Trojaner-Board - GVU trojaner

Hi
danke für das schnelle reagieren.

Hier der OLT.TxtOTL Logfile:

Code:

OTL logfile created on: 18.01.2013 18:29:26 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jürgen_2\Desktop

 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,24% Memory free

6,00 Gb Paging File | 5,43 Gb Available in Paging File | 90,57% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465,66 Gb Total Space | 105,38 Gb Free Space | 22,63% Space Free | Partition Type: NTFS

Drive D: | 41,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 1,86 Gb Total Space | 0,43 Gb Free Space | 23,04% Space Free | Partition Type: FAT32

Drive G: | 1863,01 Gb Total Space | 601,50 Gb Free Space | 32,29% Space Free | Partition Type: NTFS

 

Computer Name: JÜRGEN-PC | User Name: Jürgen | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2013.01.18 18:18:48 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jürgen_2\Desktop\OTL.exe

PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe

 

 
 ========== Modules (No Company Name) ==========

 

 
 ========== Services (SafeList) ==========

 

SRV - [2013.01.08 22:17:22 | 000,251,400 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013.01.05 04:44:06 | 000,115,760 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.12.29 11:26:54 | 001,260,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.12.29 02:53:20 | 000,383,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.09.07 19:26:00 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)

SRV - [2012.09.07 19:25:55 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Programme\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)

SRV - [2012.08.28 07:41:08 | 000,092,632 | ---- | M] (TomTom) [Auto | Stopped] -- C:\Programme\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2012.07.25 09:46:44 | 001,326,176 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\psia.exe -- (Secunia PSI Agent)

SRV - [2012.07.25 09:46:42 | 000,681,056 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Programme\Secunia\PSI\sua.exe -- (Secunia Update Agent)

SRV - [2011.04.20 04:56:47 | 000,083,240 | ---- | M] () [Auto | Stopped] -- C:\Programme\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe -- (CLHNServiceForPowerDVD)

SRV - [2010.11.20 22:29:49 | 001,121,792 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Windows Media Player\wmpnetwk.exe -- (WMPNetworkSvc)

SRV - [2010.10.29 15:59:40 | 000,517,416 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Programme\Nero\Nero MediaHome 4\NMMediaServerService.exe -- (NeroMediaHomeService.4)

SRV - [2010.01.21 00:52:14 | 000,167,528 | ---- | M] () [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)

SRV - [2010.01.21 00:52:12 | 000,370,792 | ---- | M] () [Auto | Stopped] -- C:\Programme\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)

SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)

SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)

SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Windows Defender\MpSvc.dll -- (WinDefend)

SRV - [2009.04.17 09:09:46 | 000,935,208 | ---- | M] (Nero AG) [Auto | Stopped] -- C:\Programme\Common Files\Nero\Nero BackItUp 4\NBService.exe -- (Nero BackItUp Scheduler 4.0)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\athr.sys -- (athr)

DRV - [2012.12.29 11:26:54 | 008,904,632 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)

DRV - [2012.09.20 05:35:36 | 000,181,344 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)

DRV - [2012.09.20 05:35:36 | 000,083,168 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)

DRV - [2012.09.07 19:26:05 | 000,137,928 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)

DRV - [2012.09.07 19:26:05 | 000,083,392 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)

DRV - [2012.09.07 19:26:05 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)

DRV - [2012.07.03 16:25:17 | 000,149,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)

DRV - [2012.06.27 09:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)

DRV - [2012.06.27 09:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)

DRV - [2012.06.27 09:37:56 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)

DRV - [2012.06.27 09:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)

DRV - [2011.04.20 04:56:48 | 000,071,664 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Stopped] -- C:\Programme\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys -- (ntk_PowerDVD)

DRV - [2011.04.13 17:30:04 | 000,161,024 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3xhc.sys -- (nusb3xhc)

DRV - [2011.04.13 17:30:02 | 000,067,456 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nusb3hub.sys -- (nusb3hub)

DRV - [2010.11.20 22:29:34 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV - [2010.11.20 22:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV - [2010.11.20 22:29:03 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)

DRV - [2010.11.20 22:29:03 | 000,112,640 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\tsusbhub.sys -- (tsusbhub)

DRV - [2010.11.20 22:29:03 | 000,077,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV - [2010.11.20 22:29:03 | 000,062,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dmvsc.sys -- (dmvsc)

DRV - [2010.11.20 22:29:03 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)

DRV - [2010.11.20 22:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)

DRV - [2010.11.20 22:29:03 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)

DRV - [2010.11.20 22:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV - [2010.11.20 22:29:03 | 000,025,600 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\terminpt.sys -- (terminpt)

DRV - [2010.11.20 22:29:03 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)

DRV - [2010.11.20 22:29:03 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)

DRV - [2010.09.01 09:30:58 | 000,015,544 | ---- | M] (Secunia) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\psi_mf.sys -- (PSI)

DRV - [2010.06.17 14:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)

DRV - [2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)

DRV - [2010.03.04 17:26:56 | 000,296,936 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)

DRV - [2009.07.13 23:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)

DRV - [2004.06.03 12:10:00 | 000,071,596 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\PfModNT.sys -- (PfModNT)

DRV - [2004.05.18 01:25:00 | 000,016,880 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ctpdusb.sys -- (Jukebox3)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 40 73 7E 90 55 9B CD 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

 
 ========== FireFox ==========

 

FF - prefs.js..browser.search.defaultenginename: ""

FF - prefs.js..browser.search.selectedEngine: ""

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0

FF - user.js - File not found

 

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.10.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll (Amazon.com, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.14 17:55:52 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2013.01.14 17:56:04 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins

 

[2012.09.26 15:34:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jürgen\AppData\Roaming\mozilla\Extensions

[2012.10.21 20:01:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jürgen\AppData\Roaming\mozilla\Firefox\Profiles\ffnxk3nm.default\extensions

[2012.10.21 20:01:17 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Jürgen\AppData\Roaming\mozilla\Firefox\Profiles\ffnxk3nm.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

[2013.01.14 17:55:52 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions

[2013.01.05 04:44:54 | 000,262,704 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll

[2013.01.05 16:11:17 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml

[2013.01.05 16:11:17 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml

[2013.01.05 16:11:17 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml

[2013.01.05 16:11:17 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml

[2013.01.05 16:11:17 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml

[2013.01.05 16:11:17 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2009.06.10 22:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)

O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)

O4 - HKLM..\Run: [Nero MediaHome 4] C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe (Nero AG)

O4 - HKLM..\Run: [NUSB3MON] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (Renesas Electronics Corporation)

O4 - HKLM..\Run: [Philips Device Listener] C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe ()

O4 - HKLM..\Run: [RemoteControl11] C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe (CyberLink Corp.)

O4 - HKCU..\Run: [] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKCU..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe (Creative Technology Ltd)

O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)

O4 - HKCU..\Run: [KiesPDLR] C:\Programme\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)

O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O8 - Extra context menu item: Free YouTube Download - C:\Users\Jürgen\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Jürgen\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000025 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O10 - Protocol_Catalog9\Catalog_Entries\000000000026 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)

O13 - gopher Prefix: missing

O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab (NVIDIA Smart Scan)

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab (Shockwave Flash Object)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F250F523-F749-4FF1-BC86-9EF46549B65B}: DhcpNameServer = 192.168.0.1

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]

O34 - HKLM BootExecute: (autocheck autochk *)

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

ActiveX: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

NetSvcs: FastUserSwitchingCompatibility -  File not found

NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)

NetSvcs: Nla -  File not found

NetSvcs: Ntmssvc -  File not found

NetSvcs: NWCWorkstation -  File not found

NetSvcs: Nwsapagent -  File not found

NetSvcs: SRService -  File not found

NetSvcs: WmdmPmSp -  File not found

NetSvcs: LogonHours -  File not found

NetSvcs: PCAudit -  File not found

NetSvcs: helpsvc -  File not found

NetSvcs: uploadmgr -  File not found

 

 

CREATERESTOREPOINT

Unable to start System Restore Service. Error code 1084

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2013.01.12 14:31:53 | 000,000,000 | -HSD | C] -- C:\Config.Msi

[2013.01.08 10:05:44 | 000,000,000 | ---D | C] -- C:\Program Files\AGEIA Technologies

[2013.01.01 19:53:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative

[2013.01.01 19:46:31 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield

[2013.01.01 18:49:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative

[2013.01.01 17:44:30 | 000,000,000 | ---D | C] -- C:\Program Files\Creative

[2012.12.21 11:42:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime

[2012.12.21 11:42:05 | 000,000,000 | ---D | C] -- C:\Program Files\QuickTime

[2012.12.21 11:12:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.12.21 11:12:34 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.12.21 11:12:33 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.12.21 11:12:33 | 000,000,000 | ---D | C] -- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

 
 ========== Files - Modified Within 30 Days ==========

 

[2013.01.18 18:25:39 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013.01.18 18:25:34 | 2415,456,256 | -HS- | M] () -- C:\hiberfil.sys

[2013.01.18 18:18:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013.01.18 18:16:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013.01.18 18:14:24 | 000,653,928 | ---- | M] () -- C:\Windows\System32\perfh007.dat

[2013.01.18 18:14:24 | 000,615,810 | ---- | M] () -- C:\Windows\System32\perfh009.dat

[2013.01.18 18:14:24 | 000,129,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat

[2013.01.18 18:14:24 | 000,106,190 | ---- | M] () -- C:\Windows\System32\perfc009.dat

[2013.01.18 17:48:59 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013.01.18 17:48:59 | 000,021,072 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013.01.18 17:38:40 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013.01.14 17:56:05 | 000,002,036 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk

[2013.01.14 17:55:54 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk

[2013.01.10 17:14:51 | 000,294,584 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT

