Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Virenmeldung- hier die Logs (https://www.trojaner-board.de/119833-virenmeldung-logs.html)

T203004 18.07.2012 20:00
Virenmeldung- hier die Logs
 
Hallo,
bei meinem letzten Standardscan von Avira kamen leider ein paar Meldungen und ich sollte etwas in Quarantäne verschieben. Habe daher anschließend ein paar Scans mit den hier empfohlenen Programmen durchgeführt und würde mich über eine Auswertung der Logs freuen. Vielen Dank!

OTL-Log ist im Anhang, Malewarebytes findet nichts.

Hier der ESET-Log:

ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=dcfba92e6655b24c8e9eafbd16580a98
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-18 06:28:06
# local_time=2012-07-18 08:28:06 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 22363067 22363067 0 0
# compatibility_mode=5893 16776573 100 94 27081 94255845 0 0
# compatibility_mode=8192 67108863 100 0 188 188 0 0
# scanned=176064
# found=0
# cleaned=0
# scan_time=10090

cosinus 23.07.2012 08:44
Zitat:
bei meinem letzten Standardscan von Avira kamen leider ein paar Meldungen und ich sollte etwas in Quarantäne verschieben.
Und wo sind die Logs von Avira?!

T203004 26.07.2012 23:17
Hallo, danke für deine Antwort. Der Log von Avira ist hier:



Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 18. Juli 2012 04:09

Es wird nach 3866964 Virenstämmen gesucht.

Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer : Avira AntiVir Personal - Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : SONYVAIO

Versionsinformationen:
BUILD.DAT : 12.0.0.1125 41829 Bytes 02.05.2012 16:34:00
AVSCAN.EXE : 12.3.0.15 466896 Bytes 13.05.2012 07:47:04
AVSCAN.DLL : 12.3.0.15 66256 Bytes 13.05.2012 07:47:04
LUKE.DLL : 12.3.0.15 68304 Bytes 13.05.2012 07:47:04
AVSCPLR.DLL : 12.3.0.14 97032 Bytes 13.05.2012 07:47:05
AVREG.DLL : 12.3.0.17 232200 Bytes 13.05.2012 07:47:05
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 19:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 10:07:39
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 02:06:47
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 22:23:35
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 10:47:19
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 17:24:15
VBASE006.VDF : 7.11.34.117 2048 Bytes 29.06.2012 17:24:15
VBASE007.VDF : 7.11.34.118 2048 Bytes 29.06.2012 17:24:18
VBASE008.VDF : 7.11.34.119 2048 Bytes 29.06.2012 17:24:18
VBASE009.VDF : 7.11.34.120 2048 Bytes 29.06.2012 17:24:19
VBASE010.VDF : 7.11.34.121 2048 Bytes 29.06.2012 17:24:19
VBASE011.VDF : 7.11.34.122 2048 Bytes 29.06.2012 17:24:20
VBASE012.VDF : 7.11.34.123 2048 Bytes 29.06.2012 17:24:20
VBASE013.VDF : 7.11.34.124 2048 Bytes 29.06.2012 17:24:21
VBASE014.VDF : 7.11.34.201 169472 Bytes 02.07.2012 16:05:03
VBASE015.VDF : 7.11.35.19 122368 Bytes 04.07.2012 16:05:06
VBASE016.VDF : 7.11.35.87 146944 Bytes 06.07.2012 16:05:10
VBASE017.VDF : 7.11.35.143 126464 Bytes 09.07.2012 16:05:06
VBASE018.VDF : 7.11.35.235 151552 Bytes 12.07.2012 16:05:13
VBASE019.VDF : 7.11.35.236 2048 Bytes 12.07.2012 16:05:15
VBASE020.VDF : 7.11.35.237 2048 Bytes 12.07.2012 16:05:17
VBASE021.VDF : 7.11.35.238 2048 Bytes 12.07.2012 16:05:18
VBASE022.VDF : 7.11.35.239 2048 Bytes 12.07.2012 16:05:18
VBASE023.VDF : 7.11.35.240 2048 Bytes 12.07.2012 16:05:21
VBASE024.VDF : 7.11.35.241 2048 Bytes 12.07.2012 16:05:21
VBASE025.VDF : 7.11.35.242 2048 Bytes 12.07.2012 16:05:25
VBASE026.VDF : 7.11.35.243 2048 Bytes 12.07.2012 16:05:25
VBASE027.VDF : 7.11.35.244 2048 Bytes 12.07.2012 16:05:26
VBASE028.VDF : 7.11.35.245 2048 Bytes 12.07.2012 16:05:27
VBASE029.VDF : 7.11.35.246 2048 Bytes 12.07.2012 16:05:28
VBASE030.VDF : 7.11.35.247 2048 Bytes 12.07.2012 16:05:30
VBASE031.VDF : 7.11.36.10 69632 Bytes 12.07.2012 16:06:19
Engineversion : 8.2.10.110
AEVDF.DLL : 8.1.2.10 102772 Bytes 10.07.2012 16:07:18
AESCRIPT.DLL : 8.1.4.32 455034 Bytes 08.07.2012 16:06:03
AESCN.DLL : 8.1.8.2 131444 Bytes 27.01.2012 15:47:17
AESBX.DLL : 8.2.5.12 606578 Bytes 01.07.2012 17:25:06
AERDL.DLL : 8.1.9.15 639348 Bytes 08.09.2011 22:16:06
AEPACK.DLL : 8.3.0.12 807286 Bytes 10.07.2012 16:07:01
AEOFFICE.DLL : 8.1.2.40 201082 Bytes 01.07.2012 17:25:00
AEHEUR.DLL : 8.1.4.64 5009782 Bytes 08.07.2012 16:06:00
AEHELP.DLL : 8.1.23.2 258422 Bytes 01.07.2012 17:24:42
AEGEN.DLL : 8.1.5.32 434548 Bytes 08.07.2012 16:05:26
AEEXP.DLL : 8.1.0.62 86389 Bytes 11.07.2012 16:04:52
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.07.2012 16:05:48
AECORE.DLL : 8.1.27.2 201078 Bytes 10.07.2012 16:05:38
AEBB.DLL : 8.1.1.0 53618 Bytes 01.09.2011 22:46:01
AVWINLL.DLL : 12.3.0.15 27344 Bytes 13.05.2012 07:47:03
AVPREF.DLL : 12.3.0.15 51920 Bytes 13.05.2012 07:47:04
AVREP.DLL : 12.3.0.15 179208 Bytes 13.05.2012 07:47:05
AVARKT.DLL : 12.3.0.15 211408 Bytes 13.05.2012 07:47:04
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 13.05.2012 07:47:04
SQLITE3.DLL : 3.7.0.1 398288 Bytes 13.05.2012 07:47:04
AVSMTP.DLL : 12.3.0.15 63440 Bytes 13.05.2012 07:47:04
NETNT.DLL : 12.3.0.15 17104 Bytes 13.05.2012 07:47:04
RCIMAGE.DLL : 12.3.0.15 4447952 Bytes 13.05.2012 07:47:03
RCTEXT.DLL : 12.3.0.15 98512 Bytes 13.05.2012 07:47:03

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Lokale Laufwerke
Konfigurationsdatei...................: C:\program files (x86)\avira\antivir desktop\alldrives.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, G:, D:, E:, F:,
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert

Beginn des Suchlaufs: Mittwoch, 18. Juli 2012 04:09

Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD2
[INFO] Es wurde kein Virus gefunden!

Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'G:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Im Laufwerk 'D:\' ist kein Datenträger eingelegt!
Bootsektor 'E:\'
[INFO] Im Laufwerk 'E:\' ist kein Datenträger eingelegt!

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'update.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerInstaller.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avnotify.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'updrgui.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'update.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleUpdate.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NclMSBTSrvEx.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'listener.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ServiceLayer.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NokiaSuite.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VCService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'BluetoothHeadsetProxy.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgrSub.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VESMgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'uCamMonitor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBDeviceInfoProvider.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'HPLaserJetService.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'NitroPDFPrinterMonitor.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'MarketingTools.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMBVolumeWatcher.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ISBMgr.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'ONENOTEM.EXE' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'VoipBuster.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '1' Modul(e) wurden durchsucht
Durchsuche Prozess 'vpnagent.exe' - '1' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2214' Dateien ).


Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
C:\Program Files\WinRAR\rarnew.dat
[WARNUNG] Das Archiv ist unbekannt oder defekt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Adviva-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cache-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\CasaleMedia-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Cookie-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\DoubleClick-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\FastClick-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\History-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Internet Explorer-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Log-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Macromedia.FlashPlayer.Cookies-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MediaPlex-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Direct3D-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectDraw-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS DirectInput-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Management Console-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\MS Media Player-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Right Media-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Statcounter-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Tradedoubler-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\WebTrends live-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Explorer-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows Media SDK-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows-0001.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Windows.OpenWith-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\WinRAR-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\ProgramData\Spybot - Search & Destroy\Quarantine\Zedo-0000.zip
[WARNUNG] Die Datei ist kennwortgeschützt
C:\Users\jimmythebob\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\21661e10-7df0bbd1
[0] Archivtyp: ZIP
--> Atomic.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CJ
--> Homi.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.A.197
--> Kook.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Lamar.AR
--> Lmpo.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2008-5353.AM
--> Oinc.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Treams.BO
--> Sinaval.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Dldr.Treams.BP
--> Third.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/CVE-2012-0507.A.191
Beginne mit der Suche in 'G:\' <Volume>
Beginne mit der Suche in 'D:\'
Beginne mit der Suche in 'E:\'
Der zu durchsuchende Pfad E:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.
Beginne mit der Suche in 'F:\'
Der zu durchsuchende Pfad F:\ konnte nicht geöffnet werden!
Systemfehler [21]: Das Gerät ist nicht bereit.

Beginne mit der Desinfektion:
C:\Users\jimmythebob\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\16\21661e10-7df0bbd1
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-0507.CJ
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5504d8ca.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 18. Juli 2012 10:46
Benötigte Zeit: 6:36:42 Stunde(n)

Der Suchlauf wurde vollständig durchgeführt.

31866 Verzeichnisse wurden überprüft
643358 Dateien wurden geprüft
8 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
643350 Dateien ohne Befall
3713 Archive wurden durchsucht
34 Warnungen
1 Hinweise

cosinus 27.07.2012 08:27
Bitte auch alles von Malwarebytes posten
Die Logs enthalten ein paar mehr Infos als nur Fund oder kein Fund.

Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log

T203004 27.07.2012 11:23
Hallo, hier ist der Log vom Quick Scan vom 18.7.
Heute habe ich einen vollständigen Suchlauf gemacht, das Log ist weiter unten.

Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jimmythebob :: SONYVAIO [Administrator]

Schutz: Aktiviert

18.07.2012 17:26:59
mbam-log-2012-07-18 (17-26-59).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 216746
Laufzeit: 6 Minute(n), 16 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.27.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
jimmythebob :: SONYVAIO [Administrator]

Schutz: Aktiviert

27.07.2012 11:02:59
mbam-log-2012-07-27 (11-02-59).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 351856
Laufzeit: 1 Stunde(n), 7 Minute(n), 38 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

cosinus 27.07.2012 13:33
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

T203004 27.07.2012 17:08
Super, danke für deine Hilfe. Hier die Logdatei:

Code:
# AdwCleaner v1.703 - Logfile created 07/27/2012 at 18:07:10
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jimmythebob - SONYVAIO
# Running from : C:\Users\jimmythebob\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Software
[x64] Key Found : HKCU\Software\Softonic

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (de)

Profile name : default
File : C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\prefs.js

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1274 octets] - [27/07/2012 18:07:10]

########## EOF - C:\AdwCleaner[R1].txt - [1402 octets] ##########

cosinus 27.07.2012 20:56
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

T203004 27.07.2012 21:58
Code:
# AdwCleaner v1.703 - Logfile created 07/27/2012 at 22:55:53
# Updated 20/07/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : jimmythebob - SONYVAIO
# Running from : C:\Users\jimmythebob\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****

Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Software

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v12.0 (de)

Profile name : default
File : C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\prefs.js

[OK] File is clean.

*************************

cosinus 27.07.2012 22:41
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

T203004 27.07.2012 23:35
Hallo,
der normale Modus funktioniert einwandfrei.

