dhcp - ok
18:32:32.0496 3880  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
18:32:32.0497 3880  disk - ok
18:32:32.0548 3880  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
18:32:32.0549 3880  DKbFltr - ok
18:32:32.0575 3880  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:32:32.0578 3880  Dnscache - ok
18:32:32.0616 3880  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:32:32.0620 3880  dot3svc - ok
18:32:32.0657 3880  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
18:32:32.0660 3880  DPS - ok
18:32:32.0714 3880  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:32:32.0715 3880  drmkaud - ok
18:32:32.0777 3880  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:32:32.0782 3880  dtsoftbus01 - ok
18:32:32.0874 3880  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:32:32.0898 3880  DXGKrnl - ok
18:32:32.0977 3880  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
18:32:32.0979 3880  E1G60 - ok
18:32:33.0029 3880  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
18:32:33.0032 3880  EapHost - ok
18:32:33.0077 3880  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:32:33.0081 3880  Ecache - ok
18:32:33.0188 3880  [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
18:32:33.0198 3880  eDataSecurity Service - ok
18:32:34.0200 3880  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:32:34.0206 3880  ehRecvr - ok
18:32:34.0235 3880  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
18:32:34.0238 3880  ehSched - ok
18:32:34.0254 3880  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
18:32:34.0255 3880  ehstart - ok
18:32:34.0279 3880  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:32:34.0286 3880  elxstor - ok
18:32:34.0341 3880  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:32:34.0365 3880  EMDMgmt - ok
18:32:34.0387 3880  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:32:34.0396 3880  ErrDev - ok
18:32:34.0424 3880  ESEADriver2 - ok
18:32:34.0476 3880  [ F25247D0E011A643EE60052CE23BE05E ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
18:32:34.0477 3880  ETService - ok
18:32:34.0533 3880  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
18:32:34.0540 3880  EventSystem - ok
18:32:34.0567 3880  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
18:32:34.0571 3880  exfat - ok
18:32:34.0655 3880  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:32:34.0658 3880  fastfat - ok
18:32:34.0734 3880  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:32:34.0736 3880  fdc - ok
18:32:34.0771 3880  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:32:34.0772 3880  fdPHost - ok
18:32:34.0849 3880  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:32:34.0851 3880  FDResPub - ok
18:32:34.0870 3880  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:32:34.0872 3880  FileInfo - ok
18:32:34.0932 3880  [ 7EBAB88FEE6E97397C183ED3B71F0797 ] FileMonitor     C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
18:32:34.0935 3880  FileMonitor - ok
18:32:34.0960 3880  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:32:34.0961 3880  Filetrace - ok
18:32:34.0972 3880  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:32:34.0973 3880  flpydisk - ok
18:32:35.0009 3880  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:32:35.0013 3880  FltMgr - ok
18:32:35.0111 3880  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
18:32:35.0134 3880  FontCache - ok
18:32:35.0214 3880  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:32:35.0215 3880  FontCache3.0.0.0 - ok
18:32:35.0294 3880  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:32:35.0295 3880  Fs_Rec - ok
18:32:35.0357 3880  [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:32:35.0360 3880  Futuremark SystemInfo Service - ok
18:32:35.0395 3880  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:32:35.0396 3880  gagp30kx - ok
18:32:35.0483 3880  [ 6FD7F370817F16B5E1F08B91BADAA2EE ] GoogleDesktopManager-080708-050100 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
18:32:35.0485 3880  GoogleDesktopManager-080708-050100 - ok
18:32:35.0530 3880  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:32:35.0552 3880  gpsvc - ok
18:32:35.0611 3880  guardian - ok
18:32:35.0662 3880  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:32:35.0666 3880  gupdate - ok
18:32:35.0685 3880  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:32:35.0686 3880  gupdatem - ok
18:32:35.0748 3880  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:32:35.0751 3880  gusvc - ok
18:32:35.0832 3880  h3zest73x - ok
18:32:35.0876 3880  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:32:35.0880 3880  HdAudAddService - ok
18:32:35.0925 3880  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:32:35.0948 3880  HDAudBus - ok
18:32:35.0975 3880  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:32:35.0976 3880  HidBth - ok
18:32:35.0991 3880  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:32:35.0992 3880  HidIr - ok
18:32:36.0033 3880  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
18:32:36.0036 3880  hidserv - ok
18:32:36.0070 3880  [ 7F7E5E98CEFED8A10F7E56810EA7B6DF ] hidshim         C:\Windows\system32\DRIVERS\hidshim.sys
18:32:36.0071 3880  hidshim - ok
18:32:36.0154 3880  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:32:36.0155 3880  HidUsb - ok
18:32:36.0189 3880  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:32:36.0192 3880  hkmsvc - ok
18:32:36.0212 3880  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:32:36.0216 3880  HpCISSs - ok
18:32:36.0248 3880  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:32:36.0254 3880  HSFHWAZL - ok
18:32:36.0307 3880  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:32:36.0342 3880  HSF_DPV - ok
18:32:36.0431 3880  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:32:36.0436 3880  HSXHWAZL - ok
18:32:36.0479 3880  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:32:36.0488 3880  HTTP - ok
18:32:36.0562 3880  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:32:36.0566 3880  i2omp - ok
18:32:36.0596 3880  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:32:36.0598 3880  i8042prt - ok
18:32:36.0642 3880  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:32:36.0650 3880  iaStorV - ok
18:32:36.0720 3880  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:32:36.0743 3880  idsvc - ok
18:32:36.0760 3880  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:32:36.0762 3880  iirsp - ok
18:32:36.0815 3880  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:32:36.0834 3880  IKEEXT - ok
18:32:36.0868 3880  [ 24EA4E2F76E216CE70353736E3556585 ] IMFservice      C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
18:32:36.0876 3880  IMFservice - ok
18:32:36.0909 3880  [ 58FF11C95C3681C9250914521CB9F036 ] int15           C:\Windows\system32\drivers\int15.sys
18:32:36.0910 3880  int15 - ok
18:32:37.0084 3880  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:32:37.0195 3880  IntcAzAudAddService - ok
18:32:37.0226 3880  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:32:37.0227 3880  intelide - ok
18:32:37.0259 3880  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:32:37.0260 3880  intelppm - ok
18:32:37.0299 3880  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:32:37.0302 3880  IPBusEnum - ok
18:32:37.0341 3880  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:32:37.0343 3880  IpFilterDriver - ok
18:32:37.0376 3880  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:32:37.0381 3880  iphlpsvc - ok
18:32:37.0387 3880  IpInIp - ok
18:32:37.0406 3880  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:32:37.0408 3880  IPMIDRV - ok
18:32:37.0438 3880  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:32:37.0441 3880  IPNAT - ok
18:32:37.0484 3880  [ E50A95179211B12946F7E035D60AF560 ] irda            C:\Windows\system32\DRIVERS\irda.sys
18:32:37.0487 3880  irda - ok
18:32:37.0492 3880  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:32:37.0494 3880  IRENUM - ok
18:32:37.0514 3880  [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon           C:\Windows\System32\irmon.dll
18:32:37.0516 3880  Irmon - ok
18:32:37.0532 3880  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:32:37.0533 3880  isapnp - ok
18:32:37.0579 3880  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:32:37.0582 3880  iScsiPrt - ok
18:32:37.0604 3880  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:32:37.0606 3880  iteatapi - ok
18:32:37.0625 3880  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:32:37.0626 3880  iteraid - ok
18:32:37.0640 3880  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:32:37.0642 3880  kbdclass - ok
18:32:37.0677 3880  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:32:37.0678 3880  kbdhid - ok
18:32:37.0725 3880  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
18:32:37.0728 3880  KeyIso - ok
18:32:37.0752 3880  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:32:37.0762 3880  KSecDD - ok
18:32:37.0797 3880  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:32:37.0805 3880  KtmRm - ok
18:32:37.0829 3880  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:32:37.0836 3880  LanmanServer - ok
18:32:37.0882 3880  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:32:37.0888 3880  LanmanWorkstation - ok
18:32:37.0969 3880  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:32:37.0970 3880  LightScribeService - ok
18:32:37.0995 3880  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:32:37.0997 3880  lltdio - ok
18:32:38.0022 3880  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:32:38.0028 3880  lltdsvc - ok
18:32:38.0041 3880  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:32:38.0046 3880  lmhosts - ok
18:32:38.0061 3880  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:32:38.0063 3880  LSI_FC - ok
18:32:38.0081 3880  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:32:38.0084 3880  LSI_SAS - ok
18:32:38.0106 3880  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:32:38.0108 3880  LSI_SCSI - ok
18:32:38.0126 3880  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
18:32:38.0128 3880  luafv - ok
18:32:38.0159 3880  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:32:38.0161 3880  MBAMProtector - ok
18:32:38.0366 3880  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:32:38.0374 3880  MBAMScheduler - ok
18:32:38.0438 3880  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:32:38.0457 3880  MBAMService - ok
18:32:38.0489 3880  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:32:38.0491 3880  Mcx2Svc - ok
18:32:38.0511 3880  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:32:38.0512 3880  mdmxsdk - ok
18:32:38.0551 3880  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:32:38.0553 3880  megasas - ok
18:32:38.0581 3880  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:32:38.0589 3880  MegaSR - ok
18:32:38.0624 3880  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
18:32:38.0627 3880  MMCSS - ok
18:32:38.0659 3880  MobilityService - ok
18:32:38.0675 3880  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
18:32:38.0676 3880  Modem - ok
18:32:38.0706 3880  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:32:38.0708 3880  monitor - ok
18:32:38.0787 3880  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:32:38.0788 3880  mouclass - ok
18:32:38.0797 3880  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:32:38.0798 3880  mouhid - ok
18:32:38.0811 3880  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:32:38.0813 3880  MountMgr - ok
18:32:38.0876 3880  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:32:38.0878 3880  MozillaMaintenance - ok
18:32:38.0901 3880  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:32:38.0904 3880  mpio - ok
18:32:38.0921 3880  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:32:38.0923 3880  mpsdrv - ok
18:32:38.0959 3880  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:32:38.0970 3880  MpsSvc - ok
18:32:38.0990 3880  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:32:38.0992 3880  Mraid35x - ok
18:32:39.0022 3880  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:32:39.0025 3880  MRxDAV - ok
18:32:39.0063 3880  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:32:39.0066 3880  mrxsmb - ok
18:32:39.0079 3880  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:32:39.0084 3880  mrxsmb10 - ok
18:32:39.0096 3880  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:32:39.0098 3880  mrxsmb20 - ok
18:32:39.0148 3880  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:32:39.0149 3880  msahci - ok
18:32:39.0170 3880  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:32:39.0175 3880  msdsm - ok
18:32:39.0198 3880  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
18:32:39.0201 3880  MSDTC - ok
18:32:39.0239 3880  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:32:39.0240 3880  Msfs - ok
18:32:39.0264 3880  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:32:39.0265 3880  msisadrv - ok
18:32:39.0298 3880  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:32:39.0302 3880  MSiSCSI - ok
18:32:39.0309 3880  msiserver - ok
18:32:39.0379 3880  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:32:39.0380 3880  MSKSSRV - ok
18:32:39.0396 3880  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:32:39.0406 3880  MSPCLOCK - ok