[2012.12.29 11:26:54 | 000,013,153 | ---- | M] () -- C:\Windows\System32\nvinfo.pb

[2012.12.29 09:25:57 | 002,923,201 | ---- | M] () -- C:\Windows\System32\nvcoproc.bin

[2012.12.21 11:42:09 | 000,001,815 | ---- | M] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012.12.21 11:12:50 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

 
 ========== Files Created - No Company Name ==========

 

[2013.01.01 20:02:08 | 000,294,584 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT

[2013.01.01 17:46:55 | 000,028,672 | ---- | C] () -- C:\Windows\System32\PdeSrvps.dll

[2013.01.01 17:46:55 | 000,002,444 | ---- | C] () -- C:\Windows\ctpdusb.uns

[2013.01.01 17:44:30 | 000,149,504 | ---- | C] () -- C:\Windows\UNWISE.EXE

[2013.01.01 17:44:30 | 000,006,067 | ---- | C] () -- C:\Windows\UNWISE.INI

[2012.12.21 11:42:09 | 000,001,815 | ---- | C] () -- C:\Users\Public\Desktop\QuickTime Player.lnk

[2012.12.18 15:02:19 | 000,021,504 | ---- | C] () -- C:\Windows\jestertb.dll

[2012.09.25 20:51:53 | 002,923,201 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin

[2012.09.25 20:44:13 | 000,010,084 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin

[2012.08.28 09:04:34 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll

[2012.08.28 09:04:34 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll

[2012.08.28 09:04:34 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll

[2012.08.28 09:04:34 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2012.08.28 09:04:32 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll

[2011.04.12 02:30:05 | 000,653,928 | ---- | C] () -- C:\Windows\System32\perfh007.dat

[2011.04.12 02:30:05 | 000,295,922 | ---- | C] () -- C:\Windows\System32\perfi007.dat

[2011.04.12 02:30:05 | 000,129,800 | ---- | C] () -- C:\Windows\System32\perfc007.dat

[2011.04.12 02:30:05 | 000,038,104 | ---- | C] () -- C:\Windows\System32\perfd007.dat

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 22:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 
 ========== LOP Check ==========

 

[2012.09.26 16:17:56 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\DVDFab

[2012.10.21 20:01:19 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\DVDVideoSoft

[2012.10.21 20:01:17 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\DVDVideoSoftIEHelpers

[2012.09.25 21:04:10 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\pdfforge

[2012.10.04 13:41:36 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\Samsung

[2012.09.26 15:50:22 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\Thunderbird

[2012.12.12 23:50:47 | 000,000,000 | ---D | M] -- C:\Users\Jürgen\AppData\Roaming\uTorrent

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2013.01.18 17:33:07 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin

[2013.01.12 18:12:47 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2009.07.14 05:53:55 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2012.09.25 20:36:41 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2012.09.25 20:50:25 | 000,000,000 | ---D | M] -- C:\NVIDIA

[2009.07.14 03:37:05 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2013.01.08 10:05:44 | 000,000,000 | R--D | M] -- C:\Program Files

[2013.01.01 18:49:08 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2012.09.25 20:36:41 | 000,000,000 | -HSD | M] -- C:\Programme

[2012.09.25 20:36:41 | 000,000,000 | -HSD | M] -- C:\Recovery

[2013.01.18 17:31:16 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.12.17 18:18:13 | 000,000,000 | ---D | M] -- C:\temp

[2013.01.18 17:32:49 | 000,000,000 | R--D | M] -- C:\Users

[2013.01.18 18:25:35 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2009.07.14 02:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2009.07.14 02:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2009.07.14 02:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2009.07.14 02:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2010.11.20 22:29:06 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2009.07.14 05:53:46 | 000,032,634 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2009.07.14 05:53:47 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2012.09.25 20:41:06 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[2012.09.25 21:07:56 | 000,001,094 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2012.09.25 21:07:58 | 000,001,098 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys

[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_a97a2a0d0fbc6696\AGP440.sys

[2009.07.14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys

[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_fab873f3e8a3315c\atapi.sys

[2009.07.14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll

[2009.07.14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 06:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe

[2010.11.20 22:29:20 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\explorer.exe

[2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe

 
 < MD5 for: IASTORV.SYS  >

[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\drivers\iaStorV.sys

[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 06:38:51 | 000,332,160 | ---- | M] (Intel Corporation) MD5=5CD5F9A5444E6CDCB0AC89BD62D8B76E -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_b0daddb9e6380745\iaStorV.sys

[2011.03.11 06:28:00 | 000,332,160 | ---- | M] (Intel Corporation) MD5=778D0E6D7D9EBA0C403BADBAAD41DB20 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_b152a892ff64119f\iaStorV.sys

[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_668286aa35d55928\iaStorV.sys

[2010.11.20 22:29:03 | 000,332,160 | ---- | M] (Intel Corporation) MD5=A3CAE5D281DB4CFF7CFF8233507EE5AD -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_b118bc63e60a139a\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\System32\netlogon.dll

[2010.11.20 22:29:12 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\drivers\nvstor.sys

[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 06:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys

[2011.03.11 06:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys

[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.20 22:29:03 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys

 
 < MD5 for: NVSTOR32.SYS  >

[2010.04.09 01:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=8C98D67A228B7C4476656B80633CD485 -- C:\NVIDIA\nForceWin7VistaInt\15.57\IDE\Win7\sataraid\nvstor32.sys

[2010.04.09 01:32:56 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=8C98D67A228B7C4476656B80633CD485 -- C:\NVIDIA\nForceWin7VistaInt\15.57\IDE\WinVista\sataraid\nvstor32.sys

[2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\NVIDIA\nForceWin7VistaInt\15.57\IDE\Win7\sata_ide\nvstor32.sys

[2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\NVIDIA\nForceWin7VistaInt\15.57\IDE\WinVista\sata_ide\nvstor32.sys

[2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\drivers\nvstor32.sys

[2010.04.09 01:32:36 | 000,215,656 | ---- | M] (NVIDIA Corporation) MD5=97778C3CB3AF6B2243648D0DCD4D8916 -- C:\Windows\System32\DriverStore\FileRepository\nvstor32.inf_x86_neutral_42c5f57853db3f80\nvstor32.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\System32\scecli.dll

[2010.11.20 22:29:07 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_3a154c47375d881d\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\System32\user32.dll

[2010.11.20 22:29:20 | 000,811,520 | ---- | M] (Microsoft Corporation) MD5=F1DD3ACAEE5E6B4BBC69BC6DF75CEF66 -- C:\Windows\winsxs\x86_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_cf3fd62ccb9e983d\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\System32\userinit.exe

[2010.11.20 22:29:06 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2012.09.07 16:04:42 | 000,218,696 | ---- | M] () MD5=4E0D8C9F83B7FD82393F7D8CCC27E7AE -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe

[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\System32\winlogon.exe

[2010.11.20 22:29:06 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\System32\drivers\ws2ifsl.sys

[2009.07.14 00:55:02 | 000,016,384 | ---- | M] (Microsoft Corporation) MD5=6DB3276587B853BF886B69528FDB048C -- C:\Windows\winsxs\x86_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_4f5cf6f829213bb2\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

 
 < %USERPROFILE%\*.* >

[2013.01.18 18:26:57 | 001,310,720 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat

[2013.01.18 18:26:56 | 000,262,144 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat.LOG1

[2012.09.25 20:37:24 | 000,000,000 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat.LOG2

[2013.01.15 18:36:51 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{47cdcb5f-5f39-11e2-8039-0019db68ef64}.TM.blf

[2013.01.15 18:36:51 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{47cdcb5f-5f39-11e2-8039-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2013.01.15 18:36:51 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{47cdcb5f-5f39-11e2-8039-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2012.09.25 20:37:27 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TM.blf

[2012.09.25 20:37:27 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000001.regtrans-ms

[2012.09.25 20:37:27 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{6cced2f1-6e01-11de-8bed-001e0bcd1824}.TMContainer00000000000000000002.regtrans-ms

[2012.11.22 17:10:21 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{72ae1cd9-34be-11e2-8bdf-0019db68ef64}.TM.blf

[2012.11.22 17:10:21 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{72ae1cd9-34be-11e2-8bdf-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2012.11.22 17:10:21 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{72ae1cd9-34be-11e2-8bdf-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2012.10.17 05:05:43 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{aa808633-17a0-11e2-9413-0019db68ef64}.TM.blf

[2012.10.17 05:05:43 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{aa808633-17a0-11e2-9413-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2012.10.17 05:05:43 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{aa808633-17a0-11e2-9413-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2012.11.11 16:44:44 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{ab1f4267-2c04-11e2-91c8-0019db68ef64}.TM.blf

[2012.11.11 16:44:44 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{ab1f4267-2c04-11e2-91c8-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2012.11.11 16:44:44 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{ab1f4267-2c04-11e2-91c8-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2013.01.07 14:34:03 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{c70b6c27-58a9-11e2-804d-0019db68ef64}.TM.blf

[2013.01.07 14:34:03 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{c70b6c27-58a9-11e2-804d-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2013.01.07 14:34:03 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\NTUSER.DAT{c70b6c27-58a9-11e2-804d-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2013.01.08 09:53:10 | 000,065,536 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{c70b6c79-58a9-11e2-804d-0019db68ef64}.TM.blf

[2013.01.08 09:53:10 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{c70b6c79-58a9-11e2-804d-0019db68ef64}.TMContainer00000000000000000001.regtrans-ms

[2013.01.08 09:53:10 | 000,524,288 | -HS- | M] () -- C:\Users\Jürgen\ntuser.dat{c70b6c79-58a9-11e2-804d-0019db68ef64}.TMContainer00000000000000000002.regtrans-ms

[2012.09.25 20:37:24 | 000,000,020 | -HS- | M] () -- C:\Users\Jürgen\ntuser.ini

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

 
 <          >
 

< End of report >

--- --- ---

und der Extras.txtOTL Logfile:

Code:

OTL Extras logfile created on: 18.01.2013 18:29:26 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Jürgen_2\Desktop

 Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

3,00 Gb Total Physical Memory | 2,41 Gb Available Physical Memory | 80,24% Memory free

6,00 Gb Paging File | 5,43 Gb Available in Paging File | 90,57% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files

Drive C: | 465,66 Gb Total Space | 105,38 Gb Free Space | 22,63% Space Free | Partition Type: NTFS

Drive D: | 41,49 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF

Drive F: | 1,86 Gb Total Space | 0,43 Gb Free Space | 23,04% Space Free | Partition Type: FAT32

Drive G: | 1863,01 Gb Total Space | 601,50 Gb Free Space | 32,29% Space Free | Partition Type: NTFS

 

Computer Name: JÜRGEN-PC | User Name: Jürgen | Logged in as Administrator.

Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)

.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)

htmlfile [edit] -- Reg Error: Key error.

htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"

http [open] -- Reg Error: Key error.

https [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 0

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = Reg Error: Unknown registry data type -- File not found

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{1F68D91B-3606-405E-BB36-3F5F943E16E1}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{312F0925-ECAE-41D2-9F4A-DC3A1C797322}" = lport=139 | protocol=6 | dir=in | app=system | 

"{409F4A7E-79CC-4ED9-85C0-95E12307D9B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{4E930945-FD56-4D55-AF6D-7B2357D59580}" = lport=137 | protocol=17 | dir=in | app=system | 

"{4E96719B-EA08-40E9-9169-386E762C2C29}" = rport=138 | protocol=17 | dir=out | app=system | 

"{50298C71-698F-4B6B-8F63-F7788B84CE61}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{5201F7A6-DCA8-4CD8-B5DB-8749B8AB1B33}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{564186EA-55D4-4EBB-A22B-1F9A22326CEF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{661BF454-08BB-46C8-90DB-2DD86D4FA9B3}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{67CD1430-D622-46FB-843F-9D7E0162A852}" = lport=138 | protocol=17 | dir=in | app=system | 

"{78B14B9C-B9BB-4F6B-913C-2823E2A8FFBB}" = rport=445 | protocol=6 | dir=out | app=system | 

"{981BD98D-91D1-4856-86A6-3682350EF9AE}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 

"{B3A8EB5F-BAD8-489E-BA3D-476D03B4016D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 

"{C86932C2-F577-4C79-B8F6-5C57ABF82083}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{CC5604E5-4F14-4C67-8D21-D7D25B4ECAD8}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{CC5CE3EA-D9A3-47A4-A096-4F4A70726EE0}" = lport=445 | protocol=6 | dir=in | app=system | 

"{CDAFA408-08F1-4264-99DB-9E0DCB15EE05}" = rport=137 | protocol=17 | dir=out | app=system | 

"{D258A951-5FC2-48C4-9E1C-A818502CEE7C}" = rport=139 | protocol=6 | dir=out | app=system | 

"{D4EA4D8B-9DF5-442C-9227-FAA0281594E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{FC217E25-ED71-444F-BE5A-9F280EF8CF19}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 

"{FC392DDC-3214-42C7-A42A-5F1C6655D379}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0030D479-FD53-4BC9-A6B2-BF7243E9026A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{1493D41B-1C95-41B8-AC2C-446DC6341CAD}" = dir=in | app=c:\program files\cyberlink\powerdvd11\pdvd11serv.exe | 

"{1841F7CA-766E-4E72-BF45-9C392E8851B3}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 

"{1BF019AA-8958-411B-B68B-054F122A0E67}" = protocol=6 | dir=in | app=c:\program files\utorrent\utorrent.exe | 

"{1C8EAE67-B046-4C26-BEA1-5DFFFB4C9C3E}" = dir=in | app=c:\program files\itunes\itunes.exe | 

"{2E9F93BF-548B-488C-92D2-3A0DF20DE778}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{30540529-1D97-4233-8858-62213DB6C66F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{43EA7E87-8218-472C-907A-48D2C8FC9769}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{5FBEAEA1-775F-42C8-AB9A-BCFD8AA2C476}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe | 

"{6E1B452C-1022-4D59-811A-AC2858415CC7}" = protocol=17 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe | 

"{7015917B-AA7A-4E63-8A54-AF28B444F08D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{70993598-0B1B-479C-B344-31ECE32C03A0}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 

"{8B62A21E-455E-40CB-8BE2-B2FCD6D06F10}" = dir=in | app=c:\program files\cyberlink\powerdvd11\powerdvd11.exe | 

"{8EFB616F-92A1-4B9B-8827-BBF14866E716}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{913ADED1-7148-408E-8611-01644E1E0A22}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{99C1AD57-E5E5-4882-AEDE-9A9600723CD1}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe | 

"{9E1F3CFE-8B94-41AA-855C-AA5225758A90}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 

"{A281D530-36B1-4E03-A474-94215C78CD55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{A95C79F5-799A-441B-A318-FA929E06379C}" = protocol=6 | dir=in | app=c:\program files\nero\nero mediahome 4\nmmediaserverservice.exe | 

"{BA130E31-EB13-411F-BC5E-61090CD6C8F9}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{C7737DBE-EEC3-4D06-BD91-E1B6E5CD54D1}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 

"{CF0F5B25-1219-40CC-B0A8-5A29453730CF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{D1EC9A17-A395-4663-B409-A858035EA213}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{D2A39CD2-F41D-4B73-9E7D-6CDE97FC1A7A}" = protocol=17 | dir=in | app=c:\program files\utorrent\utorrent.exe | 

"{D8254936-E0CD-4948-9E2E-A6805ABC65D7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{DF7898D3-F91B-4B34-B57E-9D4CEB943048}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 

"{E225029E-6C4D-4BE7-917B-AD7849F0D17B}" = protocol=6 | dir=out | app=system | 

"{E89E9A40-BF8D-44F4-93F7-2E6593500F55}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"TCP Query User{3C7F3BD9-CDD1-4FFB-8AA5-854C67DB5490}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 

"UDP Query User{CC014321-5501-4EB6-8A42-3025AEFFE1F7}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator

"{02627ee5-eaca-4742-a9cc-e687631773e4}" = Nero ShowTime

"{0E7DBD52-B097-4F2B-A7C7-F105B0D20FDB}" = LightScribe System Software  1.14.17.1

"{1103112B-513D-4DEF-96B4-9889774E0118}" = Creative Zen Touch

"{1798D459-6B8B-474B-868D-1229EADA3B95}" = Adobe AIR

"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer

"{194A4B5E-DF6F-00B8-30B7-D9148A2E305B}" = Flixster

"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser

"{20400dbd-e6db-45b8-9b6b-1dd7033818ec}" = Nero InfoTool

"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1

"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer

"{2348b586-c9ae-46ce-936c-a68e9426e214}" = Nero StartSmart Help

"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 10

"{2E0C1913-886B-4C5C-8DAF-D1E649CE5FCC}" = Creative MediaSource

"{33cf58f5-48d8-4575-83d6-96f574e4d83a}" = Nero DriveSpeed

"{368ba326-73ad-4351-84ed-3c0a7a52cc53}" = Nero Rescue Agent

"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile

"{43e39830-1826-415d-8bae-86845787b54b}" = Nero Vision

"{459699C3-9430-4381-964B-4248D87B49F9}" = Apple Mobile Device Support

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{51788b29-956c-4b62-961d-393542e7f1d2}" = Nero 9 Essentials

"{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{595a3116-40bb-4e0f-a2e8-d7951da56270}" = NeroExpress

"{5d9be3c1-8ba4-4e7e-82fd-9f74fa6815d1}" = Nero Vision

"{5e08ecd1-c98e-4711-bf65-8fd736b3f969}" = Nero RescueAgent Help

"{62ac81f6-bdd3-4110-9d36-3e9eaab40999}" = Nero CoverDesigner

"{69FC3B9A-4149-43DB-A557-6ED0C8D8BA44}" = Nero MediaHome 4 Help

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{7748ac8c-18e3-43bb-959b-088faea16fb2}" = Nero StartSmart

"{7829db6f-a066-4e40-8912-cb07887c20bb}" = Nero BurnRights

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour

"{7CFA46E3-CC2F-4355-82AE-6012DC3633FD}" = NVIDIA ForceWare Network Access Manager

"{83202942-84b3-4c50-8622-b8c0aa2d2885}" = Nero Express Help

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{869200db-287a-4dc0-b02b-2b6787fbcd4c}" = Nero DiscSpeed

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX

"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules

"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME

"{99EF387E-633E-4CFB-BFA3-AB961B685DDF}" = Nero MediaHome 4

"{A8F2089B-1F79-4BF6-B385-A2C2B0B9A74D}" = ImagXpress

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch

"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime

"{B0261E53-B6F1-474A-864B-E7C3CBF468E0}" = iTunes

"{B2EC4A38-B545-4A00-8214-13FE0E915E6D}" = Advertising Center

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.90

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.90

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.90

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.90

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{b78120a0-cf84-4366-a393-4d0a59bc546c}" = Menu Templates - Starter Kit

"{BD5CA0DA-71AD-43DA-B19E-6EEE0C9ADC9A}" = Nero ControlCenter

"{C81A2FE0-3574-00A9-CED4-BDAA334CBE8E}" = Nero Online Upgrade

"{cc019e3f-59d2-4486-8d4b-878105b62a71}" = Nero DiscSpeed

"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support

"{ce96f5a5-584d-4f8f-aa3e-9baed413db72}" = Nero CoverDesigner Help

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{d9dcf92e-72eb-412d-ac71-3b01276e5f8b}" = Nero ShowTime