Ich habe im Startmenü z.B. den Ordner "Programme", welcher leer ist, dafür sind aber alle Programme einzeln im Startmenü vorhanden. Das stört mich nicht und ist auch schon länger so (s. meine älteren Beiträge hier im Forum). Ich merke keine Probleme am PC, wurde halt nur durch die Meldung von Avira misstrauisch.

cosinus 27.07.2012 23:43
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

T203004 28.07.2012 00:27
OTL Logfile:
Code:
OTL logfile created on: 28.07.2012 01:09:13 - Run 4
OTL by OldTimer - Version 3.2.55.0    Folder = C:\Users\jimmythebob\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,92 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 63,65% Memory free
7,84 Gb Paging File | 5,93 Gb Available in Paging File | 75,62% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 161,29 Gb Total Space | 91,60 Gb Free Space | 56,79% Space Free | Partition Type: NTFS
Drive D: | 951,94 Mb Total Space | 951,88 Mb Free Space | 99,99% Space Free | Partition Type: FAT
Drive G: | 126,89 Gb Total Space | 83,78 Gb Free Space | 66,03% Space Free | Partition Type: NTFS
 
Computer Name: SONYVAIO | User Name: jimmythebob | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.28 01:07:12 | 000,597,504 | ---- | M] (OldTimer Tools) -- C:\Users\jimmythebob\Downloads\OTL(4).exe
PRC - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.07.03 13:46:44 | 000,462,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.05.13 09:47:04 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.13 09:47:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.05.13 09:47:04 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011.01.29 06:36:18 | 000,081,016 | ---- | M] (Sony of America Corporation) -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2010.10.23 21:25:09 | 000,026,624 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe
PRC - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
PRC - [2010.05.06 03:59:38 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
PRC - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.03 21:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.01.21 20:31:32 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe
PRC - [2009.11.30 19:20:00 | 000,112,488 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgrSub.exe
PRC - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.09.04 23:35:14 | 000,013,600 | ---- | M] (Broadcom Corporation.) -- C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
PRC - [2009.08.26 19:24:00 | 000,320,880 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\SONY\ISB Utility\ISBMgr.exe
PRC - [2009.05.14 12:12:40 | 000,209,216 | ---- | M] () -- C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
PRC - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2009.05.14 12:12:40 | 000,209,216 | ---- | M] () -- C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe
MOD - [2008.12.12 16:48:50 | 000,507,904 | ---- | M] () -- C:\Program Files (x86)\Common Files\BCL Technologies\NitroPDF6\bepprint.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2012.02.08 00:52:50 | 000,343,032 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe -- (NitroReaderDriverReadSpool2)
SRV:64bit: - [2012.01.13 10:55:10 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011.05.19 20:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011.02.18 23:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011.02.14 14:23:50 | 000,044,736 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2011.01.29 06:36:18 | 000,259,192 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011.01.20 13:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010.10.25 18:55:26 | 000,387,896 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2010.08.11 08:46:06 | 000,845,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2010.04.07 15:04:24 | 000,127,800 | ---- | M] (HP) [Auto | Running] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2009.11.30 19:51:18 | 000,571,248 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2009.09.04 23:35:12 | 000,873,248 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2009.07.14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012.07.27 01:02:09 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.03 13:46:44 | 000,655,944 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.05.19 14:49:59 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.05.13 09:47:04 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.05.13 09:47:04 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.04.22 07:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.01.20 13:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010.10.12 16:52:48 | 000,423,280 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe -- (SOHDms)
SRV - [2010.09.27 16:13:26 | 000,074,496 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe -- (VAIO Entertainment TV Device Arbitration Service)
SRV - [2010.09.10 09:47:30 | 000,108,400 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2010.09.10 09:47:30 | 000,067,952 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2010.05.28 11:14:24 | 000,205,168 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2010.05.06 03:59:38 | 000,583,360 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe -- (vpnagent)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010.03.03 21:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.10.24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.08.31 01:59:30 | 000,362,992 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe -- (Roxio Upnp Server 10)
SRV - [2009.08.31 01:59:18 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe -- (Roxio UPnP Renderer 10)
SRV - [2009.06.24 10:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.09.18 10:59:10 | 000,104,960 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.05.13 09:47:05 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.13 09:47:05 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.22 07:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.09 11:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2012.01.09 11:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2012.01.09 11:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2012.01.09 11:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.10.11 16:00:01 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.08.02 18:38:56 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.11.20 11:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010.06.22 04:51:14 | 000,035,840 | ---- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2010.05.06 03:46:36 | 000,022,752 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpnva64.sys -- (vpnva)
DRV:64bit: - [2010.03.06 01:41:05 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.11.18 22:07:14 | 000,021,160 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.11.18 22:07:13 | 000,132,648 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2009.11.18 22:07:13 | 000,098,344 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2009.11.18 22:07:12 | 000,052,264 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btusbflt.sys -- (btusbflt)
DRV:64bit: - [2009.11.18 22:06:44 | 000,035,104 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2009.11.12 22:16:19 | 000,395,264 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009.11.12 22:06:44 | 001,542,656 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009.11.12 22:05:01 | 000,084,512 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2009.11.11 22:05:13 | 000,292,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.11.06 22:27:30 | 000,093,696 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2009.10.27 22:06:59 | 000,151,040 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009.09.15 22:09:08 | 000,075,776 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsne64.sys -- (risdsnpe)
DRV:64bit: - [2009.08.19 22:09:21 | 000,011,392 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009.08.05 23:24:16 | 000,061,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.26 14:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2009.05.20 12:00:00 | 000,055,280 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/ig/redirectdomain?brand=SVEC&bmod=EU01
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes,DefaultScope = {1661D042-EE5F-4896-863D-6056F542E24F}
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{03C86783-9293-4E7A-8AC3-AEF83F45BD7D}: "URL" = hxxp://rover.ebay.com/rover/1/707-37276-16609-0/4?satitle={searchTerms}
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{1661D042-EE5F-4896-863D-6056F542E24F}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SVEC
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{6029794D-EE94-4045-A89C-1A7071EE8645}: "URL" = hxxp://de.shopping.com/?linkin_id=8056363
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\..\SearchScopes\{E9FD1855-39B6-4E54-AA2E-6F34B97BAB09}: "URL" = hxxp://www.zinio.com/search/index.jsp?s={searchTerms}&rf=sonyie8search
IE - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Wikipedia (de)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de"
FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.51
FF - prefs.js..extensions.enabledItems: {899DF1F8-2F43-4394-8315-37F6744E6319}:1.0.8
FF - prefs.js..extensions.enabledItems: de-DE@dictionaries.addons.mozilla.org:2.0.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_268.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_268.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.19 14:49:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.04.12 19:50:06 | 000,000,000 | ---D | M]
 
[2010.10.23 23:14:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Extensions
[2012.07.12 07:32:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions
[2012.06.29 09:42:52 | 000,000,000 | ---D | M] (Wörterbuch Deutsch (de-DE), Hunspell-unterstützt) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions\de_DE@dicts.j3e.de
[2010.11.18 09:52:42 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\extensions\de-DE@dictionaries.addons.mozilla.org
[2010.10.25 23:36:41 | 000,002,036 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\alle-preise---guenstigerde.xml
[2012.07.27 00:17:35 | 000,002,400 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\google-deutschland.xml
[2011.10.18 17:47:57 | 000,001,330 | ---- | M] () -- C:\Users\jimmythebob\AppData\Roaming\Mozilla\Firefox\Profiles\54qofvpe.default\searchplugins\wikipedia-en.xml
[2012.05.19 14:50:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.12 07:32:57 | 000,287,803 | ---- | M] () (No name found) -- C:\USERS\JIMMYTHEBOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\54QOFVPE.DEFAULT\EXTENSIONS\{899DF1F8-2F43-4394-8315-37F6744E6319}.XPI
[2012.05.19 14:49:59 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.04.11 15:58:33 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.03.20 14:51:12 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.03.20 14:51:12 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.03.20 14:51:12 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.03.20 14:51:12 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.03.20 14:51:12 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.03.20 14:51:12 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2012.04.02 18:10:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1      localhost
O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O4:64bit: - HKLM..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [NvCplDaemon] C:\Windows\SysNative\NvCpl.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MarketingTools] C:\Program Files (x86)\SONY\Marketing Tools\MarketingTools.exe (Sony Corporation)
O4 - HKLM..\Run: [Nitro PDF Printer Monitor] C:\Program Files (x86)\Nitro PDF\Professional\NitroPDFPrinterMonitor.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\SONY\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001..\Run: []  File not found
O4 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001..\Run: [VoipBuster] "C:\Program Files (x86)\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4072554069-706762954-2387328221-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://c:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O9 - Extra 'Tools' menuitem : Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - c:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll (Evernote Corporation)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5CA2638F-A594-4D24-80BE-A37A7C278809}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F7B8B16-ED6E-472B-A1CB-E39E5D4F0CE5}: NameServer = 202.106.195.68 202.106.46.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CC1D3BD1-7EF4-4F82-A281-023520EA827B}: NameServer = 202.106.195.68 202.106.46.151
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F080DE39-A95A-4ECD-9EF4-659C412F3AD6}: DhcpNameServer = 202.99.96.68 60.30.102.92
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - Winlogon\Notify\VESWinlogon: DllName - (VESWinlogon.dll) - C:\Windows\SysWow64\VESWinlogon.dll (Sony Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
 
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: MpfService - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MpfService - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} -
ActiveX:64bit: >{DB562198-3A06-4B5D-86EF-D9ED5AD005BC} - RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.27 18:21:17 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Neuer Ordner
[2012.07.27 12:30:19 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Unterlagen Sonja
[2012.07.18 20:57:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
[2012.07.18 20:57:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\7-Zip
[2012.07.18 17:36:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.18 17:23:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.18 17:23:17 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.18 12:00:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.18 12:00:17 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2012.07.08 15:23:50 | 000,000,000 | ---D | C] -- C:\Users\jimmythebob\Desktop\Peking Juli
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.28 01:10:00 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.28 01:02:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.28 00:31:04 | 000,089,016 | ---- | M] () -- C:\test.xml
[2012.07.28 00:28:32 | 000,067,584 | ---- | M] () -- C:\Windows\bootstat.dat
[2012.07.27 23:09:23 | 000,014,144 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 23:09:23 | 000,014,144 | ---- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.27 23:05:10 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.27 23:05:10 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.27 23:05:10 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.27 23:05:10 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.27 23:05:10 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.27 22:57:51 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
[2012.07.27 22:57:42 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.27 22:56:55 | 3156,807,680 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.18 20:58:36 | 000,010,363 | ---- | M] () -- C:\Users\jimmythebob\Desktop\OTL.rar
[2012.07.18 12:20:24 | 000,452,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
 
========== Files Created - No Company Name ==========
 
[2012.07.18 20:58:36 | 000,010,363 | ---- | C] () -- C:\Users\jimmythebob\Desktop\OTL.rar
[2012.04.02 18:03:12 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012.04.02 18:03:12 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012.04.02 18:03:12 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012.04.02 18:03:12 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012.04.02 18:03:12 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012.02.20 13:21:37 | 000,024,772 | ---- | C] () -- C:\ProgramData\P1100DEF.css
[2012.02.20 13:21:37 | 000,004,271 | ---- | C] () -- C:\ProgramData\P1100OS.HTM
[2012.02.20 13:21:37 | 000,002,944 | ---- | C] () -- C:\ProgramData\P1100SIG.GIF
[2011.01.02 17:28:46 | 000,029,184 | ---- | C] () -- C:\Users\jimmythebob\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.10.23 21:11:57 | 000,001,607 | ---- | C] () -- C:\Windows\SysWow64\McOEMAppRules.dat
 