18:32:39.0440 3880  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:32:39.0455 3880  MSPQM - ok
18:32:40.0185 3880  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:32:40.0196 3880  MsRPC - ok
18:32:40.0234 3880  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:32:40.0236 3880  mssmbios - ok
18:32:40.0256 3880  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:32:40.0257 3880  MSTEE - ok
18:32:40.0290 3880  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:32:40.0291 3880  Mup - ok
18:32:40.0333 3880  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
18:32:40.0341 3880  napagent - ok
18:32:40.0386 3880  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:32:40.0389 3880  NativeWifiP - ok
18:32:41.0194 3880  [ F46070DDADA5C396B1F2EBF1C46DBB08 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:32:41.0269 3880  NBService - ok
18:32:41.0348 3880  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:32:41.0370 3880  NDIS - ok
18:32:41.0401 3880  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:32:41.0402 3880  NdisTapi - ok
18:32:41.0418 3880  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:32:41.0419 3880  Ndisuio - ok
18:32:41.0450 3880  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:32:41.0453 3880  NdisWan - ok
18:32:41.0467 3880  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:32:41.0468 3880  NDProxy - ok
18:32:41.0482 3880  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:32:41.0483 3880  NetBIOS - ok
18:32:41.0506 3880  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:32:41.0510 3880  netbt - ok
18:32:41.0528 3880  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
18:32:41.0530 3880  Netlogon - ok
18:32:41.0561 3880  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
18:32:41.0569 3880  Netman - ok
18:32:41.0640 3880  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
18:32:41.0647 3880  netprofm - ok
18:32:41.0686 3880  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:32:41.0688 3880  NetTcpPortSharing - ok
18:32:41.0805 3880  [ 0B214C6A4728F085FB64A29ED9C4DE94 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
18:32:41.0936 3880  NETw5v32 - ok
18:32:41.0962 3880  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:32:41.0963 3880  nfrd960 - ok
18:32:42.0056 3880  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:32:42.0061 3880  NlaSvc - ok
18:32:42.0156 3880  [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:32:42.0161 3880  NMIndexingService - ok
18:32:42.0249 3880  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:32:42.0251 3880  Npfs - ok
18:32:42.0328 3880  [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA         C:\Windows\system32\DRIVERS\nscirda.sys
18:32:42.0330 3880  NSCIRDA - ok
18:32:42.0344 3880  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
18:32:42.0347 3880  nsi - ok
18:32:42.0359 3880  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:32:42.0360 3880  nsiproxy - ok
18:32:42.0422 3880  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:32:42.0457 3880  Ntfs - ok
18:32:42.0499 3880  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
18:32:42.0501 3880  NTIBackupSvc - ok
18:32:42.0529 3880  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
18:32:42.0530 3880  NTIDrvr - ok
18:32:42.0547 3880  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
18:32:42.0550 3880  NTISchedulerSvc - ok
18:32:42.0566 3880  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
18:32:42.0567 3880  ntrigdigi - ok
18:32:42.0609 3880  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
18:32:42.0610 3880  Null - ok
18:32:42.0643 3880  [ 85D8845B7B6A434B7CE35723BF0E5C57 ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
18:32:42.0646 3880  nuvotonhidgeneric - ok
18:32:42.0702 3880  [ A103F2A100B091809A120A1463BC9EB5 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
18:32:42.0706 3880  NVHDA - ok
18:32:43.0369 3880  [ ED4239D1B92BDBA4F85C62A6F904E64B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:32:43.0571 3880  nvlddmkm - ok
18:32:43.0628 3880  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:32:43.0630 3880  nvraid - ok
18:32:43.0648 3880  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:32:43.0650 3880  nvstor - ok
18:32:43.0702 3880  [ E74F08719D6C92FDA6092D0E36E33CAB ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:32:43.0726 3880  nvsvc - ok
18:32:43.0857 3880  [ A6204EB813259F81217F65A02EDC5F09 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:32:43.0891 3880  nvUpdatusService - ok
18:32:43.0951 3880  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:32:43.0954 3880  nv_agp - ok
18:32:43.0961 3880  NwlnkFlt - ok
18:32:43.0969 3880  NwlnkFwd - ok
18:32:44.0004 3880  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:32:44.0006 3880  ohci1394 - ok
18:32:44.0043 3880  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:32:44.0047 3880  ose - ok
18:32:44.0271 3880  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:32:44.0425 3880  osppsvc - ok
18:32:44.0477 3880  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:32:44.0500 3880  p2pimsvc - ok
18:32:44.0513 3880  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:32:44.0521 3880  p2psvc - ok
18:32:44.0542 3880  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
18:32:44.0545 3880  Parport - ok
18:32:44.0575 3880  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:32:44.0576 3880  partmgr - ok
18:32:44.0605 3880  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
18:32:44.0606 3880  Parvdm - ok
18:32:44.0630 3880  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:32:44.0633 3880  PcaSvc - ok
18:32:44.0668 3880  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
18:32:44.0671 3880  pci - ok
18:32:44.0682 3880  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
18:32:44.0685 3880  pciide - ok
18:32:44.0710 3880  [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:32:44.0714 3880  pcmcia - ok
18:32:44.0772 3880  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:32:44.0793 3880  PEAUTH - ok
18:32:44.0888 3880  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
18:32:44.0988 3880  pla - ok
18:32:45.0028 3880  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:32:45.0035 3880  PlugPlay - ok
18:32:45.0067 3880  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:32:45.0073 3880  PNRPAutoReg - ok
18:32:45.0100 3880  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:32:45.0107 3880  PNRPsvc - ok
18:32:45.0154 3880  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:32:45.0162 3880  PolicyAgent - ok
18:32:45.0243 3880  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:32:45.0246 3880  PptpMiniport - ok
18:32:45.0266 3880  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
18:32:45.0267 3880  Processor - ok
18:32:45.0316 3880  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:32:45.0321 3880  ProfSvc - ok
18:32:45.0341 3880  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:32:45.0343 3880  ProtectedStorage - ok
18:32:45.0382 3880  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:32:45.0386 3880  PSched - ok
18:32:45.0419 3880  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
18:32:45.0420 3880  PSDFilter - ok
18:32:45.0450 3880  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
18:32:45.0451 3880  PSDNServ - ok
18:32:45.0472 3880  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
18:32:45.0475 3880  psdvdisk - ok
18:32:46.0194 3880  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:32:46.0283 3880  ql2300 - ok
18:32:46.0320 3880  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:32:46.0322 3880  ql40xx - ok
18:32:46.0358 3880  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
18:32:46.0366 3880  QWAVE - ok
18:32:46.0400 3880  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:32:46.0401 3880  QWAVEdrv - ok
18:32:46.0410 3880  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:32:46.0411 3880  RasAcd - ok
18:32:46.0425 3880  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
18:32:46.0430 3880  RasAuto - ok
18:32:46.0447 3880  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:32:46.0449 3880  Rasl2tp - ok
18:32:46.0495 3880  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
18:32:46.0503 3880  RasMan - ok
18:32:46.0550 3880  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:32:46.0552 3880  RasPppoe - ok
18:32:46.0639 3880  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:32:46.0641 3880  RasSstp - ok
18:32:46.0686 3880  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:32:46.0692 3880  rdbss - ok
18:32:46.0716 3880  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:32:46.0717 3880  RDPCDD - ok
18:32:46.0739 3880  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:32:46.0744 3880  rdpdr - ok
18:32:46.0752 3880  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:32:46.0754 3880  RDPENCDD - ok
18:32:46.0793 3880  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:32:46.0798 3880  RDPWD - ok
18:32:46.0894 3880  [ 488F6A96E03A5A61B7F1FA6A6AB75457 ] RegFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
18:32:46.0896 3880  RegFilter - ok
18:32:46.0942 3880  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:32:46.0947 3880  RemoteAccess - ok
18:32:46.0987 3880  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:32:46.0992 3880  RemoteRegistry - ok
18:32:47.0062 3880  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       c:\Program Files\Cyberlink\Shared files\RichVideo.exe
18:32:47.0068 3880  RichVideo - ok
18:32:47.0100 3880  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
18:32:47.0102 3880  RpcLocator - ok
18:32:47.0128 3880  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
18:32:47.0135 3880  RpcSs - ok
18:32:47.0177 3880  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:32:47.0178 3880  rspndr - ok
18:32:47.0201 3880  [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
18:32:47.0202 3880  RTSTOR - ok
18:32:47.0309 3880  [ 83E13824259AB95E5EA919C9597A7FE1 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
18:32:47.0311 3880  RzSynapse - ok
18:32:47.0331 3880  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
18:32:47.0334 3880  SamSs - ok
18:32:48.0192 3880  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:32:48.0194 3880  sbp2port - ok
18:32:48.0230 3880  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:32:48.0234 3880  SCardSvr - ok
18:32:48.0279 3880  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
18:32:48.0301 3880  Schedule - ok
18:32:48.0343 3880  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:32:48.0344 3880  SCPolicySvc - ok
18:32:48.0369 3880  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:32:48.0372 3880  sdbus - ok
18:32:48.0396 3880  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:32:48.0400 3880  SDRSVC - ok
18:32:48.0426 3880  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:32:48.0428 3880  secdrv - ok
18:32:48.0450 3880  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
18:32:48.0453 3880  seclogon - ok
18:32:48.0471 3880  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
18:32:48.0474 3880  SENS - ok
18:32:48.0496 3880  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:32:48.0497 3880  Serenum - ok
18:32:48.0525 3880  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
18:32:48.0527 3880  Serial - ok
18:32:48.0554 3880  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:32:48.0555 3880  sermouse - ok
18:32:48.0627 3880  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:32:48.0631 3880  SessionEnv - ok
18:32:48.0649 3880  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:32:48.0659 3880  sffdisk - ok
18:32:48.0674 3880  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:32:48.0676 3880  sffp_mmc - ok
18:32:48.0695 3880  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:32:48.0697 3880  sffp_sd - ok
18:32:48.0709 3880  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:32:48.0711 3880  sfloppy - ok
18:32:48.0748 3880  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:32:48.0754 3880  SharedAccess - ok
18:32:48.0791 3880  [ 179AF7B52C59EED5635F69870D9E75E0 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:32:48.0798 3880  ShellHWDetection - ok
18:32:48.0814 3880  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:32:48.0817 3880  sisagp - ok
18:32:48.0837 3880  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:32:48.0838 3880  SiSRaid2 - ok
18:32:48.0856 3880  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:32:48.0858 3880  SiSRaid4 - ok
18:32:48.0903 3880  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:32:48.0907 3880  SkypeUpdate - ok
18:32:49.0018 3880  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
18:32:49.0152 3880  slsvc - ok
18:32:49.0191 3880  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:32:49.0196 3880  SLUINotify - ok
18:32:49.0233 3880  [ 46B40982AF166BF89C3F51FB13E60D6D ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
18:32:49.0235 3880  SmartDefragDriver - ok
18:32:49.0253 3880  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:32:49.0256 3880  Smb - ok
18:32:49.0291 3880  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:32:49.0295 3880  SNMPTRAP - ok
18:32:49.0316 3880  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
18:32:49.0318 3880  spldr - ok
18:32:49.0357 3880  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
18:32:49.0362 3880  Spooler - ok