"{e498385e-1c51-459a-b45f-1721e37aa1a0}" = Movie Templates - Starter Kit

"{e5c7d048-f9b4-4219-b323-8bdb01a2563d}" = Nero DriveSpeed

"{E8A80433-302B-4FF1-815D-FCC8EAC482FF}" = Nero Installer

"{ea68f00b-bd1f-4757-9a5d-880d76331c6a}" = Nero MediaHome 4 Essentials

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11

"{F4041DCE-3FE1-4E18-8A9E-9DE65231EE36}" = Nero ControlCenter

"{f6bdd7c5-89ed-4569-9318-469aa9732572}" = Nero BurnRights

"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{fbcdfd61-7dcf-4e71-9226-873ba0053139}" = Nero InfoTool

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17

"AudibleManager" = AudibleManager

"Avira AntiVir Desktop" = Avira Free Antivirus

"CCleaner" = CCleaner

"com.wb.DC2" = Flixster

"Creative Jukebox Driver" = Creative Jukebox Driver

"Defraggler" = Defraggler

"DVDFab 8 Qt_is1" = DVDFab 8.2.1.5 (10/10/2012) Qt

"Free Studio_is1" = Free Studio version 5.7.6.1015

"InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}" = Renesas Electronics USB 3.0 Host Controller Driver

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}" = CyberLink PowerDVD 11

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Mozilla Firefox 18.0 (x86 de)" = Mozilla Firefox 18.0 (x86 de)

"Mozilla Thunderbird 17.0.2 (x86 de)" = Mozilla Thunderbird 17.0.2 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"NVIDIA Drivers" = NVIDIA Drivers

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Philips Songbird" = Philips Songbird

"Secunia PSI" = Secunia PSI (3.0.0.3001)

"SysInfo" = Creative-Systeminformationen

"uTorrent" = µTorrent

"WinRAR archiver" = WinRAR 4.20 (32-Bit)

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"MyFreeCodec" = MyFreeCodec

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 06.01.2013 03:43:08 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 06.01.2013 12:39:57 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 07.01.2013 05:10:17 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 07.01.2013 16:57:47 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 08.01.2013 04:35:45 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 08.01.2013 05:06:35 | Computer Name = Jürgen-PC | Source = Application Error | ID = 1000

Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,

 Zeitstempel: 0x50a2f9e3  Name des fehlerhaften Moduls: D3D10Warp.dll, Version: 6.1.7601.17514,

 Zeitstempel: 0x4ce7b7af  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0002b38f  ID des fehlerhaften

 Prozesses: 0x16e8  Startzeit der fehlerhaften Anwendung: 0x01cded7dce946cc8  Pfad der

 fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe  Pfad des

 fehlerhaften Moduls: C:\Windows\system32\D3D10Warp.dll  Berichtskennung: b35c0bd0-5972-11e2-b35d-0019db68ef64

 

Error - 08.01.2013 17:13:46 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 09.01.2013 01:09:28 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 09.01.2013 16:02:16 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

Error - 10.01.2013 12:16:16 | Computer Name = Jürgen-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 12.01.2013 09:20:13 | Computer Name = Jürgen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35

Description = Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in 

der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie 

sich beim Hersteller des Computers nach aktualisierter Firmware.

 

Error - 12.01.2013 09:22:05 | Computer Name = Jürgen-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Windows Media Player-Netzwerkfreigabedienst erreicht.

 

Error - 12.01.2013 09:22:05 | Computer Name = Jürgen-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund

 folgenden Fehlers nicht gestartet:   %%1053

 

Error - 12.01.2013 13:12:48 | Computer Name = Jürgen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35

Description = Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in 

der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie 

sich beim Hersteller des Computers nach aktualisierter Firmware.

 

Error - 12.01.2013 13:12:48 | Computer Name = Jürgen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35

Description = Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in 

der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie 

sich beim Hersteller des Computers nach aktualisierter Firmware.

 

Error - 12.01.2013 13:14:24 | Computer Name = Jürgen-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Windows Media Player-Netzwerkfreigabedienst erreicht.

 

Error - 12.01.2013 13:14:24 | Computer Name = Jürgen-PC | Source = Service Control Manager | ID = 7000

Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund

 folgenden Fehlers nicht gestartet:   %%1053

 

Error - 12.01.2013 16:28:57 | Computer Name = Jürgen-PC | Source = bowser | ID = 8003

Description = 

 

Error - 12.01.2013 19:27:15 | Computer Name = Jürgen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35

Description = Die Energieverwaltungsfeatures für Leistung des Prozessors "0" in 

der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie 

sich beim Hersteller des Computers nach aktualisierter Firmware.

 

Error - 12.01.2013 19:27:15 | Computer Name = Jürgen-PC | Source = Microsoft-Windows-Kernel-Processor-Power | ID = 35

Description = Die Energieverwaltungsfeatures für Leistung des Prozessors "1" in 

der Gruppe "0" sind aufgrund eines Firmwareproblems deaktiviert. Erkundigen Sie 

sich beim Hersteller des Computers nach aktualisierter Firmware.

 

 

< End of report >

--- --- ---

Gruß
josuhasottie

Hi,

entschuldige habe da leider was missverstanden (bin in der Sache blutiger Anfänger).
So habe jetzt tdsskiller wie beschrieben ausgeführt.
Hier der Log:

15:11:26.0676 1568 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:11:27.0098 1568 ============================================================
15:11:27.0098 1568 Current date / time: 2013/01/20 15:11:27.0098
15:11:27.0098 1568 SystemInfo:
15:11:27.0098 1568
15:11:27.0098 1568 OS Version: 6.1.7601 ServicePack: 1.0
15:11:27.0098 1568 Product type: Workstation
15:11:27.0098 1568 ComputerName: JÜRGEN-PC
15:11:27.0098 1568 UserName: Jürgen
15:11:27.0098 1568 Windows directory: C:\Windows
15:11:27.0098 1568 System windows directory: C:\Windows
15:11:27.0098 1568 Processor architecture: Intel x86
15:11:27.0098 1568 Number of processors: 2
15:11:27.0098 1568 Page size: 0x1000
15:11:27.0098 1568 Boot type: Safe boot with network
15:11:27.0098 1568 ============================================================
15:11:27.0815 1568 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000050
15:11:27.0815 1568 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:11:37.0222 1568 ============================================================
15:11:37.0222 1568 \Device\Harddisk0\DR0:
15:11:37.0222 1568 MBR partitions:
15:11:37.0222 1568 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:11:37.0222 1568 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
15:11:37.0222 1568 \Device\Harddisk1\DR1:
15:11:37.0238 1568 MBR partitions:
15:11:37.0238 1568 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E06CC1
15:11:37.0238 1568 ============================================================
15:11:37.0253 1568 C: <-> \Device\Harddisk0\DR0\Partition2
15:11:37.0284 1568 G: <-> \Device\Harddisk1\DR1\Partition1
15:11:37.0284 1568 ============================================================
15:11:37.0284 1568 Initialize success
15:11:37.0284 1568 ============================================================
15:12:25.0707 1788 ============================================================
15:12:25.0707 1788 Scan started
15:12:25.0707 1788 Mode: Manual; SigCheck; TDLFS;
15:12:25.0707 1788 ============================================================
15:12:26.0409 1788 ================ Scan system memory ========================
15:12:26.0409 1788 System memory - ok
15:12:26.0409 1788 ================ Scan services =============================
15:12:26.0549 1788 [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:12:26.0658 1788 1394ohci - ok
15:12:26.0674 1788 [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:12:26.0690 1788 ACPI - ok
15:12:26.0721 1788 [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:12:26.0783 1788 AcpiPmi - ok
15:12:26.0877 1788 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
15:12:26.0892 1788 AdobeARMservice - ok
15:12:26.0924 1788 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:12:26.0939 1788 AdobeFlashPlayerUpdateSvc - ok
15:12:26.0970 1788 [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:12:26.0986 1788 adp94xx - ok
15:12:27.0002 1788 [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:12:27.0017 1788 adpahci - ok
15:12:27.0033 1788 [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:12:27.0048 1788 adpu320 - ok
15:12:27.0064 1788 [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:12:27.0173 1788 AeLookupSvc - ok
15:12:27.0204 1788 [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD C:\Windows\system32\drivers\afd.sys
15:12:27.0267 1788 AFD - ok
15:12:27.0282 1788 [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440 C:\Windows\system32\drivers\agp440.sys
15:12:27.0298 1788 agp440 - ok
15:12:27.0329 1788 [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
15:12:27.0329 1788 aic78xx - ok
15:12:27.0360 1788 [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG C:\Windows\System32\alg.exe
15:12:27.0407 1788 ALG - ok
15:12:27.0423 1788 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide C:\Windows\system32\drivers\aliide.sys
15:12:27.0438 1788 aliide - ok
15:12:27.0454 1788 [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp C:\Windows\system32\drivers\amdagp.sys
15:12:27.0470 1788 amdagp - ok
15:12:27.0485 1788 [ CD5914170297126B6266860198D1D4F0 ] amdide C:\Windows\system32\drivers\amdide.sys
15:12:27.0485 1788 amdide - ok
15:12:27.0501 1788 [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:12:27.0532 1788 AmdK8 - ok
15:12:27.0532 1788 [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:12:27.0563 1788 AmdPPM - ok
15:12:27.0579 1788 [ D320BF87125326F996D4904FE24300FC ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:12:27.0594 1788 amdsata - ok
15:12:27.0610 1788 [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:12:27.0626 1788 amdsbs - ok
15:12:27.0641 1788 [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:12:27.0641 1788 amdxata - ok
15:12:27.0672 1788 [ DD8D9C597AF7CD2F6B70A3D6A4A1ACEA ] androidusb C:\Windows\system32\Drivers\ssadadb.sys
15:12:27.0735 1788 androidusb - ok
15:12:27.0766 1788 [ 466A0D95960DAD3222C896D2CEA99993 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
15:12:27.0782 1788 AntiVirSchedulerService - ok
15:12:27.0797 1788 [ A489BE6BB0AA1FF406B488B60542314B ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
15:12:27.0813 1788 AntiVirService - ok
15:12:27.0828 1788 [ AEA177F783E20150ACE5383EE368DA19 ] AppID C:\Windows\system32\drivers\appid.sys
15:12:27.0860 1788 AppID - ok
15:12:27.0906 1788 [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:12:27.0953 1788 AppIDSvc - ok
15:12:27.0984 1788 [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo C:\Windows\System32\appinfo.dll
15:12:28.0031 1788 Appinfo - ok
15:12:28.0094 1788 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:12:28.0109 1788 Apple Mobile Device - ok
15:12:28.0125 1788 [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt C:\Windows\System32\appmgmts.dll
15:12:28.0172 1788 AppMgmt - ok
15:12:28.0203 1788 [ 2932004F49677BD84DBC72EDB754FFB3 ] arc C:\Windows\system32\drivers\arc.sys
15:12:28.0218 1788 arc - ok
15:12:28.0234 1788 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:12:28.0250 1788 arcsas - ok
15:12:28.0265 1788 [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:12:28.0374 1788 AsyncMac - ok
15:12:28.0390 1788 [ 338C86357871C167A96AB976519BF59E ] atapi C:\Windows\system32\drivers\atapi.sys
15:12:28.0406 1788 atapi - ok
15:12:28.0421 1788 athr - ok
15:12:28.0452 1788 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:12:28.0499 1788 AudioEndpointBuilder - ok
15:12:28.0499 1788 [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:12:28.0530 1788 Audiosrv - ok
15:12:28.0546 1788 [ D5541F0AFB767E85FC412FC609D96A74 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:12:28.0562 1788 avgntflt - ok
15:12:28.0593 1788 [ 7D967A682D4694DF7FA57D63A2DB01FE ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:12:28.0608 1788 avipbb - ok
15:12:28.0624 1788 [ 53E56450DA16A1A7F0D002F511113F67 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:12:28.0624 1788 avkmgr - ok
15:12:28.0640 1788 [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:12:28.0702 1788 AxInstSV - ok
15:12:28.0749 1788 [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
15:12:28.0796 1788 b06bdrv - ok
15:12:28.0811 1788 [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:12:28.0842 1788 b57nd60x - ok
15:12:28.0874 1788 [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC C:\Windows\System32\bdesvc.dll
15:12:28.0920 1788 BDESVC - ok
15:12:28.0936 1788 [ 505506526A9D467307B3C393DEDAF858 ] Beep C:\Windows\system32\drivers\Beep.sys
15:12:28.0967 1788 Beep - ok
15:12:28.0998 1788 [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE C:\Windows\System32\bfe.dll
15:12:29.0045 1788 BFE - ok
15:12:29.0092 1788 [ E585445D5021971FAE10393F0F1C3961 ] BITS C:\Windows\System32\qmgr.dll
15:12:29.0170 1788 BITS - ok
15:12:29.0186 1788 [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:12:29.0201 1788 blbdrive - ok
15:12:29.0248 1788 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:12:29.0264 1788 Bonjour Service - ok
15:12:29.0279 1788 [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:12:29.0295 1788 bowser - ok
15:12:29.0310 1788 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:12:29.0342 1788 BrFiltLo - ok
15:12:29.0342 1788 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:12:29.0373 1788 BrFiltUp - ok
15:12:29.0404 1788 [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser C:\Windows\System32\browser.dll
15:12:29.0451 1788 Browser - ok
15:12:29.0466 1788 [ 845B8CE732E67F3B4133164868C666EA ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:12:29.0482 1788 Brserid - ok
15:12:29.0498 1788 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:12:29.0529 1788 BrSerWdm - ok
15:12:29.0529 1788 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:12:29.0560 1788 BrUsbMdm - ok
15:12:29.0560 1788 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:12:29.0576 1788 BrUsbSer - ok
15:12:29.0607 1788 [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:12:29.0622 1788 BTHMODEM - ok
15:12:29.0654 1788 [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv C:\Windows\system32\bthserv.dll
15:12:29.0685 1788 bthserv - ok
15:12:29.0716 1788 [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:12:29.0763 1788 cdfs - ok
15:12:29.0794 1788 [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:12:29.0825 1788 cdrom - ok
15:12:29.0872 1788 [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc C:\Windows\System32\certprop.dll
15:12:29.0888 1788 CertPropSvc - ok
15:12:29.0903 1788 [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass C:\Windows\system32\drivers\circlass.sys
15:12:29.0919 1788 circlass - ok
15:12:29.0934 1788 [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS C:\Windows\system32\CLFS.sys
15:12:29.0950 1788 CLFS - ok
15:12:30.0028 1788 [ 4AA6694FB767BBFF6A8EF080806447BD ] CLHNServiceForPowerDVD C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
15:12:30.0028 1788 CLHNServiceForPowerDVD - ok
15:12:30.0122 1788 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:12:30.0137 1788 clr_optimization_v2.0.50727_32 - ok
15:12:30.0200 1788 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:12:30.0215 1788 clr_optimization_v4.0.30319_32 - ok
15:12:30.0231 1788 [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
15:12:30.0262 1788 CmBatt - ok
15:12:30.0278 1788 [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:12:30.0278 1788 cmdide - ok
15:12:30.0309 1788 [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG C:\Windows\system32\Drivers\cng.sys
15:12:30.0324 1788 CNG - ok
15:12:30.0356 1788 [ A6023D3823C37043986713F118A89BEE ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:12:30.0371 1788 Compbatt - ok
15:12:30.0402 1788 [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:12:30.0418 1788 CompositeBus - ok
15:12:30.0434 1788 COMSysApp - ok
15:12:30.0449 1788 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:12:30.0465 1788 crcdisk - ok
15:12:30.0512 1788 [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\Windows\system32\CTsvcCDA.EXE
15:12:30.0543 1788 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
15:12:30.0543 1788 Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