========== LOP Check ==========
 
[2012.05.06 18:41:38 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Alle meine Passworte
[2012.02.08 18:05:03 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Downloaded Installations
[2011.11.15 17:38:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\elsterformular
[2012.02.07 01:49:42 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Netgear Live Parental Controls
[2012.04.24 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nitro PDF
[2012.01.20 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia
[2011.06.11 00:33:15 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Ovi Suite
[2011.11.22 18:08:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Suite
[2011.11.17 13:00:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\PC Suite
[2011.03.04 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\S.A.D
[2011.09.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\TuneUp Software
[2012.05.04 07:31:35 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\VoipBuster
[2012.06.11 19:33:55 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.04.07 01:09:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Adobe
[2012.05.06 18:41:38 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Alle meine Passworte
[2011.12.31 14:25:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Apple Computer
[2010.12.02 23:57:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\ArcSoft
[2011.11.02 22:42:40 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Avira
[2012.02.08 18:05:03 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Downloaded Installations
[2011.11.15 17:38:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\elsterformular
[2010.10.23 22:51:25 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Google
[2011.09.18 02:46:49 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\HP
[2010.10.23 22:39:25 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Identities
[2010.10.23 23:05:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\InstallShield
[2011.01.02 17:08:09 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Intel Corporation
[2010.10.23 22:59:31 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Macromedia
[2011.11.09 00:09:24 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Malwarebytes
[2009.11.20 02:27:16 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Media Center Programs
[2012.04.07 01:09:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Microsoft
[2010.10.23 23:14:51 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Mozilla
[2012.02.07 01:49:42 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Netgear Live Parental Controls
[2012.04.24 11:00:57 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nitro PDF
[2012.01.20 13:27:45 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia
[2011.06.11 00:33:15 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Ovi Suite
[2011.11.22 18:08:41 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Nokia Suite
[2011.11.17 13:00:46 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\PC Suite
[2011.03.13 13:43:06 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Roxio
[2011.03.04 18:47:01 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\S.A.D
[2012.07.27 00:37:44 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Skype
[2010.10.24 21:14:58 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\Sony Corporation
[2011.09.25 15:14:11 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\TuneUp Software
[2012.05.04 07:31:35 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\VoipBuster
[2010.10.24 00:57:19 | 000,000,000 | ---D | M] -- C:\Users\jimmythebob\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2012.03.30 14:40:45 | 009,812,368 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\install_est11.exe
[2012.03.12 18:14:06 | 008,547,008 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_09_7094_8479.exe
[2012.03.12 18:14:49 | 007,468,376 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_est_10_7094_8479.exe
[2012.03.12 18:13:17 | 012,362,088 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\pluginmanager\tmp\update_pica_0_7094_8479.exe
[2011.11.14 22:49:31 | 006,489,448 | ---- | M] (Landesfinanzdirektion Thueringen) -- C:\Users\jimmythebob\AppData\Roaming\elsterformular\update\ElsterFormular_update-12_3_2_6814p.exe
 
< %SYSTEMDRIVE%\*.exe >
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\ERDNT\cache64\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\ERDNT\cache86\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\ERDNT\cache64\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: IASTOR.SYS  >
[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.03 20:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
[2009.10.13 21:16:40 | 000,409,624 | ---- | M] (Intel Corporation) MD5=BE7D72FCF442C26975942007E0831241 -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_6fca727099cdabf1\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys
[2010.11.20 15:33:38 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\ERDNT\cache64\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll
[2010.11.20 15:27:22 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\ERDNT\cache86\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll
[2010.11.20 14:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys
[2010.11.20 15:33:48 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\ERDNT\cache86\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll
[2010.11.20 14:21:04 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\ERDNT\cache64\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll
[2010.11.20 15:27:25 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll
 
< MD5 for: USER32.DLL  >
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\ERDNT\cache86\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll
[2010.11.20 14:08:57 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\ERDNT\cache64\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll
[2010.11.20 15:27:27 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\ERDNT\cache86\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\ERDNT\cache64\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\ERDNT\cache64\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\ERDNT\cache86\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\ERDNT\cache64\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2012.07.03 13:46:42 | 000,217,672 | ---- | M] () MD5=8A7F34F0BBD076EC3815680A7309114F -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >

< End of report >
--- --- ---

cosinus 28.07.2012 21:58
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

T203004 29.07.2012 00:10
Code:
01:05:59.0553 4656        TDSS rootkit removing tool 2.7.48.0 Jul 24 2012 13:16:32
01:05:59.0626 4656        ============================================================
01:05:59.0626 4656        Current date / time: 2012/07/29 01:05:59.0626
01:05:59.0626 4656        SystemInfo:
01:05:59.0627 4656       
01:05:59.0627 4656        OS Version: 6.1.7601 ServicePack: 1.0
01:05:59.0627 4656        Product type: Workstation
01:05:59.0627 4656        ComputerName: SONYVAIO
01:05:59.0627 4656        UserName: jimmythebob
01:05:59.0627 4656        Windows directory: C:\Windows
01:05:59.0627 4656        System windows directory: C:\Windows
01:05:59.0627 4656        Running under WOW64
01:05:59.0627 4656        Processor architecture: Intel x64
01:05:59.0627 4656        Number of processors: 4
01:05:59.0627 4656        Page size: 0x1000
01:05:59.0627 4656        Boot type: Normal boot
01:05:59.0627 4656        ============================================================
01:06:00.0470 4656        Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:06:00.0475 4656        Drive \Device\Harddisk2\DR2 - Size: 0x3B811E00 (0.93 Gb), SectorSize: 0x200, Cylinders: 0xEE0, SectorsPerTrack: 0x20, TracksPerCylinder: 0x10, Type 'W'
01:06:00.0477 4656        ============================================================
01:06:00.0477 4656        \Device\Harddisk0\DR0:
01:06:00.0477 4656        MBR partitions:
01:06:00.0477 4656        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x139F000, BlocksNum 0x32000
01:06:00.0477 4656        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x13D1000, BlocksNum 0x142942B0
01:06:00.0509 4656        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x15666000, BlocksNum 0xFDC8000
01:06:00.0509 4656        \Device\Harddisk2\DR2:
01:06:00.0510 4656        MBR partitions:
01:06:00.0510 4656        ============================================================
01:06:00.0570 4656        C: <-> \Device\Harddisk0\DR0\Partition1
01:06:00.0619 4656        G: <-> \Device\Harddisk0\DR0\Partition2
01:06:00.0619 4656        ============================================================
01:06:00.0619 4656        Initialize success
01:06:00.0619 4656        ============================================================
01:06:49.0587 4944        ============================================================
01:06:49.0587 4944        Scan started
01:06:49.0587 4944        Mode: Manual; SigCheck; TDLFS;
01:06:49.0587 4944        ============================================================
01:06:50.0766 4944        1394ohci        (a87d604aea360176311474c87a63bb88) C:\Windows\system32\drivers\1394ohci.sys
01:06:50.0953 4944        1394ohci - ok
01:06:51.0056 4944        ACDaemon        (adc420616c501b45d26c0fd3ef1e54e4) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
01:06:51.0109 4944        ACDaemon - ok
01:06:51.0195 4944        ACPI            (d81d9e70b8a6dd14d42d7b4efa65d5f2) C:\Windows\system32\drivers\ACPI.sys
01:06:51.0231 4944        ACPI - ok
01:06:51.0301 4944        AcpiPmi        (99f8e788246d495ce3794d7e7821d2ca) C:\Windows\system32\drivers\acpipmi.sys
01:06:51.0383 4944        AcpiPmi - ok
01:06:51.0507 4944        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:06:51.0522 4944        AdobeARMservice - ok
01:06:51.0697 4944        AdobeFlashPlayerUpdateSvc (6c40d5ed8951ab7b90d08af655224ee4) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:06:51.0718 4944        AdobeFlashPlayerUpdateSvc - ok
01:06:51.0806 4944        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\drivers\adp94xx.sys
01:06:51.0842 4944        adp94xx - ok
01:06:51.0909 4944        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\drivers\adpahci.sys
01:06:51.0935 4944        adpahci - ok
01:06:51.0948 4944        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\drivers\adpu320.sys
01:06:51.0966 4944        adpu320 - ok
01:06:52.0015 4944        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
01:06:52.0207 4944        AeLookupSvc - ok
01:06:52.0301 4944        AFD            (1c7857b62de5994a75b054a9fd4c3825) C:\Windows\system32\drivers\afd.sys
01:06:52.0410 4944        AFD - ok
01:06:52.0467 4944        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\drivers\agp440.sys
01:06:52.0494 4944        agp440 - ok
01:06:52.0537 4944        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
01:06:52.0623 4944        ALG - ok
01:06:52.0693 4944        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\drivers\aliide.sys
01:06:52.0716 4944        aliide - ok
01:06:52.0726 4944        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\drivers\amdide.sys
01:06:52.0746 4944        amdide - ok
01:06:52.0780 4944        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\drivers\amdk8.sys
01:06:52.0851 4944        AmdK8 - ok
01:06:52.0859 4944        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\drivers\amdppm.sys
01:06:52.0909 4944        AmdPPM - ok
01:06:53.0015 4944        amdsata        (d4121ae6d0c0e7e13aa221aa57ef2d49) C:\Windows\system32\drivers\amdsata.sys
01:06:53.0038 4944        amdsata - ok
01:06:53.0060 4944        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\drivers\amdsbs.sys
01:06:53.0079 4944        amdsbs - ok
01:06:53.0095 4944        amdxata        (540daf1cea6094886d72126fd7c33048) C:\Windows\system32\drivers\amdxata.sys
01:06:53.0108 4944        amdxata - ok
01:06:53.0213 4944        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
01:06:53.0242 4944        AntiVirSchedulerService - ok
01:06:53.0271 4944        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
01:06:53.0287 4944        AntiVirService - ok
01:06:53.0369 4944        AppID          (89a69c3f2f319b43379399547526d952) C:\Windows\system32\drivers\appid.sys
01:06:53.0561 4944        AppID - ok
01:06:53.0590 4944        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
01:06:53.0664 4944        AppIDSvc - ok
01:06:53.0754 4944        Appinfo        (3977d4a871ca0d4f2ed1e7db46829731) C:\Windows\System32\appinfo.dll
01:06:53.0852 4944        Appinfo - ok
01:06:53.0989 4944        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\drivers\arc.sys
01:06:54.0015 4944        arc - ok
01:06:54.0025 4944        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\drivers\arcsas.sys
01:06:54.0039 4944        arcsas - ok
01:06:54.0060 4944        ArcSoftKsUFilter (c130bc4a51b1382b2be8e44579ec4c0a) C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
01:06:54.0072 4944        ArcSoftKsUFilter - ok
01:06:54.0098 4944        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
01:06:54.0173 4944        AsyncMac - ok
01:06:54.0229 4944        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\drivers\atapi.sys
01:06:54.0242 4944        atapi - ok
01:06:54.0372 4944        athr            (0acc06fcf46f64ed4f11e57ee461c1f4) C:\Windows\system32\DRIVERS\athrx.sys
01:06:54.0509 4944        athr - ok
01:06:54.0678 4944        AudioEndpointBuilder (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:06:54.0790 4944        AudioEndpointBuilder - ok
01:06:54.0796 4944        AudioSrv        (f23fef6d569fce88671949894a8becf1) C:\Windows\System32\Audiosrv.dll
01:06:54.0844 4944        AudioSrv - ok
01:06:55.0006 4944        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
01:06:55.0028 4944        avgntflt - ok
01:06:55.0044 4944        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
01:06:55.0066 4944        avipbb - ok
01:06:55.0077 4944        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
01:06:55.0088 4944        avkmgr - ok
01:06:55.0163 4944        AxInstSV        (a6bf31a71b409dfa8cac83159e1e2aff) C:\Windows\System32\AxInstSV.dll
01:06:55.0287 4944        AxInstSV - ok
01:06:55.0334 4944        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\drivers\bxvbda.sys
01:06:55.0423 4944        b06bdrv - ok
01:06:55.0466 4944        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
01:06:55.0515 4944        b57nd60a - ok
01:06:55.0558 4944        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
01:06:55.0618 4944        BDESVC - ok
01:06:55.0635 4944        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
01:06:55.0736 4944        Beep - ok
01:06:55.0862 4944        BFE            (82974d6a2fd19445cc5171fc378668a4) C:\Windows\System32\bfe.dll
01:06:55.0928 4944        BFE - ok
01:06:56.0049 4944        BITS            (1ea7969e3271cbc59e1730697dc74682) C:\Windows\system32\qmgr.dll
01:06:56.0187 4944        BITS - ok
01:06:56.0266 4944        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\drivers\blbdrive.sys
01:06:56.0311 4944        blbdrive - ok
01:06:56.0378 4944        bowser          (6c02a83164f5cc0a262f4199f0871cf5) C:\Windows\system32\DRIVERS\bowser.sys
01:06:56.0411 4944        bowser - ok
01:06:56.0428 4944        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\drivers\BrFiltLo.sys
01:06:56.0529 4944        BrFiltLo - ok
01:06:56.0542 4944        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\drivers\BrFiltUp.sys
01:06:56.0563 4944        BrFiltUp - ok
01:06:56.0634 4944        BridgeMP        (5c2f352a4e961d72518261257aae204b) C:\Windows\system32\DRIVERS\bridge.sys
01:06:56.0692 4944        BridgeMP - ok
01:06:56.0759 4944        Browser        (8ef0d5c41ec907751b8429162b1239ed) C:\Windows\System32\browser.dll
01:06:56.0837 4944        Browser - ok
01:06:56.0888 4944        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
01:06:56.0992 4944        Brserid - ok
01:06:56.0999 4944        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
01:06:57.0044 4944        BrSerWdm - ok
01:06:57.0071 4944        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
01:06:57.0148 4944        BrUsbMdm - ok
01:06:57.0151 4944        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
01:06:57.0178 4944        BrUsbSer - ok
01:06:57.0261 4944        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
01:06:57.0348 4944        BthEnum - ok
01:06:57.0391 4944        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
01:06:57.0445 4944        BTHMODEM - ok
01:06:57.0493 4944        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
01:06:57.0596 4944        BthPan - ok
01:06:57.0711 4944        BTHPORT        (64c198198501f7560ee41d8d1efa7952) C:\Windows\System32\Drivers\BTHport.sys
01:06:57.0804 4944        BTHPORT - ok
01:06:57.0839 4944        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
01:06:57.0917 4944        bthserv - ok
01:06:57.0973 4944        BTHUSB          (f188b7394d81010767b6df3178519a37) C:\Windows\System32\Drivers\BTHUSB.sys
01:06:58.0033 4944        BTHUSB - ok
01:06:58.0080 4944        btusbflt        (6e04458e98daf28826482e41a7a62df5) C:\Windows\system32\drivers\btusbflt.sys
01:06:58.0097 4944        btusbflt - ok
01:06:58.0137 4944        btwaudio        (4bdbdb86abba924e029fb2683be7c505) C:\Windows\system32\drivers\btwaudio.sys
01:06:58.0160 4944        btwaudio - ok
01:06:58.0199 4944        btwavdt        (5c849bd7c78791c5cee9f4651d7fe38d) C:\Windows\system32\drivers\btwavdt.sys
01:06:58.0218 4944        btwavdt - ok
01:06:58.0346 4944        btwdins        (31da517946ffe416442e864592548f8a) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
01:06:58.0376 4944        btwdins - ok
01:06:58.0417 4944        btwl2cap        (6149301dc3f81d6f9667a3fbac410975) C:\Windows\system32\DRIVERS\btwl2cap.sys
01:06:58.0425 4944        btwl2cap - ok
01:06:58.0450 4944        btwrchid        (3e1991afa851a36dc978b0a1b0535c8b) C:\Windows\system32\DRIVERS\btwrchid.sys
01:06:58.0461 4944        btwrchid - ok
01:06:58.0538 4944        BVRPMPR5a64    (9887ca12f407d7fbc7f48f3678f5f0b6) C:\Windows\system32\drivers\BVRPMPR5a64.SYS
01:06:58.0554 4944        BVRPMPR5a64 - ok
01:06:58.0581 4944        catchme - ok
01:06:58.0618 4944        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
01:06:58.0700 4944        cdfs - ok
01:06:58.0785 4944        cdrom          (f036ce71586e93d94dab220d7bdf4416) C:\Windows\system32\drivers\cdrom.sys
01:06:58.0837 4944        cdrom - ok
01:06:58.0922 4944        CertPropSvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:06:59.0032 4944        CertPropSvc - ok
01:06:59.0077 4944        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\drivers\circlass.sys
01:06:59.0112 4944        circlass - ok
01:06:59.0175 4944        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
01:06:59.0212 4944        CLFS - ok
01:06:59.0284 4944        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:06:59.0306 4944        clr_optimization_v2.0.50727_32 - ok
01:06:59.0352 4944        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:06:59.0375 4944        clr_optimization_v2.0.50727_64 - ok
01:06:59.0425 4944        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:06:59.0447 4944        clr_optimization_v4.0.30319_32 - ok
01:06:59.0476 4944        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:06:59.0489 4944        clr_optimization_v4.0.30319_64 - ok
01:06:59.0543 4944        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\drivers\CmBatt.sys
01:06:59.0606 4944        CmBatt - ok
01:06:59.0669 4944        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\drivers\cmdide.sys
01:06:59.0690 4944        cmdide - ok
01:06:59.0767 4944        CNG            (9ac4f97c2d3e93367e2148ea940cd2cd) C:\Windows\system32\Drivers\cng.sys
01:06:59.0822 4944        CNG - ok