18:32:49.0398 3880  [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2       C:\Windows\system32\drivers\sp_rsdrv2.sys
18:32:49.0399 3880  sp_rsdrv2 - ok
18:32:49.0488 3880  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:32:49.0494 3880  srv - ok
18:32:49.0601 3880  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:32:49.0634 3880  srv2 - ok
18:32:49.0693 3880  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:32:49.0696 3880  srvnet - ok
18:32:49.0777 3880  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:32:49.0783 3880  SSDPSRV - ok
18:32:49.0868 3880  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:32:49.0873 3880  SstpSvc - ok
18:32:49.0941 3880  [ 3F92D423973F582B2A86065344367AC4 ] ST2012_Svc      C:\Program Files\Spyware Terminator\st_rsser.exe
18:32:49.0963 3880  ST2012_Svc - ok
18:32:49.0983 3880  Steam Client Service - ok
18:32:50.0046 3880  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
18:32:50.0067 3880  stisvc - ok
18:32:50.0100 3880  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:32:50.0101 3880  swenum - ok
18:32:50.0189 3880  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
18:32:50.0199 3880  swprv - ok
18:32:50.0236 3880  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:32:50.0238 3880  Symc8xx - ok
18:32:50.0247 3880  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:32:50.0249 3880  Sym_hi - ok
18:32:50.0258 3880  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:32:50.0260 3880  Sym_u3 - ok
18:32:50.0295 3880  [ 4C9BB4B3B9EAC26211484C30B914C6DC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:32:50.0300 3880  SynTP - ok
18:32:50.0328 3880  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
18:32:50.0350 3880  SysMain - ok
18:32:50.0380 3880  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:32:50.0385 3880  TabletInputService - ok
18:32:50.0435 3880  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:32:50.0442 3880  TapiSrv - ok
18:32:50.0457 3880  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
18:32:50.0460 3880  TBS - ok
18:32:50.0506 3880  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:32:50.0598 3880  Tcpip - ok
18:32:50.0619 3880  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:32:50.0626 3880  Tcpip6 - ok
18:32:50.0654 3880  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:32:50.0655 3880  tcpipreg - ok
18:32:50.0684 3880  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:32:50.0685 3880  TDPIPE - ok
18:32:50.0707 3880  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:32:50.0709 3880  TDTCP - ok
18:32:50.0749 3880  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:32:50.0751 3880  tdx - ok
18:32:50.0867 3880  [ 4A84526076717F87F3E1AD24AB28FB5A ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
18:32:50.0990 3880  TeamViewer7 - ok
18:32:51.0027 3880  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:32:51.0029 3880  TermDD - ok
18:32:51.0058 3880  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
18:32:51.0080 3880  TermService - ok
18:32:51.0103 3880  [ 179AF7B52C59EED5635F69870D9E75E0 ] Themes          C:\Windows\system32\shsvcs.dll
18:32:51.0109 3880  Themes - ok
18:32:51.0120 3880  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:32:51.0123 3880  THREADORDER - ok
18:32:51.0153 3880  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
18:32:51.0159 3880  TrkWks - ok
18:32:51.0195 3880  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:32:51.0196 3880  TrustedInstaller - ok
18:32:51.0287 3880  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:32:51.0289 3880  tssecsrv - ok
18:32:51.0400 3880  [ FC740E4FF236B72CA59B8F762D30C7F3 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
18:32:51.0500 3880  TuneUp.UtilitiesSvc - ok
18:32:51.0532 3880  [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
18:32:51.0534 3880  TuneUpUtilitiesDrv - ok
18:32:51.0556 3880  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:32:51.0557 3880  tunmp - ok
18:32:51.0581 3880  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:32:51.0582 3880  tunnel - ok
18:32:51.0607 3880  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:32:51.0609 3880  uagp35 - ok
18:32:51.0646 3880  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:32:51.0648 3880  UBHelper - ok
18:32:51.0689 3880  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:32:51.0693 3880  udfs - ok
18:32:51.0720 3880  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:32:51.0724 3880  UI0Detect - ok
18:32:51.0740 3880  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:32:51.0742 3880  uliagpkx - ok
18:32:51.0764 3880  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:32:51.0770 3880  uliahci - ok
18:32:51.0790 3880  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:32:51.0792 3880  UlSata - ok
18:32:51.0808 3880  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:32:51.0811 3880  ulsata2 - ok
18:32:51.0821 3880  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:32:51.0822 3880  umbus - ok
18:32:51.0843 3880  [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
18:32:51.0844 3880  UMPass - ok
18:32:51.0876 3880  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
18:32:51.0883 3880  upnphost - ok
18:32:51.0918 3880  [ 085C7D657B6594D73A473EE55079810B ] UrlFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
18:32:51.0919 3880  UrlFilter - ok
18:32:51.0953 3880  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
18:32:51.0955 3880  USBAAPL - ok
18:32:51.0970 3880  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:32:51.0972 3880  usbccgp - ok
18:32:51.0991 3880  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:32:51.0993 3880  usbcir - ok
18:32:52.0045 3880  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:32:52.0047 3880  usbehci - ok
18:32:52.0135 3880  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:32:52.0140 3880  usbhub - ok
18:32:52.0160 3880  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:32:52.0161 3880  usbohci - ok
18:32:52.0197 3880  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:32:52.0198 3880  usbprint - ok
18:32:52.0240 3880  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:32:52.0242 3880  USBSTOR - ok
18:32:52.0260 3880  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:32:52.0261 3880  usbuhci - ok
18:32:52.0277 3880  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:32:52.0280 3880  usbvideo - ok
18:32:52.0318 3880  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
18:32:52.0321 3880  UxSms - ok
18:32:52.0354 3880  [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:32:52.0355 3880  VClone - ok
18:32:52.0386 3880  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
18:32:52.0397 3880  vds - ok
18:32:52.0464 3880  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:32:52.0467 3880  vga - ok
18:32:52.0476 3880  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:32:52.0477 3880  VgaSave - ok
18:32:52.0497 3880  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:32:52.0499 3880  viaagp - ok
18:32:52.0514 3880  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:32:52.0517 3880  ViaC7 - ok
18:32:52.0532 3880  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
18:32:52.0534 3880  viaide - ok
18:32:52.0550 3880  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:32:52.0552 3880  volmgr - ok
18:32:52.0604 3880  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:32:52.0612 3880  volmgrx - ok
18:32:52.0657 3880  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:32:52.0662 3880  volsnap - ok
18:32:52.0678 3880  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:32:52.0681 3880  vsmraid - ok
18:32:52.0742 3880  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
18:32:52.0778 3880  VSS - ok
18:32:53.0177 3880  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
18:32:53.0189 3880  W32Time - ok
18:32:53.0225 3880  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:32:53.0227 3880  WacomPen - ok
18:32:53.0243 3880  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:32:53.0247 3880  Wanarp - ok
18:32:53.0252 3880  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:32:53.0253 3880  Wanarpv6 - ok
18:32:53.0305 3880  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:32:53.0329 3880  wcncsvc - ok
18:32:53.0396 3880  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:32:53.0400 3880  WcsPlugInService - ok
18:32:53.0412 3880  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
18:32:53.0413 3880  Wd - ok
18:32:53.0468 3880  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:32:53.0490 3880  Wdf01000 - ok
18:32:53.0551 3880  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:32:53.0557 3880  WdiServiceHost - ok
18:32:53.0562 3880  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:32:53.0566 3880  WdiSystemHost - ok
18:32:53.0617 3880  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
18:32:53.0624 3880  WebClient - ok
18:32:53.0708 3880  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:32:53.0714 3880  Wecsvc - ok
18:32:53.0784 3880  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:32:53.0789 3880  wercplsupport - ok
18:32:53.0827 3880  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:32:53.0832 3880  WerSvc - ok
18:32:53.0914 3880  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:32:53.0993 3880  winachsf - ok
18:32:54.0069 3880  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:32:54.0074 3880  WinDefend - ok
18:32:54.0082 3880  WinHttpAutoProxySvc - ok
18:32:54.0208 3880  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:32:54.0212 3880  Winmgmt - ok
18:32:54.0249 3880  [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0  C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
18:32:54.0251 3880  WinRing0_1_2_0 - ok
18:32:54.0318 3880  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:32:54.0353 3880  WinRM - ok
18:32:54.0429 3880  WisINT15 - ok
18:32:54.0477 3880  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:32:54.0500 3880  Wlansvc - ok
18:32:54.0611 3880  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:32:54.0658 3880  wlidsvc - ok
18:32:54.0692 3880  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:32:54.0708 3880  WmiAcpi - ok
18:32:54.0758 3880  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:32:54.0761 3880  wmiApSrv - ok
18:32:54.0819 3880  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:32:54.0842 3880  WMPNetworkSvc - ok
18:32:54.0902 3880  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:32:54.0908 3880  WPCSvc - ok
18:32:54.0940 3880  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:32:54.0945 3880  WPDBusEnum - ok
18:32:54.0999 3880  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
18:32:55.0000 3880  WpdUsb - ok
18:32:55.0238 3880  [ 120F3B596F79FC990B7D808857A8B3BC ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:32:55.0260 3880  WPFFontCache_v0400 - ok
18:32:55.0313 3880  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:32:55.0314 3880  ws2ifsl - ok
18:32:55.0348 3880  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
18:32:55.0352 3880  wscsvc - ok
18:32:55.0398 3880  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:32:55.0400 3880  WSDPrintDevice - ok
18:32:55.0478 3880  [ 65D1FF8AAFF4A7D8F787A290E5087816 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
18:32:55.0479 3880  WSDScan - ok
18:32:55.0487 3880  WSearch - ok
18:32:55.0589 3880  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
18:32:55.0690 3880  wuauserv - ok
18:32:55.0744 3880  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:32:55.0748 3880  WudfPf - ok
18:32:55.0784 3880  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:32:55.0788 3880  WUDFRd - ok
18:32:55.0832 3880  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:32:55.0837 3880  wudfsvc - ok
18:32:55.0852 3880  x3f2tvaih - ok
18:32:55.0885 3880  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
18:32:55.0888 3880  XAudio - ok
18:32:55.0914 3880  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
18:32:55.0922 3880  XAudioService - ok
18:32:55.0934 3880  znpaqr4ne - ok
18:32:55.0981 3880  ================ Scan global ===============================
18:32:56.0003 3880  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:32:56.0038 3880  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:32:56.0125 3880  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:32:56.0167 3880  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:32:56.0174 3880  [Global] - ok
18:32:56.0175 3880  ================ Scan MBR ==================================
18:32:56.0244 3880  [ F79EF1FA2A5761BF6A7B3A858FC003EE ] \Device\Harddisk0\DR0
18:32:56.0967 3880  \Device\Harddisk0\DR0 - ok
18:32:56.0969 3880  ================ Scan VBR ==================================
18:32:57.0002 3880  [ AAE2E6F6B6EACA9D502335ABFC5FA7C0 ] \Device\Harddisk0\DR0\Partition1
18:32:57.0004 3880  \Device\Harddisk0\DR0\Partition1 - ok
18:32:57.0032 3880  [ 4E9AF9C6DAEBE21352ECFDC68EFA8AAF ] \Device\Harddisk0\DR0\Partition2
18:32:57.0034 3880  \Device\Harddisk0\DR0\Partition2 - ok
18:32:57.0034 3880  ============================================================
18:32:57.0034 3880  Scan finished
18:32:57.0034 3880  ============================================================
18:32:57.0049 5072  Detected object count: 0
18:32:57.0049 5072  Actual detected object count: 0
18:33:07.0849 5232  Deinitialize success