15:12:30.0574 1788 [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:12:30.0621 1788 CryptSvc - ok
15:12:30.0636 1788 [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC C:\Windows\system32\drivers\csc.sys
15:12:30.0683 1788 CSC - ok
15:12:30.0714 1788 [ 15F93B37F6801943360D9EB42485D5D3 ] CscService C:\Windows\System32\cscsvc.dll
15:12:30.0746 1788 CscService - ok
15:12:30.0792 1788 [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch C:\Windows\system32\rpcss.dll
15:12:30.0839 1788 DcomLaunch - ok
15:12:30.0886 1788 [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc C:\Windows\System32\defragsvc.dll
15:12:30.0917 1788 defragsvc - ok
15:12:30.0948 1788 [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:12:30.0995 1788 DfsC - ok
15:12:31.0042 1788 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
15:12:31.0042 1788 dg_ssudbus - ok
15:12:31.0073 1788 [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:12:31.0120 1788 Dhcp - ok
15:12:31.0136 1788 [ 1A050B0274BFB3890703D490F330C0DA ] discache C:\Windows\system32\drivers\discache.sys
15:12:31.0167 1788 discache - ok
15:12:31.0214 1788 [ 565003F326F99802E68CA78F2A68E9FF ] Disk C:\Windows\system32\drivers\disk.sys
15:12:31.0214 1788 Disk - ok
15:12:31.0229 1788 [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
15:12:31.0276 1788 dmvsc - ok
15:12:31.0307 1788 [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:12:31.0354 1788 Dnscache - ok
15:12:31.0370 1788 [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc C:\Windows\System32\dot3svc.dll
15:12:31.0401 1788 dot3svc - ok
15:12:31.0432 1788 [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS C:\Windows\system32\dps.dll
15:12:31.0463 1788 DPS - ok
15:12:31.0494 1788 [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:12:31.0526 1788 drmkaud - ok
15:12:31.0557 1788 [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:12:31.0572 1788 DXGKrnl - ok
15:12:31.0604 1788 [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost C:\Windows\System32\eapsvc.dll
15:12:31.0635 1788 EapHost - ok
15:12:31.0713 1788 [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
15:12:31.0775 1788 ebdrv - ok
15:12:31.0806 1788 [ 81951F51E318AECC2D68559E47485CC4 ] EFS C:\Windows\System32\lsass.exe
15:12:31.0838 1788 EFS - ok
15:12:31.0884 1788 [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:12:31.0916 1788 ehRecvr - ok
15:12:31.0931 1788 [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched C:\Windows\ehome\ehsched.exe
15:12:31.0962 1788 ehSched - ok
15:12:31.0994 1788 [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:12:32.0009 1788 elxstor - ok
15:12:32.0025 1788 [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:12:32.0040 1788 ErrDev - ok
15:12:32.0087 1788 [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem C:\Windows\system32\es.dll
15:12:32.0134 1788 EventSystem - ok
15:12:32.0150 1788 [ 2DC9108D74081149CC8B651D3A26207F ] exfat C:\Windows\system32\drivers\exfat.sys
15:12:32.0181 1788 exfat - ok
15:12:32.0196 1788 [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:12:32.0228 1788 fastfat - ok
15:12:32.0274 1788 [ 967EA5B213E9984CBE270205DF37755B ] Fax C:\Windows\system32\fxssvc.exe
15:12:32.0337 1788 Fax - ok
15:12:32.0352 1788 [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc C:\Windows\system32\drivers\fdc.sys
15:12:32.0368 1788 fdc - ok
15:12:32.0399 1788 [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost C:\Windows\system32\fdPHost.dll
15:12:32.0415 1788 fdPHost - ok
15:12:32.0430 1788 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub C:\Windows\system32\fdrespub.dll
15:12:32.0446 1788 FDResPub - ok
15:12:32.0462 1788 [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:12:32.0477 1788 FileInfo - ok
15:12:32.0493 1788 [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:12:32.0524 1788 Filetrace - ok
15:12:32.0555 1788 [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:12:32.0555 1788 flpydisk - ok
15:12:32.0571 1788 [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:12:32.0586 1788 FltMgr - ok
15:12:32.0602 1788 [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache C:\Windows\system32\FntCache.dll
15:12:32.0680 1788 FontCache - ok
15:12:32.0711 1788 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:12:32.0727 1788 FontCache3.0.0.0 - ok
15:12:32.0789 1788 [ 7DFF82ACDAB23414ABC2A95FEF8982F8 ] ForceWare Intelligent Application Manager (IAM) C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
15:12:32.0805 1788 ForceWare Intelligent Application Manager (IAM) - ok
15:12:32.0820 1788 [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:12:32.0820 1788 FsDepends - ok
15:12:32.0836 1788 [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:12:32.0852 1788 Fs_Rec - ok
15:12:32.0883 1788 [ 8A73E79089B282100B9393B644CB853B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:12:32.0898 1788 fvevol - ok
15:12:32.0914 1788 [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:12:32.0930 1788 gagp30kx - ok
15:12:32.0961 1788 [ 4AC51459805264AFFD5F6FDFB9D9235F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:12:32.0961 1788 GEARAspiWDM - ok
15:12:32.0976 1788 [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc C:\Windows\System32\gpsvc.dll
15:12:33.0039 1788 gpsvc - ok
15:12:33.0101 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
15:12:33.0101 1788 gupdate - ok
15:12:33.0117 1788 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
15:12:33.0132 1788 gupdatem - ok
15:12:33.0148 1788 [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
15:12:33.0164 1788 gusvc - ok
15:12:33.0179 1788 [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:12:33.0226 1788 hcw85cir - ok
15:12:33.0242 1788 [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:12:33.0288 1788 HdAudAddService - ok
15:12:33.0320 1788 [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:12:33.0320 1788 HDAudBus - ok
15:12:33.0351 1788 [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:12:33.0366 1788 HidBatt - ok
15:12:33.0398 1788 [ 89448F40E6DF260C206A193A4683BA78 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:12:33.0429 1788 HidBth - ok
15:12:33.0460 1788 [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr C:\Windows\system32\drivers\hidir.sys
15:12:33.0491 1788 HidIr - ok
15:12:33.0507 1788 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv C:\Windows\system32\hidserv.dll
15:12:33.0554 1788 hidserv - ok
15:12:33.0585 1788 [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:12:33.0616 1788 HidUsb - ok
15:12:33.0647 1788 [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:12:33.0663 1788 hkmsvc - ok
15:12:33.0678 1788 [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:12:33.0741 1788 HomeGroupListener - ok
15:12:33.0772 1788 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:12:33.0803 1788 HomeGroupProvider - ok
15:12:33.0819 1788 [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:12:33.0834 1788 HpSAMD - ok
15:12:33.0866 1788 [ 871917B07A141BFF43D76D8844D48106 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:12:33.0881 1788 HTTP - ok
15:12:33.0912 1788 [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:12:33.0912 1788 hwpolicy - ok
15:12:33.0944 1788 [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:12:33.0975 1788 i8042prt - ok
15:12:33.0990 1788 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:12:34.0006 1788 iaStorV - ok
15:12:34.0068 1788 [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:12:34.0084 1788 idsvc - ok
15:12:34.0209 1788 [ AD626F6964F4D364D226C39E06872DD3 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
15:12:34.0318 1788 igfx - ok
15:12:34.0334 1788 [ 4173FF5708F3236CF25195FECD742915 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:12:34.0349 1788 iirsp - ok
15:12:34.0380 1788 [ F95622F161474511B8D80D6B093AA610 ] IKEEXT C:\Windows\System32\ikeext.dll
15:12:34.0427 1788 IKEEXT - ok
15:12:34.0458 1788 [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide C:\Windows\system32\drivers\intelide.sys
15:12:34.0458 1788 intelide - ok
15:12:34.0490 1788 [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:12:34.0490 1788 intelppm - ok
15:12:34.0505 1788 [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:12:34.0552 1788 IPBusEnum - ok
15:12:34.0568 1788 [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:12:34.0599 1788 IpFilterDriver - ok
15:12:34.0630 1788 [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:12:34.0692 1788 iphlpsvc - ok
15:12:34.0692 1788 [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:12:34.0708 1788 IPMIDRV - ok
15:12:34.0724 1788 [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:12:34.0770 1788 IPNAT - ok
15:12:34.0833 1788 [ E8A39D41474BE42FD8830CED32932D6C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:12:34.0848 1788 iPod Service - ok
15:12:34.0864 1788 [ 42996CFF20A3084A56017B7902307E9F ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:12:34.0895 1788 IRENUM - ok
15:12:34.0911 1788 [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:12:34.0926 1788 isapnp - ok
15:12:34.0942 1788 [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:12:34.0958 1788 iScsiPrt - ok
15:12:34.0989 1788 [ C4D1E49A7D853A6FDFE8EC2906AE5AAA ] Jukebox3 C:\Windows\system32\DRIVERS\ctpdusb.sys
15:12:35.0036 1788 Jukebox3 - ok
15:12:35.0067 1788 [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:12:35.0067 1788 kbdclass - ok
15:12:35.0098 1788 [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:12:35.0129 1788 kbdhid - ok
15:12:35.0145 1788 [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso C:\Windows\system32\lsass.exe
15:12:35.0160 1788 KeyIso - ok
15:12:35.0176 1788 [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:12:35.0192 1788 KSecDD - ok
15:12:35.0192 1788 [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:12:35.0207 1788 KSecPkg - ok
15:12:35.0238 1788 [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm C:\Windows\system32\msdtckrm.dll
15:12:35.0270 1788 KtmRm - ok
15:12:35.0285 1788 [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer C:\Windows\system32\srvsvc.dll
15:12:35.0332 1788 LanmanServer - ok
15:12:35.0363 1788 [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:12:35.0410 1788 LanmanWorkstation - ok
15:12:35.0441 1788 [ ABF90FC5A127F481219B873C1B8DFC1C ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
15:12:35.0457 1788 LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:12:35.0457 1788 LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:12:35.0488 1788 [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:12:35.0535 1788 lltdio - ok
15:12:35.0566 1788 [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:12:35.0597 1788 lltdsvc - ok
15:12:35.0628 1788 [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts C:\Windows\System32\lmhsvc.dll
15:12:35.0660 1788 lmhosts - ok
15:12:35.0691 1788 [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:12:35.0706 1788 LSI_FC - ok
15:12:35.0722 1788 [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:12:35.0738 1788 LSI_SAS - ok
15:12:35.0753 1788 [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:12:35.0753 1788 LSI_SAS2 - ok