01:06:59.0859 4944        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\drivers\compbatt.sys
01:06:59.0874 4944        Compbatt - ok
01:06:59.0989 4944        CompositeBus    (03edb043586cceba243d689bdda370a8) C:\Windows\system32\drivers\CompositeBus.sys
01:07:00.0048 4944        CompositeBus - ok
01:07:00.0075 4944        COMSysApp - ok
01:07:00.0098 4944        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\drivers\crcdisk.sys
01:07:00.0113 4944        crcdisk - ok
01:07:00.0182 4944        CryptSvc        (4f5414602e2544a4554d95517948b705) C:\Windows\system32\cryptsvc.dll
01:07:00.0260 4944        CryptSvc - ok
01:07:00.0340 4944        DcomLaunch      (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:07:00.0438 4944        DcomLaunch - ok
01:07:00.0483 4944        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
01:07:00.0576 4944        defragsvc - ok
01:07:00.0660 4944        DfsC            (9bb2ef44eaa163b29c4a4587887a0fe4) C:\Windows\system32\Drivers\dfsc.sys
01:07:00.0743 4944        DfsC - ok
01:07:00.0834 4944        Dhcp            (43d808f5d9e1a18e5eeb5ebc83969e4e) C:\Windows\system32\dhcpcore.dll
01:07:00.0897 4944        Dhcp - ok
01:07:00.0981 4944        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
01:07:01.0040 4944        discache - ok
01:07:01.0080 4944        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\drivers\disk.sys
01:07:01.0108 4944        Disk - ok
01:07:01.0175 4944        Dnscache        (16835866aaa693c7d7fceba8fff706e4) C:\Windows\System32\dnsrslvr.dll
01:07:01.0244 4944        Dnscache - ok
01:07:01.0301 4944        dot3svc        (b1fb3ddca0fdf408750d5843591afbc6) C:\Windows\System32\dot3svc.dll
01:07:01.0392 4944        dot3svc - ok
01:07:01.0444 4944        DPS            (b26f4f737e8f9df4f31af6cf31d05820) C:\Windows\system32\dps.dll
01:07:01.0542 4944        DPS - ok
01:07:01.0589 4944        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
01:07:01.0609 4944        drmkaud - ok
01:07:01.0707 4944        DXGKrnl        (f5bee30450e18e6b83a5012c100616fd) C:\Windows\System32\drivers\dxgkrnl.sys
01:07:01.0752 4944        DXGKrnl - ok
01:07:01.0787 4944        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
01:07:01.0885 4944        EapHost - ok
01:07:02.0182 4944        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\drivers\evbda.sys
01:07:02.0291 4944        ebdrv - ok
01:07:02.0425 4944        EFS            (c118a82cd78818c29ab228366ebf81c3) C:\Windows\System32\lsass.exe
01:07:02.0468 4944        EFS - ok
01:07:02.0597 4944        ehRecvr        (c4002b6b41975f057d98c439030cea07) C:\Windows\ehome\ehRecvr.exe
01:07:02.0716 4944        ehRecvr - ok
01:07:02.0737 4944        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
01:07:02.0807 4944        ehSched - ok
01:07:02.0884 4944        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\drivers\elxstor.sys
01:07:02.0918 4944        elxstor - ok
01:07:02.0965 4944        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\drivers\errdev.sys
01:07:03.0056 4944        ErrDev - ok
01:07:03.0120 4944        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
01:07:03.0210 4944        EventSystem - ok
01:07:03.0264 4944        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
01:07:03.0320 4944        exfat - ok
01:07:03.0347 4944        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
01:07:03.0419 4944        fastfat - ok
01:07:03.0537 4944        Fax            (dbefd454f8318a0ef691fdd2eaab44eb) C:\Windows\system32\fxssvc.exe
01:07:03.0640 4944        Fax - ok
01:07:03.0659 4944        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\drivers\fdc.sys
01:07:03.0715 4944        fdc - ok
01:07:03.0765 4944        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
01:07:03.0851 4944        fdPHost - ok
01:07:03.0872 4944        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
01:07:03.0932 4944        FDResPub - ok
01:07:03.0987 4944        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
01:07:04.0014 4944        FileInfo - ok
01:07:04.0032 4944        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
01:07:04.0102 4944        Filetrace - ok
01:07:04.0127 4944        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\drivers\flpydisk.sys
01:07:04.0166 4944        flpydisk - ok
01:07:04.0225 4944        FltMgr          (da6b67270fd9db3697b20fce94950741) C:\Windows\system32\drivers\fltmgr.sys
01:07:04.0259 4944        FltMgr - ok
01:07:04.0370 4944        FontCache      (5c4cb4086fb83115b153e47add961a0c) C:\Windows\system32\FntCache.dll
01:07:04.0485 4944        FontCache - ok
01:07:04.0574 4944        FontCache3.0.0.0 (a8b7f3818ab65695e3a0bb3279f6dce6) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:07:04.0594 4944        FontCache3.0.0.0 - ok
01:07:04.0643 4944        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
01:07:04.0666 4944        FsDepends - ok
01:07:04.0727 4944        fssfltr        (53dab1791917a72738539ad25c4eed7f) C:\Windows\system32\DRIVERS\fssfltr.sys
01:07:04.0746 4944        fssfltr - ok
01:07:04.0878 4944        fsssvc          (206ad9a89bf05dfa1621f1fc7b82592d) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
01:07:04.0921 4944        fsssvc - ok
01:07:05.0000 4944        Fs_Rec          (6bd9295cc032dd3077c671fccf579a7b) C:\Windows\system32\drivers\Fs_Rec.sys
01:07:05.0021 4944        Fs_Rec - ok
01:07:05.0091 4944        fvevol          (1f7b25b858fa27015169fe95e54108ed) C:\Windows\system32\DRIVERS\fvevol.sys
01:07:05.0128 4944        fvevol - ok
01:07:05.0174 4944        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\drivers\gagp30kx.sys
01:07:05.0189 4944        gagp30kx - ok
01:07:05.0274 4944        gpsvc          (277bbc7e1aa1ee957f573a10eca7ef3a) C:\Windows\System32\gpsvc.dll
01:07:05.0360 4944        gpsvc - ok
01:07:05.0526 4944        gupdate        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:07:05.0543 4944        gupdate - ok
01:07:05.0563 4944        gupdatem        (f02a533f517eb38333cb12a9e8963773) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
01:07:05.0574 4944        gupdatem - ok
01:07:05.0602 4944        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
01:07:05.0666 4944        hcw85cir - ok
01:07:05.0763 4944        HdAudAddService (975761c778e33cd22498059b91e7373a) C:\Windows\system32\drivers\HdAudio.sys
01:07:05.0800 4944        HdAudAddService - ok
01:07:05.0838 4944        HDAudBus        (97bfed39b6b79eb12cddbfeed51f56bb) C:\Windows\system32\drivers\HDAudBus.sys
01:07:05.0880 4944        HDAudBus - ok
01:07:05.0982 4944        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\drivers\HidBatt.sys
01:07:06.0031 4944        HidBatt - ok
01:07:06.0068 4944        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\drivers\hidbth.sys
01:07:06.0121 4944        HidBth - ok
01:07:06.0154 4944        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\drivers\hidir.sys
01:07:06.0205 4944        HidIr - ok
01:07:06.0249 4944        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\System32\hidserv.dll
01:07:06.0341 4944        hidserv - ok
01:07:06.0395 4944        HidUsb          (9592090a7e2b61cd582b612b6df70536) C:\Windows\system32\drivers\hidusb.sys
01:07:06.0420 4944        HidUsb - ok
01:07:06.0487 4944        hkmsvc          (387e72e739e15e3d37907a86d9ff98e2) C:\Windows\system32\kmsvc.dll
01:07:06.0582 4944        hkmsvc - ok
01:07:06.0636 4944        HomeGroupListener (efdfb3dd38a4376f93e7985173813abd) C:\Windows\system32\ListSvc.dll
01:07:06.0712 4944        HomeGroupListener - ok
01:07:06.0778 4944        HomeGroupProvider (908acb1f594274965a53926b10c81e89) C:\Windows\system32\provsvc.dll
01:07:06.0833 4944        HomeGroupProvider - ok
01:07:06.0943 4944        HP LaserJet Service (53dca61931847e35c950504bfb7559c6) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
01:07:06.0999 4944        HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
01:07:06.0999 4944        HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
01:07:07.0079 4944        HpSAMD          (39d2abcd392f3d8a6dce7b60ae7b8efc) C:\Windows\system32\drivers\HpSAMD.sys
01:07:07.0107 4944        HpSAMD - ok
01:07:07.0164 4944        HPSIService    (5a539a3cbd6ec1609d5333b486d5f74c) C:\Windows\system32\HPSIsvc.exe
01:07:07.0188 4944        HPSIService - ok
01:07:07.0286 4944        HTTP            (0ea7de1acb728dd5a369fd742d6eee28) C:\Windows\system32\drivers\HTTP.sys
01:07:07.0398 4944        HTTP - ok
01:07:07.0435 4944        hwpolicy        (a5462bd6884960c9dc85ed49d34ff392) C:\Windows\system32\drivers\hwpolicy.sys
01:07:07.0459 4944        hwpolicy - ok
01:07:07.0519 4944        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\drivers\i8042prt.sys
01:07:07.0537 4944        i8042prt - ok
01:07:07.0617 4944        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\drivers\iaStor.sys
01:07:07.0644 4944        iaStor - ok
01:07:07.0730 4944        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
01:07:07.0748 4944        IAStorDataMgrSvc - ok
01:07:07.0840 4944        iaStorV        (aaaf44db3bd0b9d1fb6969b23ecc8366) C:\Windows\system32\drivers\iaStorV.sys
01:07:07.0885 4944        iaStorV - ok
01:07:08.0082 4944        idsvc          (5988fc40f8db5b0739cd1e3a5d0d78bd) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:07:08.0133 4944        idsvc - ok
01:07:08.0179 4944        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\drivers\iirsp.sys
01:07:08.0193 4944        iirsp - ok
01:07:08.0295 4944        IKEEXT          (fcd84c381e0140af901e58d48882d26b) C:\Windows\System32\ikeext.dll
01:07:08.0390 4944        IKEEXT - ok
01:07:08.0446 4944        Impcd          (4ff8a2082d78255d2eb169f986bcc981) C:\Windows\system32\drivers\Impcd.sys
01:07:08.0512 4944        Impcd - ok
01:07:08.0745 4944        IntcAzAudAddService (5f35fe198ee7818221414776f8413ab0) C:\Windows\system32\drivers\RTKVHD64.sys
01:07:08.0834 4944        IntcAzAudAddService - ok
01:07:09.0022 4944        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\drivers\intelide.sys
01:07:09.0043 4944        intelide - ok
01:07:09.0085 4944        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
01:07:09.0128 4944        intelppm - ok
01:07:09.0178 4944        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
01:07:09.0257 4944        IPBusEnum - ok
01:07:09.0334 4944        IpFilterDriver  (c9f0e1bd74365a8771590e9008d22ab6) C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:07:09.0387 4944        IpFilterDriver - ok
01:07:09.0486 4944        iphlpsvc        (a34a587fffd45fa649fba6d03784d257) C:\Windows\System32\iphlpsvc.dll
01:07:09.0549 4944        iphlpsvc - ok
01:07:09.0591 4944        IPMIDRV        (0fc1aea580957aa8817b8f305d18ca3a) C:\Windows\system32\drivers\IPMIDrv.sys
01:07:09.0644 4944        IPMIDRV - ok
01:07:09.0693 4944        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
01:07:09.0775 4944        IPNAT - ok
01:07:09.0804 4944        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
01:07:09.0935 4944        IRENUM - ok
01:07:10.0037 4944        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\drivers\isapnp.sys
01:07:10.0059 4944        isapnp - ok
01:07:10.0116 4944        iScsiPrt        (d931d7309deb2317035b07c9f9e6b0bd) C:\Windows\system32\drivers\msiscsi.sys
01:07:10.0141 4944        iScsiPrt - ok
01:07:10.0168 4944        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\drivers\kbdclass.sys
01:07:10.0182 4944        kbdclass - ok
01:07:10.0210 4944        kbdhid          (0705eff5b42a9db58548eec3b26bb484) C:\Windows\system32\drivers\kbdhid.sys
01:07:10.0254 4944        kbdhid - ok
01:07:10.0327 4944        KeyIso          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:10.0349 4944        KeyIso - ok
01:07:10.0393 4944        KSecDD          (97a7070aea4c058b6418519e869a63b4) C:\Windows\system32\Drivers\ksecdd.sys
01:07:10.0415 4944        KSecDD - ok
01:07:10.0438 4944        KSecPkg        (26c43a7c2862447ec59deda188d1da07) C:\Windows\system32\Drivers\ksecpkg.sys
01:07:10.0460 4944        KSecPkg - ok
01:07:10.0476 4944        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
01:07:10.0560 4944        ksthunk - ok
01:07:10.0613 4944        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
01:07:10.0698 4944        KtmRm - ok
01:07:10.0762 4944        LanmanServer    (d9f42719019740baa6d1c6d536cbdaa6) C:\Windows\System32\srvsvc.dll
01:07:10.0858 4944        LanmanServer - ok
01:07:10.0908 4944        LanmanWorkstation (851a1382eed3e3a7476db004f4ee3e1a) C:\Windows\System32\wkssvc.dll
01:07:11.0032 4944        LanmanWorkstation - ok
01:07:11.0078 4944        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
01:07:11.0150 4944        lltdio - ok
01:07:11.0206 4944        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
01:07:11.0279 4944        lltdsvc - ok
01:07:11.0316 4944        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
01:07:11.0358 4944        lmhosts - ok
01:07:11.0389 4944        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\drivers\lsi_fc.sys
01:07:11.0404 4944        LSI_FC - ok
01:07:11.0420 4944        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\drivers\lsi_sas.sys
01:07:11.0434 4944        LSI_SAS - ok
01:07:11.0441 4944        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\drivers\lsi_sas2.sys
01:07:11.0454 4944        LSI_SAS2 - ok
01:07:11.0462 4944        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\drivers\lsi_scsi.sys
01:07:11.0476 4944        LSI_SCSI - ok