cosinus · 30.07.2013, 22:18

Zitat:

kann AswMBR exe nicht herunterladen. obwohl es 4,5 MB nur sind brauche ich dafür 2 Stunden und tdsskiller lädt direkt.

Bitte später nochmal probieren. Aber zuerst mal machst du bitte den tdsskiller richtig, denn:

Zitat:

18:32:26.0573 3880 Scan started
18:32:26.0573 3880 Mode: Manual;

Du hast ihn nicht richtig eingestellt, beachte bitte die Anleitung und den Screenshot der in der Anleitung zu finden ist

clntbestwud · 31.07.2013, 17:32

TDS

Code:

ATTFilter

18:20:36.0502 3160  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
18:20:36.0811 3160  ============================================================
18:20:36.0811 3160  Current date / time: 2013/07/31 18:20:36.0811
18:20:36.0811 3160  SystemInfo:
18:20:36.0811 3160  
18:20:36.0811 3160  OS Version: 6.0.6002 ServicePack: 2.0
18:20:36.0811 3160  Product type: Workstation
18:20:36.0812 3160  ComputerName: PATRICK-PC
18:20:36.0814 3160  UserName: Patrick
18:20:36.0814 3160  Windows directory: C:\Windows
18:20:36.0814 3160  System windows directory: C:\Windows
18:20:36.0814 3160  Processor architecture: Intel x86
18:20:36.0814 3160  Number of processors: 2
18:20:36.0814 3160  Page size: 0x1000
18:20:36.0814 3160  Boot type: Normal boot
18:20:36.0814 3160  ============================================================
18:20:38.0894 3160  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
18:20:38.0896 3160  ============================================================
18:20:38.0896 3160  \Device\Harddisk0\DR0:
18:20:38.0897 3160  MBR partitions:
18:20:38.0897 3160  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x11D4D000
18:20:38.0897 3160  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x130D5800, BlocksNum 0x11D58800
18:20:38.0897 3160  ============================================================
18:20:38.0933 3160  C: <-> \Device\Harddisk0\DR0\Partition1
18:20:38.0983 3160  D: <-> \Device\Harddisk0\DR0\Partition2
18:20:38.0984 3160  ============================================================
18:20:38.0984 3160  Initialize success
18:20:38.0984 3160  ============================================================
18:20:58.0866 5188  ============================================================
18:20:58.0866 5188  Scan started
18:20:58.0866 5188  Mode: Manual; SigCheck; TDLFS; 
18:20:58.0866 5188  ============================================================
18:21:00.0117 5188  ================ Scan system memory ========================
18:21:00.0117 5188  System memory - ok
18:21:00.0121 5188  ================ Scan services =============================
18:21:00.0376 5188  2sonxkhc3 - ok
18:21:00.0686 5188  [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI            C:\Windows\system32\drivers\acpi.sys
18:21:00.0904 5188  ACPI - ok
18:21:01.0001 5188  [ 9915504F602D277EE47FD843A677FD15 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:21:01.0019 5188  AdobeFlashPlayerUpdateSvc - ok
18:21:01.0067 5188  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:21:01.0098 5188  adp94xx - ok
18:21:01.0137 5188  [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:21:01.0160 5188  adpahci - ok
18:21:01.0198 5188  [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
18:21:01.0217 5188  adpu160m - ok
18:21:01.0296 5188  [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:21:01.0324 5188  adpu320 - ok
18:21:01.0606 5188  [ 9243229DFCCC99B5441750EBA49F1B14 ] AdvancedSystemCareService6 C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe
18:21:01.0661 5188  AdvancedSystemCareService6 - ok
18:21:01.0697 5188  [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:21:01.0980 5188  AeLookupSvc - ok
18:21:02.0065 5188  [ 3911B972B55FEA0478476B2E777B29FA ] AFD             C:\Windows\system32\drivers\afd.sys
18:21:02.0167 5188  AFD - ok
18:21:02.0190 5188  [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:21:02.0208 5188  agp440 - ok
18:21:02.0258 5188  [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
18:21:02.0275 5188  aic78xx - ok
18:21:02.0302 5188  [ A1545B731579895D8CC44FC0481C1192 ] ALG             C:\Windows\System32\alg.exe
18:21:02.0441 5188  ALG - ok
18:21:02.0470 5188  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:21:02.0486 5188  aliide - ok
18:21:02.0510 5188  [ C47344BC706E5F0B9DCE369516661578 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
18:21:02.0526 5188  amdagp - ok
18:21:02.0538 5188  [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide          C:\Windows\system32\drivers\amdide.sys
18:21:02.0555 5188  amdide - ok
18:21:02.0580 5188  [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
18:21:02.0634 5188  AmdK7 - ok
18:21:02.0659 5188  [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:21:02.0728 5188  AmdK8 - ok
18:21:02.0786 5188  [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo         C:\Windows\System32\appinfo.dll
18:21:02.0816 5188  Appinfo - ok
18:21:02.0906 5188  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:21:02.0920 5188  Apple Mobile Device - ok
18:21:03.0004 5188  [ 5D2888182FB46632511ACEE92FDAD522 ] arc             C:\Windows\system32\drivers\arc.sys
18:21:03.0021 5188  arc - ok
18:21:03.0046 5188  [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:21:03.0063 5188  arcsas - ok
18:21:03.0092 5188  [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:21:03.0155 5188  AsyncMac - ok
18:21:03.0201 5188  [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:21:03.0218 5188  atapi - ok
18:21:03.0309 5188  [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:21:03.0339 5188  AudioEndpointBuilder - ok
18:21:03.0520 5188  [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:21:03.0548 5188  Audiosrv - ok
18:21:03.0609 5188  [ 0FE7773CD592DAE0CA994BA987F44E85 ] Avgfwfd         C:\Windows\system32\DRIVERS\avgfwd6x.sys
18:21:03.0631 5188  Avgfwfd - ok
18:21:03.0705 5188  [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws          C:\Program Files\AVG\AVG2013\avgfws.exe
18:21:03.0812 5188  avgfws - ok
18:21:04.0261 5188  [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
18:21:04.0588 5188  AVGIDSAgent - ok
18:21:04.0656 5188  [ 7BB2C605094DBCA536D127B434214862 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
18:21:04.0675 5188  AVGIDSDriver - ok
18:21:04.0710 5188  [ 8F50F98686C9A397A19FCBAE284DB1C5 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
18:21:04.0732 5188  AVGIDSHX - ok
18:21:04.0770 5188  [ A8DE230CC8536790CA07D37FBCD87A74 ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
18:21:04.0783 5188  AVGIDSShim - ok
18:21:04.0820 5188  [ D53D35031365A0ECCB1DC1BC1B15B18E ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
18:21:04.0837 5188  Avgldx86 - ok
18:21:04.0869 5188  [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
18:21:04.0897 5188  Avglogx - ok
18:21:04.0913 5188  [ AF7AA9BA434CD28833A66E90993E8DFD ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
18:21:04.0929 5188  Avgmfx86 - ok
18:21:04.0955 5188  [ F3D57358DE0B8B3491013C615754A7C7 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
18:21:04.0968 5188  Avgrkx86 - ok
18:21:04.0992 5188  [ BA73B38E9033FC6018DB736B635706AE ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
18:21:05.0018 5188  Avgtdix - ok
18:21:05.0046 5188  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
18:21:05.0065 5188  avgwd - ok
18:21:05.0120 5188  [ 6FB43F0DADB3FDC287D080C19666AF8D ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
18:21:05.0178 5188  b57nd60x - ok
18:21:05.0228 5188  [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:21:05.0277 5188  Beep - ok
18:21:05.0348 5188  [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE             C:\Windows\System32\bfe.dll
18:21:05.0438 5188  BFE - ok
18:21:05.0507 5188  [ 93952506C6D67330367F7E7934B6A02F ] BITS            C:\Windows\System32\qmgr.dll
18:21:05.0628 5188  BITS - ok
18:21:05.0656 5188  [ D4DF28447741FD3D953526E33A617397 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
18:21:05.0702 5188  blbdrive - ok
18:21:05.0859 5188  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:21:05.0907 5188  Bonjour Service - ok
18:21:05.0938 5188  [ 35F376253F687BDE63976CCB3F2108CA ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:21:05.0990 5188  bowser - ok
18:21:06.0039 5188  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
18:21:06.0086 5188  BrFiltLo - ok
18:21:06.0103 5188  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
18:21:06.0170 5188  BrFiltUp - ok
18:21:06.0220 5188  [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser         C:\Windows\System32\browser.dll
18:21:06.0282 5188  Browser - ok
18:21:06.0308 5188  [ B304E75CFF293029EDDF094246747113 ] Brserid         C:\Windows\system32\drivers\brserid.sys
18:21:06.0510 5188  Brserid - ok
18:21:06.0546 5188  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
18:21:06.0607 5188  BrSerWdm - ok
18:21:06.0634 5188  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
18:21:06.0710 5188  BrUsbMdm - ok
18:21:06.0727 5188  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
18:21:06.0859 5188  BrUsbSer - ok
18:21:06.0897 5188  [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:21:06.0974 5188  BTHMODEM - ok
18:21:07.0063 5188  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
18:21:07.0078 5188  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
18:21:07.0078 5188  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
18:21:07.0131 5188  [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:21:07.0185 5188  cdfs - ok
18:21:07.0229 5188  [ 6B4BFFB9BECD728097024276430DB314 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:21:07.0275 5188  cdrom - ok
18:21:07.0326 5188  [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:21:07.0376 5188  CertPropSvc - ok
18:21:07.0400 5188  ci3k8t1pt - ok
18:21:07.0415 5188  [ E5D4133F37219DBCFE102BC61072589D ] circlass        C:\Windows\system32\drivers\circlass.sys
18:21:07.0460 5188  circlass - ok
18:21:07.0491 5188  [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS            C:\Windows\system32\CLFS.sys
18:21:07.0518 5188  CLFS - ok
18:21:07.0590 5188  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:21:07.0610 5188  clr_optimization_v2.0.50727_32 - ok
18:21:07.0680 5188  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:21:07.0730 5188  clr_optimization_v4.0.30319_32 - ok
18:21:07.0782 5188  [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
18:21:07.0820 5188  CmBatt - ok
18:21:07.0837 5188  [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:21:07.0852 5188  cmdide - ok
18:21:07.0864 5188  [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
18:21:07.0891 5188  Compbatt - ok
18:21:07.0899 5188  COMSysApp - ok
18:21:07.0929 5188  cpuz135 - ok
18:21:07.0954 5188  [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:21:07.0971 5188  crcdisk - ok
18:21:07.0995 5188  [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
18:21:08.0051 5188  Crusoe - ok
18:21:08.0112 5188  [ 3EDE4C1F9672C972479201544969ADCB ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:21:08.0142 5188  CryptSvc - ok
18:21:08.0214 5188  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:21:08.0296 5188  DcomLaunch - ok
18:21:08.0338 5188  [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:21:08.0382 5188  DfsC - ok
18:21:08.0531 5188  [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR            C:\Windows\system32\DFSR.exe
18:21:08.0869 5188  DFSR - ok
18:21:08.0938 5188  [ 9028559C132146FB75EB7ACF384B086A ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
18:21:09.0002 5188  Dhcp - ok
18:21:09.0039 5188  [ 5D4AEFC3386920236A548271F8F1AF6A ] disk            C:\Windows\system32\drivers\disk.sys
18:21:09.0062 5188  disk - ok
18:21:09.0108 5188  [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr         C:\Windows\system32\DRIVERS\DKbFltr.sys
18:21:09.0128 5188  DKbFltr - ok
18:21:09.0149 5188  [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:21:09.0219 5188  Dnscache - ok
18:21:09.0331 5188  [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:21:09.0422 5188  dot3svc - ok
18:21:09.0472 5188  [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS             C:\Windows\system32\dps.dll
18:21:09.0550 5188  DPS - ok
18:21:09.0574 5188  [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:21:09.0662 5188  drmkaud - ok
18:21:09.0729 5188  [ 687AF6BB383885FF6A64071B189A7F3E ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
18:21:09.0771 5188  dtsoftbus01 - ok
18:21:09.0817 5188  [ 5DE0FAEC9E5D1AAE74F8568897891A01 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:21:09.0910 5188  DXGKrnl - ok
18:21:09.0971 5188  [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
18:21:10.0054 5188  E1G60 - ok
18:21:10.0101 5188  [ C0B95E40D85CD807D614E264248A45B9 ] EapHost         C:\Windows\System32\eapsvc.dll
18:21:10.0193 5188  EapHost - ok
18:21:10.0271 5188  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache          C:\Windows\system32\drivers\ecache.sys
18:21:10.0304 5188  Ecache - ok
18:21:10.0408 5188  [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
18:21:10.0467 5188  eDataSecurity Service - ok
18:21:10.0683 5188  [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:21:10.0779 5188  ehRecvr - ok
18:21:10.0873 5188  [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched         C:\Windows\ehome\ehsched.exe
18:21:10.0947 5188  ehSched - ok
18:21:10.0969 5188  [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart         C:\Windows\ehome\ehstart.dll
18:21:11.0023 5188  ehstart - ok
18:21:11.0110 5188  [ 23B62471681A124889978F6295B3F4C6 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:21:11.0152 5188  elxstor - ok
18:21:11.0230 5188  [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
18:21:11.0374 5188  EMDMgmt - ok
18:21:11.0398 5188  [ 3DB974F3935483555D7148663F726C61 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:21:11.0471 5188  ErrDev - ok
18:21:11.0540 5188  ESEADriver2 - ok
18:21:11.0603 5188  [ F25247D0E011A643EE60052CE23BE05E ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
18:21:11.0675 5188  ETService ( UnsignedFile.Multi.Generic ) - warning
18:21:11.0675 5188  ETService - detected UnsignedFile.Multi.Generic (1)
18:21:11.0741 5188  [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem     C:\Windows\system32\es.dll
18:21:11.0836 5188  EventSystem - ok
18:21:11.0900 5188  [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat           C:\Windows\system32\drivers\exfat.sys
18:21:11.0968 5188  exfat - ok
18:21:12.0003 5188  [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:21:12.0096 5188  fastfat - ok
18:21:12.0140 5188  [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
18:21:12.0228 5188  fdc - ok
18:21:12.0289 5188  [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:21:12.0330 5188  fdPHost - ok