15:12:35.0769 1788 [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:12:35.0784 1788 LSI_SCSI - ok
15:12:35.0800 1788 [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv C:\Windows\system32\drivers\luafv.sys
15:12:35.0831 1788 luafv - ok
15:12:35.0894 1788 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:12:35.0894 1788 MBAMProtector - ok
15:12:35.0956 1788 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:12:35.0972 1788 MBAMScheduler - ok
15:12:35.0987 1788 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
15:12:36.0018 1788 MBAMService - ok
15:12:36.0050 1788 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:12:36.0065 1788 Mcx2Svc - ok
15:12:36.0081 1788 [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas C:\Windows\system32\drivers\megasas.sys
15:12:36.0096 1788 megasas - ok
15:12:36.0112 1788 [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:12:36.0112 1788 MegaSR - ok
15:12:36.0143 1788 [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS C:\Windows\system32\mmcss.dll
15:12:36.0174 1788 MMCSS - ok
15:12:36.0206 1788 [ F001861E5700EE84E2D4E52C712F4964 ] Modem C:\Windows\system32\drivers\modem.sys
15:12:36.0237 1788 Modem - ok
15:12:36.0268 1788 [ 79D10964DE86B292320E9DFE02282A23 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:12:36.0299 1788 monitor - ok
15:12:36.0330 1788 [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:12:36.0346 1788 mouclass - ok
15:12:36.0362 1788 [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid C:\Windows\system32\drivers\mouhid.sys
15:12:36.0393 1788 mouhid - ok
15:12:36.0408 1788 [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:12:36.0424 1788 mountmgr - ok
15:12:36.0455 1788 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:12:36.0455 1788 MozillaMaintenance - ok
15:12:36.0486 1788 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio C:\Windows\system32\drivers\mpio.sys
15:12:36.0486 1788 mpio - ok
15:12:36.0502 1788 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:12:36.0549 1788 mpsdrv - ok
15:12:36.0580 1788 [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:12:36.0627 1788 MpsSvc - ok
15:12:36.0658 1788 [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:12:36.0689 1788 MRxDAV - ok
15:12:36.0720 1788 [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:12:36.0752 1788 mrxsmb - ok
15:12:36.0767 1788 [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:12:36.0767 1788 mrxsmb10 - ok
15:12:36.0783 1788 [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:12:36.0814 1788 mrxsmb20 - ok
15:12:36.0845 1788 [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci C:\Windows\system32\drivers\msahci.sys
15:12:36.0861 1788 msahci - ok
15:12:36.0876 1788 [ 55055F8AD8BE27A64C831322A780A228 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:12:36.0876 1788 msdsm - ok
15:12:36.0908 1788 [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC C:\Windows\System32\msdtc.exe
15:12:36.0939 1788 MSDTC - ok
15:12:36.0954 1788 [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:12:36.0970 1788 Msfs - ok
15:12:36.0986 1788 [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:12:37.0017 1788 mshidkmdf - ok
15:12:37.0048 1788 [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:12:37.0064 1788 msisadrv - ok
15:12:37.0095 1788 [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:12:37.0126 1788 MSiSCSI - ok
15:12:37.0126 1788 msiserver - ok
15:12:37.0157 1788 [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:12:37.0188 1788 MSKSSRV - ok
15:12:37.0204 1788 [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:12:37.0251 1788 MSPCLOCK - ok
15:12:37.0266 1788 [ F456E973590D663B1073E9C463B40932 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:12:37.0313 1788 MSPQM - ok
15:12:37.0329 1788 [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:12:37.0344 1788 MsRPC - ok
15:12:37.0360 1788 [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:12:37.0376 1788 mssmbios - ok
15:12:37.0376 1788 [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:12:37.0407 1788 MSTEE - ok
15:12:37.0422 1788 [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:12:37.0454 1788 MTConfig - ok
15:12:37.0469 1788 [ 159FAD02F64E6381758C990F753BCC80 ] Mup C:\Windows\system32\Drivers\mup.sys
15:12:37.0485 1788 Mup - ok
15:12:37.0516 1788 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent C:\Windows\system32\qagentRT.dll
15:12:37.0563 1788 napagent - ok
15:12:37.0594 1788 [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:12:37.0641 1788 NativeWifiP - ok
15:12:37.0688 1788 [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:12:37.0703 1788 NDIS - ok
15:12:37.0719 1788 [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:12:37.0766 1788 NdisCap - ok
15:12:37.0797 1788 [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:12:37.0828 1788 NdisTapi - ok
15:12:37.0859 1788 [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:12:37.0890 1788 Ndisuio - ok
15:12:37.0922 1788 [ 38FBE267E7E6983311179230FACB1017 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:12:37.0953 1788 NdisWan - ok
15:12:37.0984 1788 [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:12:38.0000 1788 NDProxy - ok
15:12:38.0078 1788 [ B90E093E7A7250906F1054418B5339C0 ] Nero BackItUp Scheduler 4.0 C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
15:12:38.0109 1788 Nero BackItUp Scheduler 4.0 - ok
15:12:38.0140 1788 [ D660376BD52DF3D33390ACAE9FA1A54C ] NeroMediaHomeService.4 C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
15:12:38.0156 1788 NeroMediaHomeService.4 - ok
15:12:38.0187 1788 [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:12:38.0234 1788 NetBIOS - ok
15:12:38.0249 1788 [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:12:38.0280 1788 NetBT - ok
15:12:38.0296 1788 [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon C:\Windows\system32\lsass.exe
15:12:38.0312 1788 Netlogon - ok
15:12:38.0343 1788 [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman C:\Windows\System32\netman.dll
15:12:38.0358 1788 Netman - ok
15:12:38.0374 1788 [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm C:\Windows\System32\netprofm.dll
15:12:38.0436 1788 netprofm - ok
15:12:38.0468 1788 [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:12:38.0483 1788 NetTcpPortSharing - ok
15:12:38.0499 1788 [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:12:38.0514 1788 nfrd960 - ok
15:12:38.0546 1788 [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc C:\Windows\System32\nlasvc.dll
15:12:38.0561 1788 NlaSvc - ok
15:12:38.0577 1788 [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:12:38.0592 1788 Npfs - ok
15:12:38.0624 1788 [ BA387E955E890C8A88306D9B8D06BF17 ] nsi C:\Windows\system32\nsisvc.dll
15:12:38.0639 1788 nsi - ok
15:12:38.0655 1788 [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:12:38.0686 1788 nsiproxy - ok
15:12:38.0733 1788 [ 198FF60A42802C319FBA58FDB13EEE49 ] nSvcIp C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
15:12:38.0748 1788 nSvcIp - ok
15:12:38.0795 1788 [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:12:38.0826 1788 Ntfs - ok
15:12:38.0858 1788 [ 170EE229D4DEF31DBE95348C9A88FE74 ] ntk_PowerDVD C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD.sys
15:12:38.0873 1788 ntk_PowerDVD - ok
15:12:38.0873 1788 [ F9756A98D69098DCA8945D62858A812C ] Null C:\Windows\system32\drivers\Null.sys
15:12:38.0904 1788 Null - ok
15:12:38.0936 1788 [ E54781F54ABCF18DCE0D39E78462A104 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys
15:12:38.0967 1788 nusb3hub - ok
15:12:38.0982 1788 [ AA4CC12E74B813347E8AB590B4C9DD8A ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:12:39.0029 1788 nusb3xhc - ok
15:12:39.0045 1788 [ B5E37E31C053BC9950455A257526514B ] NVENETFD C:\Windows\system32\DRIVERS\nvm62x32.sys
15:12:39.0092 1788 NVENETFD - ok
15:12:39.0138 1788 [ 77F9F9A199B87FE3F852E12F5419240B ] NVHDA C:\Windows\system32\drivers\nvhda32v.sys
15:12:39.0138 1788 NVHDA - ok
15:12:39.0326 1788 [ 2FA5434344AF84D73F66BA402FF78690 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:12:39.0513 1788 nvlddmkm - ok
15:12:39.0575 1788 [ 0219B05730635FCAB3A9925D3374C464 ] NVNET C:\Windows\system32\DRIVERS\nvmf6232.sys
15:12:39.0575 1788 NVNET - ok
15:12:39.0622 1788 [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:12:39.0622 1788 nvraid - ok
15:12:39.0638 1788 [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:12:39.0653 1788 nvstor - ok
15:12:39.0684 1788 [ 97778C3CB3AF6B2243648D0DCD4D8916 ] nvstor32 C:\Windows\system32\DRIVERS\nvstor32.sys
15:12:39.0684 1788 nvstor32 - ok
15:12:39.0731 1788 [ B785320CBCF5021DE9945C803696C511 ] nvsvc C:\Windows\system32\nvvsvc.exe
15:12:39.0747 1788 nvsvc - ok
15:12:39.0809 1788 [ D2B064796C369F82E96397F721C4A29D ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:12:39.0840 1788 nvUpdatusService - ok
15:12:39.0856 1788 [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:12:39.0856 1788 nv_agp - ok
15:12:39.0872 1788 [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:12:39.0903 1788 ohci1394 - ok
15:12:39.0934 1788 [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:12:39.0981 1788 p2pimsvc - ok
15:12:39.0996 1788 [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc C:\Windows\system32\p2psvc.dll
15:12:40.0043 1788 p2psvc - ok
15:12:40.0059 1788 [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:12:40.0074 1788 Parport - ok
15:12:40.0090 1788 [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:12:40.0090 1788 partmgr - ok
15:12:40.0106 1788 [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:12:40.0121 1788 Parvdm - ok
15:12:40.0137 1788 [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:12:40.0152 1788 PcaSvc - ok
15:12:40.0168 1788 [ 673E55C3498EB970088E812EA820AA8F ] pci C:\Windows\system32\drivers\pci.sys
15:12:40.0168 1788 pci - ok
15:12:40.0184 1788 [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide C:\Windows\system32\drivers\pciide.sys
15:12:40.0199 1788 pciide - ok
15:12:40.0215 1788 [ F396431B31693E71E8A80687EF523506 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:12:40.0230 1788 pcmcia - ok
15:12:40.0246 1788 [ 250F6B43D2B613172035C6747AEEB19F ] pcw C:\Windows\system32\drivers\pcw.sys
15:12:40.0262 1788 pcw - ok
15:12:40.0293 1788 [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:12:40.0340 1788 PEAUTH - ok
15:12:40.0371 1788 [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:12:40.0449 1788 PeerDistSvc - ok
15:12:40.0480 1788 [ 0ABC514F6606324CE15484D079027798 ] PfModNT C:\Windows\system32\drivers\PfModNT.sys
15:12:40.0496 1788 PfModNT ( UnsignedFile.Multi.Generic ) - warning
15:12:40.0496 1788 PfModNT - detected UnsignedFile.Multi.Generic (1)
15:12:40.0558 1788 [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla C:\Windows\system32\pla.dll
15:12:40.0620 1788 pla - ok
15:12:40.0652 1788 [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:12:40.0698 1788 PlugPlay - ok
15:12:40.0714 1788 [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:12:40.0745 1788 PNRPAutoReg - ok