01:07:11.0492 4944        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
01:07:11.0536 4944        luafv - ok
01:07:11.0611 4944        MBAMProtector  (dc8490812a3b72811ae534f423b4c206) C:\Windows\system32\drivers\mbam.sys
01:07:11.0637 4944        MBAMProtector - ok
01:07:11.0751 4944        MBAMService    (43683e970f008c93c9429ef428147a54) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
01:07:11.0792 4944        MBAMService - ok
01:07:11.0847 4944        Mcx2Svc        (0be09cd858abf9df6ed259d57a1a1663) C:\Windows\system32\Mcx2Svc.dll
01:07:11.0898 4944        Mcx2Svc - ok
01:07:11.0959 4944        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\drivers\megasas.sys
01:07:11.0981 4944        megasas - ok
01:07:12.0006 4944        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\drivers\MegaSR.sys
01:07:12.0027 4944        MegaSR - ok
01:07:12.0058 4944        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:07:12.0140 4944        MMCSS - ok
01:07:12.0168 4944        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
01:07:12.0233 4944        Modem - ok
01:07:12.0273 4944        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
01:07:12.0327 4944        monitor - ok
01:07:12.0419 4944        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\drivers\mouclass.sys
01:07:12.0440 4944        mouclass - ok
01:07:12.0485 4944        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\drivers\mouhid.sys
01:07:12.0533 4944        mouhid - ok
01:07:12.0571 4944        mountmgr        (32e7a3d591d671a6df2db515a5cbe0fa) C:\Windows\system32\drivers\mountmgr.sys
01:07:12.0592 4944        mountmgr - ok
01:07:12.0703 4944        MozillaMaintenance (46297fa8e30a6007f14118fc2b942fbc) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:07:12.0725 4944        MozillaMaintenance - ok
01:07:12.0779 4944        mpio            (a44b420d30bd56e145d6a2bc8768ec58) C:\Windows\system32\drivers\mpio.sys
01:07:12.0804 4944        mpio - ok
01:07:12.0840 4944        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
01:07:12.0896 4944        mpsdrv - ok
01:07:13.0016 4944        MpsSvc          (54ffc9c8898113ace189d4aa7199d2c1) C:\Windows\system32\mpssvc.dll
01:07:13.0113 4944        MpsSvc - ok
01:07:13.0156 4944        MRxDAV          (dc722758b8261e1abafd31a3c0a66380) C:\Windows\system32\drivers\mrxdav.sys
01:07:13.0179 4944        MRxDAV - ok
01:07:13.0233 4944        mrxsmb          (a5d9106a73dc88564c825d317cac68ac) C:\Windows\system32\DRIVERS\mrxsmb.sys
01:07:13.0312 4944        mrxsmb - ok
01:07:13.0365 4944        mrxsmb10        (d711b3c1d5f42c0c2415687be09fc163) C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:07:13.0401 4944        mrxsmb10 - ok
01:07:13.0425 4944        mrxsmb20        (9423e9d355c8d303e76b8cfbd8a5c30c) C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:07:13.0438 4944        mrxsmb20 - ok
01:07:13.0495 4944        msahci          (c25f0bafa182cbca2dd3c851c2e75796) C:\Windows\system32\drivers\msahci.sys
01:07:13.0516 4944        msahci - ok
01:07:13.0579 4944        msdsm          (db801a638d011b9633829eb6f663c900) C:\Windows\system32\drivers\msdsm.sys
01:07:13.0607 4944        msdsm - ok
01:07:13.0677 4944        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
01:07:13.0723 4944        MSDTC - ok
01:07:13.0767 4944        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
01:07:13.0826 4944        Msfs - ok
01:07:13.0845 4944        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
01:07:13.0911 4944        mshidkmdf - ok
01:07:13.0951 4944        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\drivers\msisadrv.sys
01:07:13.0977 4944        msisadrv - ok
01:07:14.0007 4944        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
01:07:14.0082 4944        MSiSCSI - ok
01:07:14.0085 4944        msiserver - ok
01:07:14.0133 4944        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
01:07:14.0207 4944        MSKSSRV - ok
01:07:14.0231 4944        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
01:07:14.0315 4944        MSPCLOCK - ok
01:07:14.0318 4944        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
01:07:14.0372 4944        MSPQM - ok
01:07:14.0433 4944        MsRPC          (759a9eeb0fa9ed79da1fb7d4ef78866d) C:\Windows\system32\drivers\MsRPC.sys
01:07:14.0459 4944        MsRPC - ok
01:07:14.0504 4944        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\drivers\mssmbios.sys
01:07:14.0517 4944        mssmbios - ok
01:07:14.0536 4944        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
01:07:14.0601 4944        MSTEE - ok
01:07:14.0627 4944        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\drivers\MTConfig.sys
01:07:14.0641 4944        MTConfig - ok
01:07:14.0658 4944        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
01:07:14.0672 4944        Mup - ok
01:07:14.0731 4944        mvusbews        (8fa52b6049596fe2fdbc8a5e8b14ebfc) C:\Windows\system32\Drivers\mvusbews.sys
01:07:14.0758 4944        mvusbews - ok
01:07:14.0831 4944        napagent        (582ac6d9873e31dfa28a4547270862dd) C:\Windows\system32\qagentRT.dll
01:07:14.0936 4944        napagent - ok
01:07:15.0025 4944        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
01:07:15.0085 4944        NativeWifiP - ok
01:07:15.0204 4944        NDIS            (79b47fd40d9a817e932f9d26fac0a81c) C:\Windows\system32\drivers\ndis.sys
01:07:15.0249 4944        NDIS - ok
01:07:15.0272 4944        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
01:07:15.0351 4944        NdisCap - ok
01:07:15.0386 4944        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
01:07:15.0471 4944        NdisTapi - ok
01:07:15.0553 4944        Ndisuio        (136185f9fb2cc61e573e676aa5402356) C:\Windows\system32\DRIVERS\ndisuio.sys
01:07:15.0644 4944        Ndisuio - ok
01:07:15.0693 4944        NdisWan        (53f7305169863f0a2bddc49e116c2e11) C:\Windows\system32\DRIVERS\ndiswan.sys
01:07:15.0764 4944        NdisWan - ok
01:07:15.0816 4944        NDProxy        (015c0d8e0e0421b4cfd48cffe2825879) C:\Windows\system32\drivers\NDProxy.sys
01:07:15.0893 4944        NDProxy - ok
01:07:15.0968 4944        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
01:07:16.0057 4944        NetBIOS - ok
01:07:16.0109 4944        NetBT          (09594d1089c523423b32a4229263f068) C:\Windows\system32\DRIVERS\netbt.sys
01:07:16.0213 4944        NetBT - ok
01:07:16.0260 4944        Netlogon        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:16.0286 4944        Netlogon - ok
01:07:16.0345 4944        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
01:07:16.0428 4944        Netman - ok
01:07:16.0481 4944        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
01:07:16.0577 4944        netprofm - ok
01:07:16.0648 4944        NetTcpPortSharing (3e5a36127e201ddf663176b66828fafe) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:07:16.0673 4944        NetTcpPortSharing - ok
01:07:16.0717 4944        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\drivers\nfrd960.sys
01:07:16.0733 4944        nfrd960 - ok
01:07:16.0910 4944        NitroReaderDriverReadSpool2 (f8aa2483aa9134b4a75efa9e9b240802) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
01:07:16.0943 4944        NitroReaderDriverReadSpool2 - ok
01:07:17.0041 4944        NlaSvc          (1ee99a89cc788ada662441d1e9830529) C:\Windows\System32\nlasvc.dll
01:07:17.0135 4944        NlaSvc - ok
01:07:17.0202 4944        nmwcd          (5fe6f8c05f0769bbb74afac11453b182) C:\Windows\system32\drivers\ccdcmbx64.sys
01:07:17.0289 4944        nmwcd - ok
01:07:17.0320 4944        nmwcdc          (73c929945c0850b8d1fe2fea05fdf05d) C:\Windows\system32\drivers\ccdcmbox64.sys
01:07:17.0348 4944        nmwcdc - ok
01:07:17.0357 4944        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
01:07:17.0405 4944        Npfs - ok
01:07:17.0434 4944        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
01:07:17.0515 4944        nsi - ok
01:07:17.0552 4944        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
01:07:17.0622 4944        nsiproxy - ok
01:07:17.0768 4944        Ntfs            (a2f74975097f52a00745f9637451fdd8) C:\Windows\system32\drivers\Ntfs.sys
01:07:17.0841 4944        Ntfs - ok
01:07:17.0993 4944        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
01:07:18.0046 4944        Null - ok
01:07:18.0085 4944        NVHDA          (ad37248bd442d41c9a896e53eb8a85ee) C:\Windows\system32\drivers\nvhda64v.sys
01:07:18.0108 4944        NVHDA - ok
01:07:18.0838 4944        nvlddmkm        (ca8447574e9dae22250c723819d3ef96) C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:07:19.0215 4944        nvlddmkm - ok
01:07:19.0434 4944        nvraid          (0a92cb65770442ed0dc44834632f66ad) C:\Windows\system32\drivers\nvraid.sys
01:07:19.0466 4944        nvraid - ok
01:07:19.0488 4944        nvstor          (dab0e87525c10052bf65f06152f37e4a) C:\Windows\system32\drivers\nvstor.sys
01:07:19.0505 4944        nvstor - ok
01:07:19.0576 4944        nvsvc          (ad1e49bceb5d446a271c43bfa8fd71d2) C:\Windows\system32\nvvsvc.exe
01:07:19.0616 4944        nvsvc - ok
01:07:19.0642 4944        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\drivers\nv_agp.sys
01:07:19.0658 4944        nv_agp - ok
01:07:19.0664 4944        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\drivers\ohci1394.sys
01:07:19.0703 4944        ohci1394 - ok
01:07:19.0812 4944        ose            (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:07:19.0836 4944        ose - ok
01:07:20.0223 4944        osppsvc        (61bffb5f57ad12f83ab64b7181829b34) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:07:20.0356 4944        osppsvc - ok
01:07:20.0478 4944        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:07:20.0564 4944        p2pimsvc - ok
01:07:20.0602 4944        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
01:07:20.0630 4944        p2psvc - ok
01:07:20.0688 4944        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\drivers\parport.sys
01:07:20.0715 4944        Parport - ok
01:07:20.0771 4944        partmgr        (e9766131eeade40a27dc27d2d68fba9c) C:\Windows\system32\drivers\partmgr.sys
01:07:20.0797 4944        partmgr - ok
01:07:20.0824 4944        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
01:07:20.0876 4944        PcaSvc - ok
01:07:20.0943 4944        pccsmcfd        (bc0018c2d29f655188a0ed3fa94fdb24) C:\Windows\system32\DRIVERS\pccsmcfdx64.sys
01:07:21.0014 4944        pccsmcfd - ok
01:07:21.0069 4944        pci            (94575c0571d1462a0f70bde6bd6ee6b3) C:\Windows\system32\drivers\pci.sys
01:07:21.0096 4944        pci - ok
01:07:21.0116 4944        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\drivers\pciide.sys
01:07:21.0131 4944        pciide - ok
01:07:21.0165 4944        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\drivers\pcmcia.sys
01:07:21.0187 4944        pcmcia - ok
01:07:21.0204 4944        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
01:07:21.0218 4944        pcw - ok
01:07:21.0266 4944        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
01:07:21.0361 4944        PEAUTH - ok
01:07:21.0438 4944        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
01:07:21.0482 4944        PerfHost - ok
01:07:21.0631 4944        pla            (c7cf6a6e137463219e1259e3f0f0dd6c) C:\Windows\system32\pla.dll
01:07:21.0712 4944        pla - ok
01:07:21.0806 4944        PlugPlay        (25fbdef06c4d92815b353f6e792c8129) C:\Windows\system32\umpnpmgr.dll
01:07:21.0842 4944        PlugPlay - ok
01:07:21.0971 4944        PMBDeviceInfoProvider (627fa58adc043704f9d14ca44340956f) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
01:07:22.0003 4944        PMBDeviceInfoProvider - ok
01:07:22.0020 4944        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
01:07:22.0055 4944        PNRPAutoReg - ok
01:07:22.0101 4944        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
01:07:22.0121 4944        PNRPsvc - ok
01:07:22.0193 4944        PolicyAgent    (4f15d75adf6156bf56eced6d4a55c389) C:\Windows\System32\ipsecsvc.dll
01:07:22.0290 4944        PolicyAgent - ok
01:07:22.0325 4944        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
01:07:22.0400 4944        Power - ok
01:07:22.0499 4944        PptpMiniport    (f92a2c41117a11a00be01ca01a7fcde9) C:\Windows\system32\DRIVERS\raspptp.sys
01:07:22.0586 4944        PptpMiniport - ok
01:07:22.0628 4944        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\drivers\processr.sys
01:07:22.0678 4944        Processor - ok
01:07:22.0738 4944        ProfSvc        (53e83f1f6cf9d62f32801cf66d8352a8) C:\Windows\system32\profsvc.dll
01:07:22.0834 4944        ProfSvc - ok
01:07:22.0883 4944        ProtectedStorage (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:22.0908 4944        ProtectedStorage - ok
01:07:22.0965 4944        Psched          (0557cf5a2556bd58e26384169d72438d) C:\Windows\system32\DRIVERS\pacer.sys
01:07:23.0038 4944        Psched - ok
01:07:23.0085 4944        PxHlpa64        (aed797cca02783296c68aa10d0cff8a9) C:\Windows\system32\Drivers\PxHlpa64.sys
01:07:23.0105 4944        PxHlpa64 - ok
01:07:23.0223 4944        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\drivers\ql2300.sys
01:07:23.0283 4944        ql2300 - ok
01:07:23.0394 4944        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\drivers\ql40xx.sys
01:07:23.0418 4944        ql40xx - ok
01:07:23.0451 4944        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
01:07:23.0478 4944        QWAVE - ok