18:21:12.0354 5188  [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:21:12.0443 5188  FDResPub - ok
18:21:12.0509 5188  [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:21:12.0534 5188  FileInfo - ok
18:21:12.0650 5188  [ 7EBAB88FEE6E97397C183ED3B71F0797 ] FileMonitor     C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys
18:21:12.0680 5188  FileMonitor - ok
18:21:12.0709 5188  [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:21:12.0776 5188  Filetrace - ok
18:21:12.0800 5188  [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
18:21:12.0892 5188  flpydisk - ok
18:21:13.0059 5188  [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:21:13.0082 5188  FltMgr - ok
18:21:13.0162 5188  [ 119ACA7CADCA75BEA6B38E999443BAA6 ] FontCache       C:\Windows\system32\FntCache.dll
18:21:13.0295 5188  FontCache - ok
18:21:13.0374 5188  [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
18:21:13.0391 5188  FontCache3.0.0.0 - ok
18:21:13.0436 5188  [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:21:13.0490 5188  Fs_Rec - ok
18:21:13.0563 5188  [ C5A4A998EEA6297A235169CCD1F2D93F ] Futuremark SystemInfo Service C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe
18:21:13.0590 5188  Futuremark SystemInfo Service - ok
18:21:13.0690 5188  [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:21:13.0714 5188  gagp30kx - ok
18:21:13.0833 5188  [ 6FD7F370817F16B5E1F08B91BADAA2EE ] GoogleDesktopManager-080708-050100 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
18:21:13.0859 5188  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - warning
18:21:13.0859 5188  GoogleDesktopManager-080708-050100 - detected UnsignedFile.Multi.Generic (1)
18:21:13.0916 5188  [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:21:14.0003 5188  gpsvc - ok
18:21:14.0030 5188  guardian - ok
18:21:14.0079 5188  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:21:14.0097 5188  gupdate - ok
18:21:14.0112 5188  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:21:14.0130 5188  gupdatem - ok
18:21:14.0220 5188  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
18:21:14.0243 5188  gusvc - ok
18:21:14.0292 5188  h3zest73x - ok
18:21:14.0359 5188  [ 3F90E001369A07243763BD5A523D8722 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:21:14.0401 5188  HdAudAddService - ok
18:21:14.0454 5188  [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:21:14.0555 5188  HDAudBus - ok
18:21:14.0591 5188  [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:21:14.0669 5188  HidBth - ok
18:21:14.0717 5188  [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr           C:\Windows\system32\drivers\hidir.sys
18:21:14.0864 5188  HidIr - ok
18:21:14.0906 5188  [ 84067081F3318162797385E11A8F0582 ] hidserv         C:\Windows\system32\hidserv.dll
18:21:14.0950 5188  hidserv - ok
18:21:15.0020 5188  [ 7F7E5E98CEFED8A10F7E56810EA7B6DF ] hidshim         C:\Windows\system32\DRIVERS\hidshim.sys
18:21:15.0104 5188  hidshim - ok
18:21:15.0138 5188  [ CCA4B519B17E23A00B826C55716809CC ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:21:15.0170 5188  HidUsb - ok
18:21:15.0307 5188  [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:21:15.0390 5188  hkmsvc - ok
18:21:15.0429 5188  [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
18:21:15.0454 5188  HpCISSs - ok
18:21:15.0499 5188  [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL        C:\Windows\system32\DRIVERS\VSTAZL3.SYS
18:21:15.0548 5188  HSFHWAZL - ok
18:21:15.0624 5188  [ 7BC42C65B5C6281777C1A7605B253BA8 ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
18:21:15.0807 5188  HSF_DPV - ok
18:21:15.0860 5188  [ 9EBF2D102CCBB6BCDFBF1B7922F8BA2E ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
18:21:15.0893 5188  HSXHWAZL - ok
18:21:16.0003 5188  [ F870AA3E254628EBEAFE754108D664DE ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:21:16.0125 5188  HTTP - ok
18:21:16.0157 5188  [ C6B032D69650985468160FC9937CF5B4 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
18:21:16.0177 5188  i2omp - ok
18:21:16.0258 5188  [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:21:16.0342 5188  i8042prt - ok
18:21:16.0371 5188  [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
18:21:16.0403 5188  iaStorV - ok
18:21:16.0482 5188  [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:21:16.0568 5188  idsvc - ok
18:21:16.0590 5188  [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:21:16.0621 5188  iirsp - ok
18:21:16.0679 5188  [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:21:16.0775 5188  IKEEXT - ok
18:21:16.0821 5188  [ 24EA4E2F76E216CE70353736E3556585 ] IMFservice      C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
18:21:16.0863 5188  IMFservice - ok
18:21:16.0943 5188  [ 58FF11C95C3681C9250914521CB9F036 ] int15           C:\Windows\system32\drivers\int15.sys
18:21:16.0965 5188  int15 - ok
18:21:17.0118 5188  [ F2C17D2C3D70C389193D9954E375E5E3 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
18:21:17.0467 5188  IntcAzAudAddService - ok
18:21:17.0499 5188  [ 83AA759F3189E6370C30DE5DC5590718 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:21:17.0522 5188  intelide - ok
18:21:17.0572 5188  [ 224191001E78C89DFA78924C3EA595FF ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:21:17.0631 5188  intelppm - ok
18:21:17.0688 5188  [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:21:17.0750 5188  IPBusEnum - ok
18:21:17.0792 5188  [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:21:17.0851 5188  IpFilterDriver - ok
18:21:17.0949 5188  [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:21:18.0029 5188  iphlpsvc - ok
18:21:18.0039 5188  IpInIp - ok
18:21:18.0069 5188  [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
18:21:18.0178 5188  IPMIDRV - ok
18:21:18.0223 5188  [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
18:21:18.0279 5188  IPNAT - ok
18:21:18.0317 5188  [ E50A95179211B12946F7E035D60AF560 ] irda            C:\Windows\system32\DRIVERS\irda.sys
18:21:18.0385 5188  irda - ok
18:21:18.0392 5188  [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:21:18.0442 5188  IRENUM - ok
18:21:18.0466 5188  [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon           C:\Windows\System32\irmon.dll
18:21:18.0572 5188  Irmon - ok
18:21:18.0628 5188  [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:21:18.0654 5188  isapnp - ok
18:21:18.0726 5188  [ 232FA340531D940AAC623B121A595034 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
18:21:18.0763 5188  iScsiPrt - ok
18:21:18.0789 5188  [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
18:21:18.0806 5188  iteatapi - ok
18:21:18.0832 5188  [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid         C:\Windows\system32\drivers\iteraid.sys
18:21:18.0849 5188  iteraid - ok
18:21:18.0892 5188  [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:21:18.0918 5188  kbdclass - ok
18:21:18.0951 5188  [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:21:19.0074 5188  kbdhid - ok
18:21:19.0122 5188  [ A3E186B4B935905B829219502557314E ] KeyIso          C:\Windows\system32\lsass.exe
18:21:19.0194 5188  KeyIso - ok
18:21:19.0240 5188  [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:21:19.0288 5188  KSecDD - ok
18:21:19.0331 5188  [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:21:19.0410 5188  KtmRm - ok
18:21:19.0448 5188  [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:21:19.0532 5188  LanmanServer - ok
18:21:19.0590 5188  [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:21:19.0636 5188  LanmanWorkstation - ok
18:21:19.0709 5188  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
18:21:19.0738 5188  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
18:21:19.0738 5188  LightScribeService - detected UnsignedFile.Multi.Generic (1)
18:21:19.0770 5188  [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:21:19.0816 5188  lltdio - ok
18:21:19.0852 5188  [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:21:19.0959 5188  lltdsvc - ok
18:21:19.0982 5188  [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:21:20.0148 5188  lmhosts - ok
18:21:20.0180 5188  [ C7E15E82879BF3235B559563D4185365 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:21:20.0211 5188  LSI_FC - ok
18:21:20.0235 5188  [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:21:20.0259 5188  LSI_SAS - ok
18:21:20.0291 5188  [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:21:20.0319 5188  LSI_SCSI - ok
18:21:20.0348 5188  [ 8F5C7426567798E62A3B3614965D62CC ] luafv           C:\Windows\system32\drivers\luafv.sys
18:21:20.0408 5188  luafv - ok
18:21:20.0601 5188  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
18:21:20.0621 5188  MBAMProtector - ok
18:21:20.0741 5188  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   D:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:21:20.0787 5188  MBAMScheduler - ok
18:21:20.0858 5188  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     D:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:21:20.0925 5188  MBAMService - ok
18:21:20.0977 5188  [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:21:21.0020 5188  Mcx2Svc - ok
18:21:21.0053 5188  [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
18:21:21.0093 5188  mdmxsdk - ok
18:21:21.0138 5188  [ 0001CE609D66632FA17B84705F658879 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:21:21.0158 5188  megasas - ok
18:21:21.0201 5188  [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
18:21:21.0246 5188  MegaSR - ok
18:21:21.0389 5188  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS           C:\Windows\system32\mmcss.dll
18:21:21.0468 5188  MMCSS - ok
18:21:21.0523 5188  MobilityService - ok
18:21:21.0549 5188  [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem           C:\Windows\system32\drivers\modem.sys
18:21:21.0592 5188  Modem - ok
18:21:21.0639 5188  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:21:21.0707 5188  monitor - ok
18:21:21.0740 5188  [ 5BF6A1326A335C5298477754A506D263 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:21:21.0760 5188  mouclass - ok
18:21:21.0815 5188  [ 93B8D4869E12CFBE663915502900876F ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:21:21.0888 5188  mouhid - ok
18:21:21.0909 5188  [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
18:21:21.0940 5188  MountMgr - ok
18:21:21.0997 5188  [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:21:22.0018 5188  MozillaMaintenance - ok
18:21:22.0068 5188  [ 511D011289755DD9F9A7579FB0B064E6 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:21:22.0091 5188  mpio - ok
18:21:22.0108 5188  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:21:22.0170 5188  mpsdrv - ok
18:21:22.0249 5188  [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:21:22.0323 5188  MpsSvc - ok
18:21:22.0377 5188  [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
18:21:22.0398 5188  Mraid35x - ok
18:21:22.0453 5188  [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:21:22.0539 5188  MRxDAV - ok
18:21:22.0571 5188  [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:21:22.0634 5188  mrxsmb - ok
18:21:22.0649 5188  [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:21:22.0702 5188  mrxsmb10 - ok
18:21:22.0749 5188  [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:21:22.0801 5188  mrxsmb20 - ok
18:21:22.0869 5188  [ 5457DCFA7C0DA43522F4D9D4049C1472 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:21:22.0891 5188  msahci - ok
18:21:22.0927 5188  [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:21:22.0953 5188  msdsm - ok
18:21:22.0989 5188  [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC           C:\Windows\System32\msdtc.exe
18:21:23.0081 5188  MSDTC - ok
18:21:23.0138 5188  [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:21:23.0220 5188  Msfs - ok
18:21:23.0250 5188  [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:21:23.0274 5188  msisadrv - ok
18:21:23.0388 5188  [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:21:23.0426 5188  MSiSCSI - ok
18:21:23.0432 5188  msiserver - ok
18:21:23.0467 5188  [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:21:23.0540 5188  MSKSSRV - ok
18:21:23.0561 5188  [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:21:23.0625 5188  MSPCLOCK - ok
18:21:23.0682 5188  [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:21:23.0739 5188  MSPQM - ok
18:21:23.0793 5188  [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:21:23.0827 5188  MsRPC - ok
18:21:23.0857 5188  [ E384487CB84BE41D09711C30CA79646C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:21:23.0889 5188  mssmbios - ok
18:21:23.0909 5188  [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:21:23.0976 5188  MSTEE - ok
18:21:23.0988 5188  [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup             C:\Windows\system32\Drivers\mup.sys
18:21:24.0011 5188  Mup - ok
18:21:24.0053 5188  [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent        C:\Windows\system32\qagentRT.dll
18:21:24.0160 5188  napagent - ok
18:21:24.0227 5188  [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:21:24.0291 5188  NativeWifiP - ok
18:21:24.0417 5188  [ F46070DDADA5C396B1F2EBF1C46DBB08 ] NBService       C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
18:21:24.0478 5188  NBService - ok
18:21:24.0559 5188  [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:21:24.0647 5188  NDIS - ok
18:21:24.0692 5188  [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:21:24.0762 5188  NdisTapi - ok
18:21:24.0782 5188  [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:21:24.0826 5188  Ndisuio - ok
18:21:24.0892 5188  [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:21:24.0943 5188  NdisWan - ok
18:21:24.0978 5188  [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:21:25.0051 5188  NDProxy - ok
18:21:25.0079 5188  [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:21:25.0170 5188  NetBIOS - ok
18:21:25.0213 5188  [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
18:21:25.0303 5188  netbt - ok
18:21:25.0348 5188  [ A3E186B4B935905B829219502557314E ] Netlogon        C:\Windows\system32\lsass.exe
18:21:25.0400 5188  Netlogon - ok
18:21:25.0460 5188  [ C8052711DAECC48B982434C5116CA401 ] Netman          C:\Windows\System32\netman.dll
18:21:25.0566 5188  Netman - ok
18:21:25.0605 5188  [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm        C:\Windows\System32\netprofm.dll
18:21:25.0747 5188  netprofm - ok
18:21:26.0117 5188  [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:21:26.0153 5188  NetTcpPortSharing - ok
18:21:26.0339 5188  [ 0B214C6A4728F085FB64A29ED9C4DE94 ] NETw5v32        C:\Windows\system32\DRIVERS\NETw5v32.sys
18:21:26.0603 5188  NETw5v32 - ok
18:21:26.0651 5188  [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:21:26.0671 5188  nfrd960 - ok