01:07:23.0492 4944        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
01:07:23.0551 4944        QWAVEdrv - ok
01:07:23.0577 4944        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
01:07:23.0659 4944        RasAcd - ok
01:07:23.0708 4944        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
01:07:23.0767 4944        RasAgileVpn - ok
01:07:23.0778 4944        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
01:07:23.0843 4944        RasAuto - ok
01:07:23.0885 4944        Rasl2tp        (471815800ae33e6f1c32fb1b97c490ca) C:\Windows\system32\DRIVERS\rasl2tp.sys
01:07:24.0023 4944        Rasl2tp - ok
01:07:24.0124 4944        RasMan          (ee867a0870fc9e4972ba9eaad35651e2) C:\Windows\System32\rasmans.dll
01:07:24.0209 4944        RasMan - ok
01:07:24.0252 4944        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
01:07:24.0342 4944        RasPppoe - ok
01:07:24.0372 4944        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
01:07:24.0462 4944        RasSstp - ok
01:07:24.0521 4944        rdbss          (77f665941019a1594d887a74f301fa2f) C:\Windows\system32\DRIVERS\rdbss.sys
01:07:24.0618 4944        rdbss - ok
01:07:24.0648 4944        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\drivers\rdpbus.sys
01:07:24.0699 4944        rdpbus - ok
01:07:24.0732 4944        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
01:07:24.0789 4944        RDPCDD - ok
01:07:24.0796 4944        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
01:07:24.0863 4944        RDPENCDD - ok
01:07:24.0888 4944        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
01:07:24.0935 4944        RDPREFMP - ok
01:07:24.0979 4944        RDPWD          (e61608aa35e98999af9aaeeea6114b0a) C:\Windows\system32\drivers\RDPWD.sys
01:07:25.0034 4944        RDPWD - ok
01:07:25.0115 4944        rdyboost        (34ed295fa0121c241bfef24764fc4520) C:\Windows\system32\drivers\rdyboost.sys
01:07:25.0144 4944        rdyboost - ok
01:07:25.0177 4944        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
01:07:25.0262 4944        RemoteAccess - ok
01:07:25.0299 4944        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
01:07:25.0382 4944        RemoteRegistry - ok
01:07:25.0439 4944        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
01:07:25.0494 4944        RFCOMM - ok
01:07:25.0556 4944        rimspci        (5ca4abd888b602551b59baa26941c167) C:\Windows\system32\drivers\rimssne64.sys
01:07:25.0610 4944        rimspci - ok
01:07:25.0641 4944        risdsnpe        (bb6e138aeb351728959da5e2731d8140) C:\Windows\system32\drivers\risdsne64.sys
01:07:25.0706 4944        risdsnpe - ok
01:07:25.0788 4944        Roxio UPnP Renderer 10 (d151224bc11078895a60fa970728ff59) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
01:07:25.0820 4944        Roxio UPnP Renderer 10 - ok
01:07:25.0858 4944        Roxio Upnp Server 10 (5022a927944878bd750960bd21e751af) C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
01:07:25.0885 4944        Roxio Upnp Server 10 - ok
01:07:25.0911 4944        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
01:07:25.0981 4944        RpcEptMapper - ok
01:07:26.0020 4944        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
01:07:26.0064 4944        RpcLocator - ok
01:07:26.0132 4944        RpcSs          (5c627d1b1138676c0a7ab2c2c190d123) C:\Windows\system32\rpcss.dll
01:07:26.0217 4944        RpcSs - ok
01:07:26.0281 4944        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
01:07:26.0368 4944        rspndr - ok
01:07:26.0461 4944        SamSs          (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:26.0487 4944        SamSs - ok
01:07:26.0536 4944        sbp2port        (ac03af3329579fffb455aa2daabbe22b) C:\Windows\system32\drivers\sbp2port.sys
01:07:26.0553 4944        sbp2port - ok
01:07:26.0585 4944        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
01:07:26.0656 4944        SCardSvr - ok
01:07:26.0698 4944        scfilter        (253f38d0d7074c02ff8deb9836c97d2b) C:\Windows\system32\DRIVERS\scfilter.sys
01:07:26.0791 4944        scfilter - ok
01:07:26.0909 4944        Schedule        (262f6592c3299c005fd6bec90fc4463a) C:\Windows\system32\schedsvc.dll
01:07:26.0990 4944        Schedule - ok
01:07:27.0038 4944        SCPolicySvc    (f17d1d393bbc69c5322fbfafaca28c7f) C:\Windows\System32\certprop.dll
01:07:27.0083 4944        SCPolicySvc - ok
01:07:27.0159 4944        sdbus          (111e0ebc0ad79cb0fa014b907b231cf0) C:\Windows\system32\drivers\sdbus.sys
01:07:27.0204 4944        sdbus - ok
01:07:27.0253 4944        SDRSVC          (6ea4234dc55346e0709560fe7c2c1972) C:\Windows\System32\SDRSVC.dll
01:07:27.0329 4944        SDRSVC - ok
01:07:27.0362 4944        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
01:07:27.0441 4944        secdrv - ok
01:07:27.0494 4944        seclogon        (bc617a4e1b4fa8df523a061739a0bd87) C:\Windows\system32\seclogon.dll
01:07:27.0583 4944        seclogon - ok
01:07:27.0632 4944        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\system32\sens.dll
01:07:27.0726 4944        SENS - ok
01:07:27.0762 4944        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
01:07:27.0792 4944        SensrSvc - ok
01:07:27.0821 4944        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\drivers\serenum.sys
01:07:27.0836 4944        Serenum - ok
01:07:27.0851 4944        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\drivers\serial.sys
01:07:27.0889 4944        Serial - ok
01:07:27.0965 4944        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\drivers\sermouse.sys
01:07:28.0015 4944        sermouse - ok
01:07:28.0158 4944        ServiceLayer    (c15b813f2fdb44f87f23312472c6e790) C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe
01:07:28.0200 4944        ServiceLayer - ok
01:07:28.0261 4944        SessionEnv      (0b6231bf38174a1628c4ac812cc75804) C:\Windows\system32\sessenv.dll
01:07:28.0341 4944        SessionEnv - ok
01:07:28.0367 4944        SFEP            (70f9c476b62de4f2823e918a6c181ade) C:\Windows\system32\drivers\SFEP.sys
01:07:28.0434 4944        SFEP - ok
01:07:28.0480 4944        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
01:07:28.0549 4944        sffdisk - ok
01:07:28.0566 4944        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
01:07:28.0615 4944        sffp_mmc - ok
01:07:28.0644 4944        sffp_sd        (dd85b78243a19b59f0637dcf284da63c) C:\Windows\system32\drivers\sffp_sd.sys
01:07:28.0692 4944        sffp_sd - ok
01:07:28.0722 4944        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
01:07:28.0758 4944        sfloppy - ok
01:07:28.0842 4944        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
01:07:28.0942 4944        SharedAccess - ok
01:07:29.0009 4944        ShellHWDetection (aaf932b4011d14052955d4b212a4da8d) C:\Windows\System32\shsvcs.dll
01:07:29.0104 4944        ShellHWDetection - ok
01:07:29.0141 4944        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\drivers\SiSRaid2.sys
01:07:29.0153 4944        SiSRaid2 - ok
01:07:29.0178 4944        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\drivers\sisraid4.sys
01:07:29.0193 4944        SiSRaid4 - ok
01:07:29.0209 4944        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
01:07:29.0299 4944        Smb - ok
01:07:29.0354 4944        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
01:07:29.0394 4944        SNMPTRAP - ok
01:07:29.0498 4944        SOHCImp        (c3e69db0a4e59564230e053232f39ac7) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
01:07:29.0516 4944        SOHCImp - ok
01:07:29.0573 4944        SOHDms          (65cc4779a29c3e82b987bd4961790dff) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
01:07:29.0603 4944        SOHDms - ok
01:07:29.0620 4944        SOHDs          (f47d75cee1844eef4a9ea6ee768828fb) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
01:07:29.0630 4944        SOHDs - ok
01:07:29.0743 4944        SpfService      (65e5659e9c2a0762d05657c0e22a7ca2) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
01:07:29.0768 4944        SpfService - ok
01:07:29.0793 4944        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
01:07:29.0807 4944        spldr - ok
01:07:29.0891 4944        Spooler        (b96c17b5dc1424d56eea3a99e97428cd) C:\Windows\System32\spoolsv.exe
01:07:29.0964 4944        Spooler - ok
01:07:30.0235 4944        sppsvc          (e17e0188bb90fae42d83e98707efa59c) C:\Windows\system32\sppsvc.exe
01:07:30.0407 4944        sppsvc - ok
01:07:30.0506 4944        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
01:07:30.0584 4944        sppuinotify - ok
01:07:30.0686 4944        srv            (441fba48bff01fdb9d5969ebc1838f0b) C:\Windows\system32\DRIVERS\srv.sys
01:07:30.0765 4944        srv - ok
01:07:30.0835 4944        srv2            (b4adebbf5e3677cce9651e0f01f7cc28) C:\Windows\system32\DRIVERS\srv2.sys
01:07:30.0893 4944        srv2 - ok
01:07:30.0945 4944        srvnet          (27e461f0be5bff5fc737328f749538c3) C:\Windows\system32\DRIVERS\srvnet.sys
01:07:30.0985 4944        srvnet - ok
01:07:31.0038 4944        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
01:07:31.0127 4944        SSDPSRV - ok
01:07:31.0157 4944        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
01:07:31.0205 4944        SstpSvc - ok
01:07:31.0229 4944        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\drivers\stexstor.sys
01:07:31.0242 4944        stexstor - ok
01:07:31.0332 4944        stisvc          (8dd52e8e6128f4b2da92ce27402871c1) C:\Windows\System32\wiaservc.dll
01:07:31.0383 4944        stisvc - ok
01:07:31.0421 4944        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\drivers\swenum.sys
01:07:31.0435 4944        swenum - ok
01:07:31.0480 4944        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
01:07:31.0569 4944        swprv - ok
01:07:31.0639 4944        SynTP          (8f63178d1db81bb79270ae55ecdd8321) C:\Windows\system32\DRIVERS\SynTP.sys
01:07:31.0670 4944        SynTP - ok
01:07:31.0840 4944        SysMain        (bf9ccc0bf39b418c8d0ae8b05cf95b7d) C:\Windows\system32\sysmain.dll
01:07:31.0937 4944        SysMain - ok
01:07:32.0079 4944        TabletInputService (e3c61fd7b7c2557e1f1b0b4cec713585) C:\Windows\System32\TabSvc.dll
01:07:32.0121 4944        TabletInputService - ok
01:07:32.0152 4944        TapiSrv        (40f0849f65d13ee87b9a9ae3c1dd6823) C:\Windows\System32\tapisrv.dll
01:07:32.0227 4944        TapiSrv - ok
01:07:32.0264 4944        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
01:07:32.0335 4944        TBS - ok
01:07:32.0540 4944        Tcpip          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\drivers\tcpip.sys
01:07:32.0605 4944        Tcpip - ok
01:07:32.0875 4944        TCPIP6          (acb82bda8f46c84f465c1afa517dc4b9) C:\Windows\system32\DRIVERS\tcpip.sys
01:07:32.0925 4944        TCPIP6 - ok
01:07:33.0058 4944        tcpipreg        (df687e3d8836bfb04fcc0615bf15a519) C:\Windows\system32\drivers\tcpipreg.sys
01:07:33.0142 4944        tcpipreg - ok
01:07:33.0186 4944        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
01:07:33.0254 4944        TDPIPE - ok
01:07:33.0306 4944        TDTCP          (51c5eceb1cdee2468a1748be550cfbc8) C:\Windows\system32\drivers\tdtcp.sys
01:07:33.0350 4944        TDTCP - ok
01:07:33.0401 4944        tdx            (ddad5a7ab24d8b65f8d724f5c20fd806) C:\Windows\system32\DRIVERS\tdx.sys
01:07:33.0463 4944        tdx - ok
01:07:33.0534 4944        TermDD          (561e7e1f06895d78de991e01dd0fb6e5) C:\Windows\system32\drivers\termdd.sys
01:07:33.0547 4944        TermDD - ok
01:07:33.0610 4944        TermService    (2e648163254233755035b46dd7b89123) C:\Windows\System32\termsrv.dll
01:07:33.0681 4944        TermService - ok
01:07:33.0701 4944        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
01:07:33.0745 4944        Themes - ok
01:07:33.0793 4944        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
01:07:33.0856 4944        THREADORDER - ok
01:07:33.0870 4944        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
01:07:33.0939 4944        TrkWks - ok
01:07:34.0021 4944        TrustedInstaller (773212b2aaa24c1e31f10246b15b276c) C:\Windows\servicing\TrustedInstaller.exe
01:07:34.0100 4944        TrustedInstaller - ok
01:07:34.0152 4944        tssecsrv        (ce18b2cdfc837c99e5fae9ca6cba5d30) C:\Windows\system32\DRIVERS\tssecsrv.sys
01:07:34.0214 4944        tssecsrv - ok
01:07:34.0287 4944        TsUsbFlt        (d11c783e3ef9a3c52c0ebe83cc5000e9) C:\Windows\system32\drivers\tsusbflt.sys
01:07:34.0358 4944        TsUsbFlt - ok
01:07:34.0440 4944        tunnel          (3566a8daafa27af944f5d705eaa64894) C:\Windows\system32\DRIVERS\tunnel.sys
01:07:34.0535 4944        tunnel - ok
01:07:34.0574 4944        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\drivers\uagp35.sys
01:07:34.0588 4944        uagp35 - ok
01:07:34.0660 4944        uCamMonitor    (63f6d08c54d5b3c1b12a6172032055c7) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
01:07:34.0682 4944        uCamMonitor - ok
01:07:34.0747 4944        udfs            (ff4232a1a64012baa1fd97c7b67df593) C:\Windows\system32\DRIVERS\udfs.sys
01:07:34.0846 4944        udfs - ok
01:07:34.0894 4944        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
01:07:34.0922 4944        UI0Detect - ok
01:07:34.0989 4944        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\drivers\uliagpkx.sys
01:07:35.0016 4944        uliagpkx - ok
01:07:35.0072 4944        umbus          (dc54a574663a895c8763af0fa1ff7561) C:\Windows\system32\drivers\umbus.sys
01:07:35.0120 4944        umbus - ok
01:07:35.0161 4944        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\drivers\umpass.sys
01:07:35.0208 4944        UmPass - ok
01:07:35.0269 4944        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
01:07:35.0367 4944        upnphost - ok
01:07:35.0417 4944        upperdev        (34afb83c7bba370e404e52cc2290350c) C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
01:07:35.0478 4944        upperdev - ok
01:07:35.0550 4944        USBAAPL64      (aa33fc47ed58c34e6e9261e4f850b7eb) C:\Windows\system32\Drivers\usbaapl64.sys
01:07:35.0578 4944        USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
01:07:35.0578 4944        USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
01:07:35.0628 4944        usbccgp        (6f1a3157a1c89435352ceb543cdb359c) C:\Windows\system32\DRIVERS\usbccgp.sys
01:07:35.0700 4944        usbccgp - ok
01:07:35.0761 4944        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\drivers\usbcir.sys
01:07:35.0793 4944        usbcir - ok
01:07:35.0807 4944        usbehci        (c025055fe7b87701eb042095df1a2d7b) C:\Windows\system32\drivers\usbehci.sys
01:07:35.0850 4944        usbehci - ok
01:07:35.0901 4944        usbhub          (287c6c9410b111b68b52ca298f7b8c24) C:\Windows\system32\DRIVERS\usbhub.sys
01:07:35.0947 4944        usbhub - ok
01:07:35.0985 4944        usbohci        (9840fc418b4cbd632d3d0a667a725c31) C:\Windows\system32\drivers\usbohci.sys
01:07:36.0029 4944        usbohci - ok
01:07:36.0073 4944        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
01:07:36.0121 4944        usbprint - ok
01:07:36.0161 4944        usbscan        (aaa2513c8aed8b54b189fd0c6b1634c0) C:\Windows\system32\DRIVERS\usbscan.sys
01:07:36.0187 4944        usbscan - ok
01:07:36.0245 4944        usbser          (4acee387fa8fd39f83564fcd2fc234f2) C:\Windows\system32\drivers\usbser.sys
01:07:36.0327 4944        usbser - ok
01:07:36.0363 4944        UsbserFilt      (aa75e1efbee7186b4cbaaacf1f15e6ca) C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
01:07:36.0431 4944        UsbserFilt - ok
01:07:36.0477 4944        USBSTOR        (fed648b01349a3c8395a5169db5fb7d6) C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:07:36.0549 4944        USBSTOR - ok
01:07:36.0596 4944        usbuhci        (62069a34518bcf9c1fd9e74b3f6db7cd) C:\Windows\system32\drivers\usbuhci.sys
01:07:36.0642 4944        usbuhci - ok
01:07:36.0736 4944        usbvideo        (454800c2bc7f3927ce030141ee4f4c50) C:\Windows\System32\Drivers\usbvideo.sys
01:07:36.0768 4944        usbvideo - ok
01:07:36.0797 4944        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
01:07:36.0865 4944        UxSms - ok
01:07:36.0947 4944        VAIO Entertainment TV Device Arbitration Service (8e68e4aa2d7abbf7c9159d9d2a38ae0f) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
01:07:36.0965 4944        VAIO Entertainment TV Device Arbitration Service - ok
01:07:37.0062 4944        VAIO Event Service (6b31c9cb94927dbeeb62e15275f4cc54) C:\Program Files (x86)\SONY\VAIO Event Service\VESMgr.exe
01:07:37.0082 4944        VAIO Event Service - ok
01:07:37.0196 4944        VAIO Power Management (b8c9a7010afd5cbbe194cb9ef7c4fd14) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
01:07:37.0230 4944        VAIO Power Management - ok
01:07:37.0284 4944        VaultSvc        (c118a82cd78818c29ab228366ebf81c3) C:\Windows\system32\lsass.exe
01:07:37.0308 4944        VaultSvc - ok
01:07:37.0425 4944        VCFw            (d00058c1fff3f3de990444a5734e9639) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
01:07:37.0474 4944        VCFw - ok
01:07:37.0620 4944        VcmIAlzMgr      (f19275655b42086c884abcdae2c659ae) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
01:07:37.0674 4944        VcmIAlzMgr - ok
01:07:37.0751 4944        VcmINSMgr      (cbb9f0d1017e0bed4cb5bbc0ebf26dc1) C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
01:07:37.0786 4944        VcmINSMgr - ok
01:07:37.0914 4944        VcmXmlIfHelper  (32a3735f6874b7783c6209ed5ca36d9d) C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
01:07:37.0934 4944        VcmXmlIfHelper - ok
01:07:38.0013 4944        VCService      (d347d3abe070aa09c22fc37121555d52) C:\Program Files\Sony\VAIO Care\VCService.exe
01:07:38.0031 4944        VCService - ok
01:07:38.0169 4944        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\drivers\vdrvroot.sys
01:07:38.0191 4944        vdrvroot - ok
01:07:38.0270 4944        vds            (8d6b481601d01a456e75c3210f1830be) C:\Windows\System32\vds.exe
01:07:38.0381 4944        vds - ok
01:07:38.0423 4944        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
01:07:38.0439 4944        vga - ok
01:07:38.0458 4944        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
01:07:38.0519 4944        VgaSave - ok
01:07:38.0581 4944        vhdmp          (2ce2df28c83aeaf30084e1b1eb253cbb) C:\Windows\system32\drivers\vhdmp.sys
01:07:38.0613 4944        vhdmp - ok
01:07:38.0626 4944        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\drivers\viaide.sys
01:07:38.0642 4944        viaide - ok
01:07:38.0661 4944        volmgr          (d2aafd421940f640b407aefaaebd91b0) C:\Windows\system32\drivers\volmgr.sys
01:07:38.0676 4944        volmgr - ok
01:07:38.0750 4944        volmgrx        (a255814907c89be58b79ef2f189b843b) C:\Windows\system32\drivers\volmgrx.sys
01:07:38.0787 4944        volmgrx - ok
01:07:38.0827 4944        volsnap        (0d08d2f3b3ff84e433346669b5e0f639) C:\Windows\system32\drivers\volsnap.sys
01:07:38.0848 4944        volsnap - ok
01:07:38.0945 4944        vpnagent        (caafa2333b428a12bfa97ecd389f59c5) C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnagent.exe
01:07:38.0979 4944        vpnagent - ok
01:07:39.0004 4944        vpnva          (e526a69d932538ae8bc96b3f4a5a90b1) C:\Windows\system32\DRIVERS\vpnva64.sys
01:07:39.0013 4944        vpnva - ok
01:07:39.0046 4944        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\drivers\vsmraid.sys
01:07:39.0063 4944        vsmraid - ok
01:07:39.0216 4944        VSNService      (047f22bdfdae6df6f1e47e747a1237a2) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
01:07:39.0271 4944        VSNService ( UnsignedFile.Multi.Generic ) - warning
01:07:39.0272 4944        VSNService - detected UnsignedFile.Multi.Generic (1)
01:07:39.0418 4944        VSS            (b60ba0bc31b0cb414593e169f6f21cc2) C:\Windows\system32\vssvc.exe
01:07:39.0529 4944        VSS - ok
01:07:39.0780 4944        VUAgent        (fb4a1695d2d74f9c92ca5e84795cdbe1) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
01:07:39.0847 4944        VUAgent - ok
01:07:39.0959 4944        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
01:07:40.0016 4944        vwifibus - ok
01:07:40.0059 4944        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
01:07:40.0079 4944        vwififlt - ok
01:07:40.0099 4944        vwifimp        (6a638fc4bfddc4d9b186c28c91bd1a01) C:\Windows\system32\DRIVERS\vwifimp.sys
01:07:40.0119 4944        vwifimp - ok
01:07:40.0164 4944        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
01:07:40.0242 4944        W32Time - ok
01:07:40.0283 4944        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\drivers\wacompen.sys
01:07:40.0332 4944        WacomPen - ok
01:07:40.0422 4944        WANARP          (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:40.0516 4944        WANARP - ok
01:07:40.0520 4944        Wanarpv6        (356afd78a6ed4457169241ac3965230c) C:\Windows\system32\DRIVERS\wanarp.sys
01:07:40.0567 4944        Wanarpv6 - ok
01:07:40.0724 4944        WatAdminSvc    (3cec96de223e49eaae3651fcf8faea6c) C:\Windows\system32\Wat\WatAdminSvc.exe
01:07:40.0788 4944        WatAdminSvc - ok
01:07:40.0911 4944        wbengine        (78f4e7f5c56cb9716238eb57da4b6a75) C:\Windows\system32\wbengine.exe
01:07:41.0008 4944        wbengine - ok
01:07:41.0111 4944        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
01:07:41.0156 4944        WbioSrvc - ok
01:07:41.0209 4944        wcncsvc        (7368a2afd46e5a4481d1de9d14848edd) C:\Windows\System32\wcncsvc.dll
01:07:41.0264 4944        wcncsvc - ok
01:07:41.0286 4944        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
01:07:41.0318 4944        WcsPlugInService - ok
01:07:41.0362 4944        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\drivers\wd.sys
01:07:41.0376 4944        Wd - ok
01:07:41.0435 4944        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
01:07:41.0472 4944        Wdf01000 - ok
01:07:41.0490 4944        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:07:41.0610 4944        WdiServiceHost - ok
01:07:41.0616 4944        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
01:07:41.0638 4944        WdiSystemHost - ok
01:07:41.0703 4944        WebClient      (3db6d04e1c64272f8b14eb8bc4616280) C:\Windows\System32\webclnt.dll
01:07:41.0778 4944        WebClient - ok
01:07:41.0827 4944        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
01:07:41.0926 4944        Wecsvc - ok
01:07:41.0951 4944        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
01:07:42.0021 4944        wercplsupport - ok
01:07:42.0059 4944        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
01:07:42.0105 4944        WerSvc - ok
01:07:42.0170 4944        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
01:07:42.0219 4944        WfpLwf - ok
01:07:42.0237 4944        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
01:07:42.0250 4944        WIMMount - ok
01:07:42.0279 4944        WinDefend - ok
01:07:42.0285 4944        WinHttpAutoProxySvc - ok
01:07:42.0355 4944        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
01:07:42.0457 4944        Winmgmt - ok
01:07:42.0627 4944        WinRM          (bcb1310604aa415c4508708975b3931e) C:\Windows\system32\WsmSvc.dll
01:07:42.0746 4944        WinRM - ok
01:07:42.0921 4944        WinUsb          (fe88b288356e7b47b74b13372add906d) C:\Windows\system32\DRIVERS\WinUsb.sys
01:07:42.0977 4944        WinUsb - ok
01:07:43.0072 4944        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
01:07:43.0146 4944        Wlansvc - ok
01:07:43.0216 4944        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\drivers\wmiacpi.sys
01:07:43.0263 4944        WmiAcpi - ok
01:07:43.0342 4944        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
01:07:43.0388 4944        wmiApSrv - ok
01:07:43.0433 4944        WMPNetworkSvc - ok
01:07:43.0468 4944        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
01:07:43.0497 4944        WPCSvc - ok
01:07:43.0549 4944        WPDBusEnum      (93221146d4ebbf314c29b23cd6cc391d) C:\Windows\system32\wpdbusenum.dll
01:07:43.0567 4944        WPDBusEnum - ok
01:07:43.0601 4944        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
01:07:43.0647 4944        ws2ifsl - ok
01:07:43.0663 4944        wscsvc          (e8b1fe6669397d1772d8196df0e57a9e) C:\Windows\system32\wscsvc.dll
01:07:43.0710 4944        wscsvc - ok
01:07:43.0713 4944        WSearch - ok
01:07:43.0914 4944        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
01:07:43.0990 4944        wuauserv - ok
01:07:44.0114 4944        WudfPf          (d3381dc54c34d79b22cee0d65ba91b7c) C:\Windows\system32\drivers\WudfPf.sys
01:07:44.0201 4944        WudfPf - ok
01:07:44.0232 4944        WUDFRd          (cf8d590be3373029d57af80914190682) C:\Windows\system32\DRIVERS\WUDFRd.sys
01:07:44.0276 4944        WUDFRd - ok
01:07:44.0322 4944        wudfsvc        (7a95c95b6c4cf292d689106bcae49543) C:\Windows\System32\WUDFSvc.dll
01:07:44.0368 4944        wudfsvc - ok
01:07:44.0412 4944        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
01:07:44.0462 4944        WwanSvc - ok
01:07:44.0537 4944        yukonw7        (64f88af327aa74e03658ae32b48ccb8b) C:\Windows\system32\DRIVERS\yk62x64.sys
01:07:44.0631 4944        yukonw7 - ok
01:07:44.0702 4944        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
01:07:45.0197 4944        \Device\Harddisk0\DR0 - ok
01:07:45.0206 4944        MBR (0x1B8)    (250f0789d9bc08602a1c1f29da8ac4ea) \Device\Harddisk2\DR2
01:08:09.0918 4944        \Device\Harddisk2\DR2 - ok
01:08:09.0921 4944        Boot (0x1200)  (63a9f81904866df5d46ca81628bf281f) \Device\Harddisk0\DR0\Partition0
01:08:09.0922 4944        \Device\Harddisk0\DR0\Partition0 - ok
01:08:09.0941 4944        Boot (0x1200)  (52e966cea2b7678b7caffd7475f9c64d) \Device\Harddisk0\DR0\Partition1
01:08:09.0942 4944        \Device\Harddisk0\DR0\Partition1 - ok
01:08:09.0970 4944        Boot (0x1200)  (a4525b2cb799c0c568d50d420b9df666) \Device\Harddisk0\DR0\Partition2
01:08:09.0972 4944        \Device\Harddisk0\DR0\Partition2 - ok
01:08:09.0973 4944        ============================================================
01:08:09.0973 4944        Scan finished
01:08:09.0973 4944        ============================================================
01:08:09.0982 5232        Detected object count: 3
01:08:09.0982 5232        Actual detected object count: 3
01:08:53.0400 5232        HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0400 5232        HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:08:53.0401 5232        USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0401 5232        USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
01:08:53.0402 5232        VSNService ( UnsignedFile.Multi.Generic ) - skipped by user
01:08:53.0402 5232        VSNService ( UnsignedFile.Multi.Generic ) - User select action: Skip


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:15 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131