18:21:26.0721 5188  [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:21:26.0783 5188  NlaSvc - ok
18:21:26.0888 5188  [ 433049770B810D7C83C5C94CDB3E09D2 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
18:21:26.0912 5188  NMIndexingService - ok
18:21:27.0070 5188  [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:21:27.0146 5188  Npfs - ok
18:21:27.0172 5188  [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA         C:\Windows\system32\DRIVERS\nscirda.sys
18:21:27.0243 5188  NSCIRDA - ok
18:21:27.0276 5188  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi             C:\Windows\system32\nsisvc.dll
18:21:27.0339 5188  nsi - ok
18:21:27.0478 5188  [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:21:27.0556 5188  nsiproxy - ok
18:21:27.0733 5188  [ 2C1121F2B87E9A6B12485DF53CD848C7 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:21:27.0870 5188  Ntfs - ok
18:21:27.0920 5188  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
18:21:27.0939 5188  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
18:21:27.0939 5188  NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
18:21:27.0983 5188  [ 2757D2BA59AEE155209E24942AB127C9 ] NTIDrvr         C:\Windows\system32\DRIVERS\NTIDrvr.sys
18:21:28.0002 5188  NTIDrvr - ok
18:21:28.0023 5188  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
18:21:28.0049 5188  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
18:21:28.0049 5188  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
18:21:28.0078 5188  [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
18:21:28.0179 5188  ntrigdigi - ok
18:21:28.0230 5188  [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null            C:\Windows\system32\drivers\Null.sys
18:21:28.0272 5188  Null - ok
18:21:28.0309 5188  [ 85D8845B7B6A434B7CE35723BF0E5C57 ] nuvotonhidgeneric C:\Windows\system32\DRIVERS\nuvotonhidgeneric.sys
18:21:28.0351 5188  nuvotonhidgeneric - ok
18:21:28.0412 5188  [ A103F2A100B091809A120A1463BC9EB5 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
18:21:28.0445 5188  NVHDA - ok
18:21:28.0750 5188  [ ED4239D1B92BDBA4F85C62A6F904E64B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:21:29.0296 5188  nvlddmkm - ok
18:21:29.0351 5188  [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:21:29.0386 5188  nvraid - ok
18:21:29.0414 5188  [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:21:29.0439 5188  nvstor - ok
18:21:29.0513 5188  [ E74F08719D6C92FDA6092D0E36E33CAB ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:21:29.0564 5188  nvsvc - ok
18:21:29.0662 5188  [ A6204EB813259F81217F65A02EDC5F09 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:21:29.0771 5188  nvUpdatusService - ok
18:21:29.0806 5188  [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:21:29.0833 5188  nv_agp - ok
18:21:29.0857 5188  NwlnkFlt - ok
18:21:29.0880 5188  NwlnkFwd - ok
18:21:29.0928 5188  [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
18:21:29.0981 5188  ohci1394 - ok
18:21:30.0030 5188  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:21:30.0051 5188  ose - ok
18:21:30.0374 5188  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:21:30.0735 5188  osppsvc - ok
18:21:30.0799 5188  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
18:21:30.0913 5188  p2pimsvc - ok
18:21:30.0934 5188  [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc          C:\Windows\system32\p2psvc.dll
18:21:30.0981 5188  p2psvc - ok
18:21:31.0010 5188  [ 0FA9B5055484649D63C303FE404E5F4D ] Parport         C:\Windows\system32\drivers\parport.sys
18:21:31.0077 5188  Parport - ok
18:21:31.0151 5188  [ B9C2B89F08670E159F7181891E449CD9 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:21:31.0178 5188  partmgr - ok
18:21:31.0219 5188  [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
18:21:31.0300 5188  Parvdm - ok
18:21:31.0340 5188  [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:21:31.0389 5188  PcaSvc - ok
18:21:31.0450 5188  [ 941DC1D19E7E8620F40BBC206981EFDB ] pci             C:\Windows\system32\drivers\pci.sys
18:21:31.0481 5188  pci - ok
18:21:31.0527 5188  [ FC175F5DDAB666D7F4D17449A547626F ] pciide          C:\Windows\system32\drivers\pciide.sys
18:21:31.0549 5188  pciide - ok
18:21:31.0591 5188  [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
18:21:31.0618 5188  pcmcia - ok
18:21:31.0690 5188  [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:21:31.0823 5188  PEAUTH - ok
18:21:31.0949 5188  [ B1689DF169143F57053F795390C99DB3 ] pla             C:\Windows\system32\pla.dll
18:21:32.0126 5188  pla - ok
18:21:32.0173 5188  [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:21:32.0229 5188  PlugPlay - ok
18:21:32.0267 5188  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
18:21:32.0309 5188  PNRPAutoReg - ok
18:21:32.0369 5188  [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
18:21:32.0408 5188  PNRPsvc - ok
18:21:32.0467 5188  [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:21:32.0539 5188  PolicyAgent - ok
18:21:32.0590 5188  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:21:32.0642 5188  PptpMiniport - ok
18:21:32.0670 5188  [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor       C:\Windows\system32\drivers\processr.sys
18:21:32.0721 5188  Processor - ok
18:21:32.0773 5188  [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:21:32.0816 5188  ProfSvc - ok
18:21:32.0841 5188  [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
18:21:32.0871 5188  ProtectedStorage - ok
18:21:32.0919 5188  [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
18:21:33.0024 5188  PSched - ok
18:21:33.0130 5188  [ 628321C8DD76AD369B362B202E655A68 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
18:21:33.0164 5188  PSDFilter - ok
18:21:33.0216 5188  [ 79D7117E62709C7690CF3DD55ACEAD37 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
18:21:33.0231 5188  PSDNServ - ok
18:21:33.0328 5188  [ CAE5E82827990CF4BD4A49576BDE3A43 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
18:21:33.0344 5188  psdvdisk - ok
18:21:33.0441 5188  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:21:33.0538 5188  ql2300 - ok
18:21:33.0564 5188  [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:21:33.0591 5188  ql40xx - ok
18:21:33.0701 5188  [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE           C:\Windows\system32\qwave.dll
18:21:33.0793 5188  QWAVE - ok
18:21:33.0822 5188  [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:21:33.0852 5188  QWAVEdrv - ok
18:21:33.0879 5188  [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:21:33.0955 5188  RasAcd - ok
18:21:33.0980 5188  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto         C:\Windows\System32\rasauto.dll
18:21:34.0084 5188  RasAuto - ok
18:21:34.0180 5188  [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:21:34.0223 5188  Rasl2tp - ok
18:21:34.0362 5188  [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan          C:\Windows\System32\rasmans.dll
18:21:34.0491 5188  RasMan - ok
18:21:34.0540 5188  [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:21:34.0632 5188  RasPppoe - ok
18:21:34.0662 5188  [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:21:34.0692 5188  RasSstp - ok
18:21:34.0742 5188  [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:21:34.0783 5188  rdbss - ok
18:21:34.0830 5188  [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:21:34.0922 5188  RDPCDD - ok
18:21:35.0205 5188  [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
18:21:35.0249 5188  rdpdr - ok
18:21:35.0295 5188  [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:21:35.0354 5188  RDPENCDD - ok
18:21:35.0406 5188  [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:21:35.0473 5188  RDPWD - ok
18:21:35.0539 5188  [ 488F6A96E03A5A61B7F1FA6A6AB75457 ] RegFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
18:21:35.0556 5188  RegFilter - ok
18:21:35.0609 5188  [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:21:35.0663 5188  RemoteAccess - ok
18:21:35.0710 5188  [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:21:35.0748 5188  RemoteRegistry - ok
18:21:35.0842 5188  [ 17E0BEF5CA5C9CE52CC8082AC6EBC449 ] RichVideo       c:\Program Files\Cyberlink\Shared files\RichVideo.exe
18:21:35.0884 5188  RichVideo - ok
18:21:35.0934 5188  [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator      C:\Windows\system32\locator.exe
18:21:36.0001 5188  RpcLocator - ok
18:21:36.0042 5188  [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs           C:\Windows\system32\rpcss.dll
18:21:36.0091 5188  RpcSs - ok
18:21:36.0133 5188  [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:21:36.0184 5188  rspndr - ok
18:21:36.0224 5188  [ 8DAB5975B5C7923D61506A48E251DBAD ] RTSTOR          C:\Windows\system32\drivers\RTSTOR.SYS
18:21:36.0274 5188  RTSTOR - ok
18:21:36.0432 5188  [ 83E13824259AB95E5EA919C9597A7FE1 ] RzSynapse       C:\Windows\system32\DRIVERS\RzSynapse.sys
18:21:36.0465 5188  RzSynapse - ok
18:21:36.0488 5188  [ A3E186B4B935905B829219502557314E ] SamSs           C:\Windows\system32\lsass.exe
18:21:36.0538 5188  SamSs - ok
18:21:36.0571 5188  [ 3CE8F073A557E172B330109436984E30 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:21:36.0596 5188  sbp2port - ok
18:21:36.0653 5188  [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:21:36.0705 5188  SCardSvr - ok
18:21:36.0804 5188  [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule        C:\Windows\system32\schedsvc.dll
18:21:36.0868 5188  Schedule - ok
18:21:36.0910 5188  [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:21:36.0959 5188  SCPolicySvc - ok
18:21:37.0014 5188  [ 126EA89BCC413EE45E3004FB0764888F ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
18:21:37.0081 5188  sdbus - ok
18:21:37.0141 5188  [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:21:37.0201 5188  SDRSVC - ok
18:21:37.0239 5188  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:21:37.0354 5188  secdrv - ok
18:21:37.0373 5188  [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon        C:\Windows\system32\seclogon.dll
18:21:37.0463 5188  seclogon - ok
18:21:37.0560 5188  [ A9BBAB5759771E523F55563D6CBE140F ] SENS            C:\Windows\System32\sens.dll
18:21:37.0646 5188  SENS - ok
18:21:37.0709 5188  [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum         C:\Windows\system32\drivers\serenum.sys
18:21:37.0787 5188  Serenum - ok
18:21:37.0828 5188  [ C70D69A918B178D3C3B06339B40C2E1B ] Serial          C:\Windows\system32\drivers\serial.sys
18:21:37.0937 5188  Serial - ok
18:21:37.0978 5188  [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:21:38.0046 5188  sermouse - ok
18:21:38.0138 5188  [ D2193326F729B163125610DBF3E17D57 ] SessionEnv      C:\Windows\system32\sessenv.dll
18:21:38.0219 5188  SessionEnv - ok
18:21:38.0250 5188  [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:21:38.0304 5188  sffdisk - ok
18:21:38.0388 5188  [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:21:38.0440 5188  sffp_mmc - ok
18:21:38.0474 5188  [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:21:38.0511 5188  sffp_sd - ok
18:21:38.0533 5188  [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:21:38.0621 5188  sfloppy - ok
18:21:38.0817 5188  [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:21:38.0899 5188  SharedAccess - ok
18:21:38.0939 5188  [ 179AF7B52C59EED5635F69870D9E75E0 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:21:38.0969 5188  ShellHWDetection ( UnsignedFile.Multi.Generic ) - warning
18:21:38.0969 5188  ShellHWDetection - detected UnsignedFile.Multi.Generic (1)
18:21:39.0018 5188  [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
18:21:39.0044 5188  sisagp - ok
18:21:39.0081 5188  [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
18:21:39.0104 5188  SiSRaid2 - ok
18:21:39.0134 5188  [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:21:39.0155 5188  SiSRaid4 - ok
18:21:39.0208 5188  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:21:39.0228 5188  SkypeUpdate - ok
18:21:39.0357 5188  [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc           C:\Windows\system32\SLsvc.exe
18:21:39.0853 5188  slsvc - ok
18:21:39.0929 5188  [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify      C:\Windows\system32\SLUINotify.dll
18:21:40.0016 5188  SLUINotify - ok
18:21:40.0069 5188  [ 46B40982AF166BF89C3F51FB13E60D6D ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
18:21:40.0105 5188  SmartDefragDriver - ok
18:21:40.0169 5188  [ 7B75299A4D201D6A6533603D6914AB04 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:21:40.0293 5188  Smb - ok
18:21:40.0382 5188  [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:21:40.0452 5188  SNMPTRAP - ok
18:21:40.0508 5188  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr           C:\Windows\system32\drivers\spldr.sys
18:21:40.0532 5188  spldr - ok
18:21:40.0649 5188  [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler         C:\Windows\System32\spoolsv.exe
18:21:40.0717 5188  Spooler - ok
18:21:40.0755 5188  [ 7B426B8E809EDF081D771EF429345528 ] sp_rsdrv2       C:\Windows\system32\drivers\sp_rsdrv2.sys
18:21:40.0778 5188  sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - warning
18:21:40.0778 5188  sp_rsdrv2 - detected UnsignedFile.Multi.Generic (1)
18:21:40.0824 5188  [ 41987F9FC0E61ADF54F581E15029AD91 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:21:40.0889 5188  srv - ok
18:21:40.0922 5188  [ FF33AFF99564B1AA534F58868CBE41EF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:21:40.0972 5188  srv2 - ok
18:21:41.0000 5188  [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:21:41.0057 5188  srvnet - ok
18:21:41.0134 5188  [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:21:41.0270 5188  SSDPSRV - ok
18:21:41.0330 5188  [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:21:41.0393 5188  SstpSvc - ok
18:21:41.0478 5188  [ 3F92D423973F582B2A86065344367AC4 ] ST2012_Svc      C:\Program Files\Spyware Terminator\st_rsser.exe
18:21:41.0522 5188  ST2012_Svc - ok
18:21:41.0553 5188  Steam Client Service - ok
18:21:41.0614 5188  [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc          C:\Windows\System32\wiaservc.dll
18:21:41.0691 5188  stisvc - ok
18:21:41.0729 5188  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:21:41.0790 5188  swenum - ok
18:21:41.0960 5188  [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv           C:\Windows\System32\swprv.dll
18:21:42.0054 5188  swprv - ok
18:21:42.0072 5188  [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
18:21:42.0102 5188  Symc8xx - ok
18:21:42.0129 5188  [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
18:21:42.0163 5188  Sym_hi - ok
18:21:42.0262 5188  [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
18:21:42.0286 5188  Sym_u3 - ok
18:21:42.0331 5188  [ 4C9BB4B3B9EAC26211484C30B914C6DC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
18:21:42.0371 5188  SynTP - ok
18:21:42.0452 5188  [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain         C:\Windows\system32\sysmain.dll
18:21:42.0512 5188  SysMain - ok
18:21:42.0561 5188  [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:21:42.0592 5188  TabletInputService - ok
18:21:42.0649 5188  [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:21:42.0728 5188  TapiSrv - ok
18:21:42.0759 5188  [ CB05822CD9CC6C688168E113C603DBE7 ] TBS             C:\Windows\System32\tbssvc.dll
18:21:42.0805 5188  TBS - ok
18:21:42.0858 5188  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:21:42.0974 5188  Tcpip - ok
18:21:43.0016 5188  [ 548E198BAE21EFC21F8B5F0C1728AD27 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
18:21:43.0055 5188  Tcpip6 - ok
18:21:43.0090 5188  [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:21:43.0126 5188  tcpipreg - ok
18:21:43.0187 5188  [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:21:43.0219 5188  TDPIPE - ok
18:21:43.0244 5188  [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:21:43.0275 5188  TDTCP - ok
18:21:43.0319 5188  [ 76B06EB8A01FC8624D699E7045303E54 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:21:43.0391 5188  tdx - ok
18:21:43.0537 5188  [ 4A84526076717F87F3E1AD24AB28FB5A ] TeamViewer7     C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
18:21:43.0776 5188  TeamViewer7 - ok
18:21:43.0807 5188  [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:21:43.0826 5188  TermDD - ok
18:21:44.0102 5188  [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService     C:\Windows\System32\termsrv.dll
18:21:44.0199 5188  TermService - ok
18:21:44.0231 5188  [ 179AF7B52C59EED5635F69870D9E75E0 ] Themes          C:\Windows\system32\shsvcs.dll
18:21:44.0252 5188  Themes ( UnsignedFile.Multi.Generic ) - warning
18:21:44.0252 5188  Themes - detected UnsignedFile.Multi.Generic (1)
18:21:44.0313 5188  [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER     C:\Windows\system32\mmcss.dll
18:21:44.0352 5188  THREADORDER - ok
18:21:44.0390 5188  [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks          C:\Windows\System32\trkwks.dll
18:21:44.0451 5188  TrkWks - ok
18:21:44.0721 5188  [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:21:44.0748 5188  TrustedInstaller - ok
18:21:44.0777 5188  [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:21:44.0835 5188  tssecsrv - ok
18:21:44.0959 5188  [ FC740E4FF236B72CA59B8F762D30C7F3 ] TuneUp.UtilitiesSvc C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
18:21:45.0135 5188  TuneUp.UtilitiesSvc - ok
18:21:45.0169 5188  [ 94C4CD2D19B8C4137A46261F229FEC24 ] TuneUpUtilitiesDrv C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys
18:21:45.0193 5188  TuneUpUtilitiesDrv - ok
18:21:45.0215 5188  [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
18:21:45.0252 5188  tunmp - ok
18:21:45.0285 5188  [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:21:45.0303 5188  tunnel - ok
18:21:45.0342 5188  [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:21:45.0365 5188  uagp35 - ok
18:21:45.0405 5188  [ F763E070843EE2803DE1395002B42938 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
18:21:45.0418 5188  UBHelper - ok
18:21:45.0481 5188  [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:21:45.0536 5188  udfs - ok
18:21:45.0879 5188  [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:21:45.0929 5188  UI0Detect - ok
18:21:45.0954 5188  [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:21:45.0972 5188  uliagpkx - ok
18:21:46.0035 5188  [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci         C:\Windows\system32\drivers\uliahci.sys
18:21:46.0058 5188  uliahci - ok
18:21:46.0118 5188  [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata          C:\Windows\system32\drivers\ulsata.sys
18:21:46.0144 5188  UlSata - ok
18:21:46.0168 5188  [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
18:21:46.0185 5188  ulsata2 - ok
18:21:46.0202 5188  [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:21:46.0244 5188  umbus - ok
18:21:46.0280 5188  [ 88BD96A1BAEED33EE8BDF9499C07A841 ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
18:21:46.0333 5188  UMPass - ok
18:21:46.0457 5188  [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost        C:\Windows\System32\upnphost.dll
18:21:46.0630 5188  upnphost - ok
18:21:46.0734 5188  [ 085C7D657B6594D73A473EE55079810B ] UrlFilter       C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys
18:21:46.0748 5188  UrlFilter - ok
18:21:46.0791 5188  [ 73B41F4EAD65F355962168D766AF0F2E ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
18:21:46.0841 5188  USBAAPL - ok
18:21:46.0885 5188  [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
18:21:46.0916 5188  usbccgp - ok
18:21:46.0951 5188  [ E9476E6C486E76BC4898074768FB7131 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:21:47.0002 5188  usbcir - ok
18:21:47.0127 5188  [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
18:21:47.0176 5188  usbehci - ok
18:21:47.0206 5188  [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
18:21:47.0242 5188  usbhub - ok
18:21:47.0264 5188  [ 38DBC7DD6CC5A72011F187425384388B ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:21:47.0330 5188  usbohci - ok
18:21:47.0368 5188  [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
18:21:47.0415 5188  usbprint - ok
18:21:47.0467 5188  [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:21:47.0492 5188  USBSTOR - ok
18:21:47.0509 5188  [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
18:21:47.0534 5188  usbuhci - ok
18:21:47.0559 5188  [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
18:21:47.0628 5188  usbvideo - ok
18:21:48.0089 5188  [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms           C:\Windows\System32\uxsms.dll
18:21:48.0141 5188  UxSms - ok
18:21:48.0181 5188  [ FCE98C43B5C5DB8E0DA8EA0E2B45E044 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
18:21:48.0227 5188  VClone - ok
18:21:48.0269 5188  [ CD88D1B7776DC17A119049742EC07EB4 ] vds             C:\Windows\System32\vds.exe
18:21:48.0323 5188  vds - ok
18:21:48.0358 5188  [ 87B06E1F30B749A114F74622D013F8D4 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:21:48.0391 5188  vga - ok
18:21:48.0414 5188  [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:21:48.0449 5188  VgaSave - ok
18:21:48.0501 5188  [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp          C:\Windows\system32\drivers\viaagp.sys
18:21:48.0519 5188  viaagp - ok
18:21:48.0542 5188  [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7           C:\Windows\system32\drivers\viac7.sys
18:21:48.0572 5188  ViaC7 - ok
18:21:48.0604 5188  [ AADF5587A4063F52C2C3FED7887426FC ] viaide          C:\Windows\system32\drivers\viaide.sys
18:21:48.0632 5188  viaide - ok
18:21:48.0666 5188  [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:21:48.0684 5188  volmgr - ok
18:21:48.0731 5188  [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:21:48.0782 5188  volmgrx - ok
18:21:48.0829 5188  [ 786DB5771F05EF300390399F626BF30A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:21:48.0855 5188  volsnap - ok
18:21:48.0872 5188  [ 587253E09325E6BF226B299774B728A9 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:21:48.0899 5188  vsmraid - ok
18:21:49.0092 5188  [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS             C:\Windows\system32\vssvc.exe
18:21:49.0213 5188  VSS - ok
18:21:49.0270 5188  [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time         C:\Windows\system32\w32time.dll
18:21:49.0335 5188  W32Time - ok
18:21:49.0374 5188  [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:21:49.0458 5188  WacomPen - ok
18:21:49.0715 5188  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
18:21:49.0742 5188  Wanarp - ok
18:21:49.0751 5188  [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:21:49.0776 5188  Wanarpv6 - ok
18:21:50.0111 5188  [ A3CD60FD826381B49F03832590E069AF ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:21:50.0168 5188  wcncsvc - ok
18:21:50.0223 5188  [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:21:50.0301 5188  WcsPlugInService - ok
18:21:50.0328 5188  [ 78FE9542363F297B18C027B2D7E7C07F ] Wd              C:\Windows\system32\drivers\wd.sys
18:21:50.0348 5188  Wd - ok
18:21:50.0454 5188  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:21:50.0548 5188  Wdf01000 - ok
18:21:50.0581 5188  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:21:50.0713 5188  WdiServiceHost - ok
18:21:50.0730 5188  [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:21:50.0784 5188  WdiSystemHost - ok
18:21:50.0859 5188  [ 04C37D8107320312FBAE09926103D5E2 ] WebClient       C:\Windows\System32\webclnt.dll
18:21:50.0973 5188  WebClient - ok
18:21:51.0031 5188  [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:21:51.0073 5188  Wecsvc - ok
18:21:51.0112 5188  [ 670FF720071ED741206D69BD995EA453 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:21:51.0173 5188  wercplsupport - ok
18:21:51.0211 5188  [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:21:51.0240 5188  WerSvc - ok
18:21:51.0545 5188  [ 5A77AC34A0FFB70CE8B35B524FEDE9BA ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
18:21:51.0629 5188  winachsf - ok
18:21:51.0787 5188  [ 4575AA12561C5648483403541D0D7F2B ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
18:21:51.0861 5188  WinDefend - ok
18:21:51.0874 5188  WinHttpAutoProxySvc - ok
18:21:51.0959 5188  [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:21:51.0988 5188  Winmgmt - ok
18:21:52.0033 5188  [ 845AF1BA23C8D5E64DEF61BCC441604C ] WinRing0_1_2_0  C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys
18:21:52.0071 5188  WinRing0_1_2_0 - ok
18:21:52.0135 5188  [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:21:52.0231 5188  WinRM - ok
18:21:52.0282 5188  WisINT15 - ok
18:21:52.0338 5188  [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:21:52.0380 5188  Wlansvc - ok
18:21:52.0495 5188  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:21:52.0603 5188  wlidsvc - ok
18:21:52.0643 5188  [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:21:52.0683 5188  WmiAcpi - ok
18:21:53.0098 5188  [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:21:53.0146 5188  wmiApSrv - ok
18:21:53.0206 5188  [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
18:21:53.0285 5188  WMPNetworkSvc - ok
18:21:53.0308 5188  [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:21:53.0355 5188  WPCSvc - ok
18:21:53.0391 5188  [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:21:53.0412 5188  WPDBusEnum - ok
18:21:53.0461 5188  [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
18:21:53.0481 5188  WpdUsb - ok
18:21:53.0683 5188  [ 120F3B596F79FC990B7D808857A8B3BC ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:21:53.0772 5188  WPFFontCache_v0400 - ok
18:21:54.0242 5188  [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:21:54.0318 5188  ws2ifsl - ok
18:21:54.0354 5188  [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc          C:\Windows\System32\wscsvc.dll
18:21:54.0390 5188  wscsvc - ok
18:21:54.0583 5188  [ 4422AC5ED8D4C2F0DB63E71D4C069DD7 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:21:54.0608 5188  WSDPrintDevice - ok
18:21:54.0650 5188  [ 65D1FF8AAFF4A7D8F787A290E5087816 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
18:21:54.0684 5188  WSDScan - ok
18:21:54.0694 5188  WSearch - ok
18:21:54.0786 5188  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
18:21:54.0964 5188  wuauserv - ok
18:21:55.0073 5188  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:21:55.0091 5188  WudfPf - ok
18:21:55.0168 5188  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:21:55.0203 5188  WUDFRd - ok
18:21:55.0251 5188  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:21:55.0272 5188  wudfsvc - ok
18:21:55.0289 5188  x3f2tvaih - ok
18:21:55.0325 5188  [ 88AF537264F2B818DA15479CEEAF5D7C ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
18:21:55.0349 5188  XAudio - ok
18:21:55.0379 5188  [ 15A317674A08DF26BE65164D959E9203 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
18:21:55.0406 5188  XAudioService - ok
18:21:55.0422 5188  znpaqr4ne - ok
18:21:55.0465 5188  ================ Scan global ===============================
18:21:55.0488 5188  [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
18:21:55.0522 5188  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:21:55.0553 5188  [ A508314231C49AEE86987CEA3EAECAD1 ] C:\Windows\system32\winsrv.dll
18:21:55.0619 5188  [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
18:21:55.0650 5188  [Global] - ok
18:21:55.0651 5188  ================ Scan MBR ==================================
18:21:55.0684 5188  [ F79EF1FA2A5761BF6A7B3A858FC003EE ] \Device\Harddisk0\DR0
18:21:57.0019 5188  \Device\Harddisk0\DR0 - ok
18:21:57.0020 5188  ================ Scan VBR ==================================
18:21:57.0210 5188  [ AAE2E6F6B6EACA9D502335ABFC5FA7C0 ] \Device\Harddisk0\DR0\Partition1
18:21:57.0212 5188  \Device\Harddisk0\DR0\Partition1 - ok
18:21:58.0051 5188  [ 4E9AF9C6DAEBE21352ECFDC68EFA8AAF ] \Device\Harddisk0\DR0\Partition2
18:21:58.0053 5188  \Device\Harddisk0\DR0\Partition2 - ok
18:21:58.0053 5188  ============================================================
18:21:58.0053 5188  Scan finished
18:21:58.0053 5188  ============================================================
18:21:58.0071 5520  Detected object count: 9
18:21:58.0071 5520  Actual detected object count: 9
18:26:38.0206 5520  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0206 5520  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0207 5520  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0207 5520  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0212 5520  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0212 5520  GoogleDesktopManager-080708-050100 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0213 5520  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0213 5520  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0215 5520  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0215 5520  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0217 5520  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0217 5520  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0219 5520  ShellHWDetection ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0220 5520  ShellHWDetection ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0222 5520  sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0223 5520  sp_rsdrv2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:38.0225 5520  Themes ( UnsignedFile.Multi.Generic ) - skipped by user
18:26:38.0225 5520  Themes ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:26:42.0797 2856  Deinitialize success

cosinus · 31.07.2013, 23:15

JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Danach eine Kontrolle mit Farbars Tool bitte:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

clntbestwud · 02.08.2013, 00:01

JRT

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.2.9 (07.30.2013:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Patrick on 01.08.2013 at 16:26:32,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB9778AB-BAEF-49B9-96EE-D6E4BD0BCE68}



~~~ Files

Successfully deleted: [File] C:\Windows\tasks\Lyrics-Pal Update.job
Successfully deleted: [File] "C:\Windows\system32\authuitu.dll"
Successfully deleted: [File] "C:\Windows\system32\turegopt.exe"
Successfully deleted: [File] C:\Windows\prefetch\LYRICS.EXE-1E04DFE3.pf



~~~ Folders



~~~ FireFox

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions\\{9309fa47-1b48-4768-afa4-9e0556f5dc81}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.08.2013 at 16:28:37,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Super nun habe ich das Problem wenn ich den laptop starten will kommt ein schwarzer bildschirm und ich sehe nur meine maus weiter gehts nicht mehr.versucht auch im abgesicherten modus system am arsch jetzt oder was?!

Nachdem ich adwclaner laufen lassen habe geht der laptop nicht mehr. Andauernd nur schwarzer bildschirm mit mauszeiger!!

Wie komme ich nun an meine Daten? Ich hatte dieses Problem noch nie und seit dem JRT ist nun dieses Problem aufgetaucht, Anscheinend hat er Daten gelöscht die das System beeinträchtigen können. Sehr gut den ich habe keine CD um von der CD zu starten oder überhaupt etwas wiederherzustellen..

cosinus · 02.08.2013, 13:20

Du bist der erste, der mir von einem Systemcrash nach adwCleaner berichtet.

Funktioniert noch der abgesicherte Modus mit Netzwerktreibern? Mit Internetverbindung?

Abgesicherter Modus zur Bereinigung

Windows mit F8-Taste beim Start in den abgesicherten Modus bringen.
Starte den Rechner in den abgesicherten Modus mit Netzwerktreibern:

clntbestwud · 02.08.2013, 13:31

Ich hab es schon versucht mit abgesicherte Modus etc. Das Problem ist nur das es mit JRT es auf sicht hat. Er hat authui.dll gelöscht und somit habe ich dieses Problem.

29.07.2013, 14:00	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	Viele Probleme auf den Laptop Wurd denn jemals etwas gefunden oder nur beim letzten Durchlauf nicht? Bitte genauer beschreiben und Logs posten wenn da Funde waren. Das Log von adwCleaner bitte auch posten __________________ Logfiles bitte immer in CODE-Tags posten

Viele Probleme auf den Laptop

Log-Analyse und Auswertung: Viele Probleme auf den Laptop