15:12:40.0776 1788 [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:12:40.0776 1788 PNRPsvc - ok
15:12:40.0808 1788 [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:12:40.0854 1788 PolicyAgent - ok
15:12:40.0870 1788 [ F87D30E72E03D579A5199CCB3831D6EA ] Power C:\Windows\system32\umpo.dll
15:12:40.0901 1788 Power - ok
15:12:40.0932 1788 [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:12:40.0979 1788 PptpMiniport - ok
15:12:40.0995 1788 [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor C:\Windows\system32\drivers\processr.sys
15:12:41.0026 1788 Processor - ok
15:12:41.0057 1788 [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc C:\Windows\system32\profsvc.dll
15:12:41.0104 1788 ProfSvc - ok
15:12:41.0120 1788 [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:12:41.0120 1788 ProtectedStorage - ok
15:12:41.0166 1788 [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:12:41.0198 1788 Psched - ok
15:12:41.0213 1788 [ D24DFD16A1E2A76034DF5AA18125C35D ] PSI C:\Windows\system32\DRIVERS\psi_mf.sys
15:12:41.0229 1788 PSI - ok
15:12:41.0260 1788 [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:12:41.0307 1788 ql2300 - ok
15:12:41.0322 1788 [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:12:41.0338 1788 ql40xx - ok
15:12:41.0338 1788 [ 31AC809E7707EB580B2BDB760390765A ] QWAVE C:\Windows\system32\qwave.dll
15:12:41.0385 1788 QWAVE - ok
15:12:41.0400 1788 [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:12:41.0416 1788 QWAVEdrv - ok
15:12:41.0432 1788 [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:12:41.0478 1788 RasAcd - ok
15:12:41.0494 1788 [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:12:41.0525 1788 RasAgileVpn - ok
15:12:41.0541 1788 [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto C:\Windows\System32\rasauto.dll
15:12:41.0588 1788 RasAuto - ok
15:12:41.0603 1788 [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:12:41.0634 1788 Rasl2tp - ok
15:12:41.0681 1788 [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan C:\Windows\System32\rasmans.dll
15:12:41.0697 1788 RasMan - ok
15:12:41.0712 1788 [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:12:41.0744 1788 RasPppoe - ok
15:12:41.0744 1788 [ 44101F495A83EA6401D886E7FD70096B ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:12:41.0790 1788 RasSstp - ok
15:12:41.0806 1788 [ D528BC58A489409BA40334EBF96A311B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:12:41.0853 1788 rdbss - ok
15:12:41.0868 1788 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:12:41.0884 1788 rdpbus - ok
15:12:41.0900 1788 [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:12:41.0931 1788 RDPCDD - ok
15:12:41.0962 1788 [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:12:41.0978 1788 RDPDR - ok
15:12:42.0009 1788 [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:12:42.0040 1788 RDPENCDD - ok
15:12:42.0071 1788 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:12:42.0102 1788 RDPREFMP - ok
15:12:42.0134 1788 [ 68A0387F58E226DEEE23D9715955572A ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:12:42.0165 1788 RdpVideoMiniport - ok
15:12:42.0180 1788 [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:12:42.0227 1788 RDPWD - ok
15:12:42.0258 1788 [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:12:42.0274 1788 rdyboost - ok
15:12:42.0305 1788 [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess C:\Windows\System32\mprdim.dll
15:12:42.0321 1788 RemoteAccess - ok
15:12:42.0352 1788 [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:12:42.0368 1788 RemoteRegistry - ok
15:12:42.0399 1788 [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:12:42.0446 1788 RpcEptMapper - ok
15:12:42.0461 1788 [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator C:\Windows\system32\locator.exe
15:12:42.0492 1788 RpcLocator - ok
15:12:42.0524 1788 [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs C:\Windows\system32\rpcss.dll
15:12:42.0555 1788 RpcSs - ok
15:12:42.0570 1788 [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:12:42.0617 1788 rspndr - ok
15:12:42.0648 1788 [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap C:\Windows\system32\drivers\vms3cap.sys
15:12:42.0680 1788 s3cap - ok
15:12:42.0695 1788 [ 81951F51E318AECC2D68559E47485CC4 ] SamSs C:\Windows\system32\lsass.exe
15:12:42.0711 1788 SamSs - ok
15:12:42.0726 1788 [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:12:42.0742 1788 sbp2port - ok
15:12:42.0758 1788 [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:12:42.0804 1788 SCardSvr - ok
15:12:42.0804 1788 [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:12:42.0836 1788 scfilter - ok
15:12:42.0867 1788 [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule C:\Windows\system32\schedsvc.dll
15:12:42.0929 1788 Schedule - ok
15:12:42.0945 1788 [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:12:42.0960 1788 SCPolicySvc - ok
15:12:42.0976 1788 [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:12:42.0992 1788 SDRSVC - ok
15:12:43.0023 1788 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:12:43.0038 1788 secdrv - ok
15:12:43.0054 1788 [ A59B3A4442C52060CC7A85293AA3546F ] seclogon C:\Windows\system32\seclogon.dll
15:12:43.0085 1788 seclogon - ok
15:12:43.0163 1788 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
15:12:43.0194 1788 Secunia PSI Agent - ok
15:12:43.0226 1788 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
15:12:43.0257 1788 Secunia Update Agent - ok
15:12:43.0272 1788 [ DCB7FCDCC97F87360F75D77425B81737 ] SENS C:\Windows\System32\sens.dll
15:12:43.0319 1788 SENS - ok
15:12:43.0335 1788 [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:12:43.0382 1788 SensrSvc - ok
15:12:43.0413 1788 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:12:43.0413 1788 Serenum - ok
15:12:43.0428 1788 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:12:43.0460 1788 Serial - ok
15:12:43.0475 1788 [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:12:43.0491 1788 sermouse - ok
15:12:43.0522 1788 [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv C:\Windows\system32\sessenv.dll
15:12:43.0569 1788 SessionEnv - ok
15:12:43.0584 1788 [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:12:43.0616 1788 sffdisk - ok
15:12:43.0616 1788 [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:12:43.0631 1788 sffp_mmc - ok
15:12:43.0631 1788 [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:12:43.0647 1788 sffp_sd - ok
15:12:43.0662 1788 [ DB96666CC8312EBC45032F30B007A547 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:12:43.0678 1788 sfloppy - ok
15:12:43.0709 1788 [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:12:43.0756 1788 SharedAccess - ok
15:12:43.0787 1788 [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:12:43.0834 1788 ShellHWDetection - ok
15:12:43.0850 1788 [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp C:\Windows\system32\drivers\sisagp.sys
15:12:43.0865 1788 sisagp - ok
15:12:43.0896 1788 [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:12:43.0912 1788 SiSRaid2 - ok
15:12:43.0928 1788 [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:12:43.0928 1788 SiSRaid4 - ok
15:12:43.0959 1788 [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:12:43.0990 1788 Smb - ok
15:12:44.0037 1788 [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:12:44.0052 1788 SNMPTRAP - ok
15:12:44.0052 1788 [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr C:\Windows\system32\drivers\spldr.sys
15:12:44.0068 1788 spldr - ok
15:12:44.0099 1788 [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler C:\Windows\System32\spoolsv.exe
15:12:44.0146 1788 Spooler - ok
15:12:44.0208 1788 [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc C:\Windows\system32\sppsvc.exe
15:12:44.0286 1788 sppsvc - ok
15:12:44.0302 1788 [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:12:44.0333 1788 sppuinotify - ok
15:12:44.0364 1788 [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:12:44.0411 1788 srv - ok
15:12:44.0427 1788 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:12:44.0442 1788 srv2 - ok
15:12:44.0458 1788 [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:12:44.0489 1788 srvnet - ok
15:12:44.0520 1788 [ 64E44ACD8C238FCBBB78F0BA4BDC4B05 ] ssadbus C:\Windows\system32\DRIVERS\ssadbus.sys
15:12:44.0567 1788 ssadbus - ok
15:12:44.0583 1788 [ BB2C84A15C765DA89FD832B0E73F26CE ] ssadmdfl C:\Windows\system32\DRIVERS\ssadmdfl.sys
15:12:44.0583 1788 ssadmdfl - ok
15:12:44.0614 1788 [ 6D0D132DDC6F43EDA00DCED6D8B1CA31 ] ssadmdm C:\Windows\system32\DRIVERS\ssadmdm.sys
15:12:44.0630 1788 ssadmdm - ok
15:12:44.0645 1788 [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:12:44.0692 1788 SSDPSRV - ok
15:12:44.0723 1788 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
15:12:44.0723 1788 ssmdrv - ok
15:12:44.0739 1788 [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:12:44.0786 1788 SstpSvc - ok
15:12:44.0817 1788 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
15:12:44.0832 1788 ssudmdm - ok
15:12:44.0879 1788 [ 00FCEC4DA4198F5F2B9BBD9225842568 ] Stereo Service C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:12:44.0895 1788 Stereo Service - ok
15:12:44.0926 1788 [ DB32D325C192B801DF274BFD12A7E72B ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:12:44.0926 1788 stexstor - ok
15:12:44.0957 1788 [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc C:\Windows\System32\wiaservc.dll
15:12:45.0004 1788 StiSvc - ok
15:12:45.0035 1788 [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:12:45.0035 1788 storflt - ok
15:12:45.0051 1788 [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:12:45.0066 1788 storvsc - ok
15:12:45.0082 1788 [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:12:45.0098 1788 swenum - ok
15:12:45.0113 1788 [ A28BD92DF340E57B024BA433165D34D7 ] swprv C:\Windows\System32\swprv.dll
15:12:45.0144 1788 swprv - ok
15:12:45.0160 1788 [ F2AD8960812FD111E20E84659EF19D43 ] Synth3dVsc C:\Windows\system32\drivers\Synth3dVsc.sys
15:12:45.0160 1788 Synth3dVsc - ok
15:12:45.0191 1788 [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain C:\Windows\system32\sysmain.dll
15:12:45.0222 1788 SysMain - ok
15:12:45.0238 1788 [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:12:45.0269 1788 TabletInputService - ok
15:12:45.0300 1788 [ 613BF4820361543956909043A265C6AC ] TapiSrv C:\Windows\System32\tapisrv.dll
15:12:45.0332 1788 TapiSrv - ok
15:12:45.0363 1788 [ B799D9FDB26111737F58288D8DC172D9 ] TBS C:\Windows\System32\tbssvc.dll
15:12:45.0394 1788 TBS - ok
15:12:45.0441 1788 [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:12:45.0472 1788 Tcpip - ok
15:12:45.0503 1788 [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:12:45.0534 1788 TCPIP6 - ok
15:12:45.0566 1788 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:12:45.0597 1788 tcpipreg - ok
15:12:45.0628 1788 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:12:45.0659 1788 TDPIPE - ok
15:12:45.0675 1788 [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:12:45.0690 1788 TDTCP - ok
15:12:45.0706 1788 [ B459575348C20E8121D6039DA063C704 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:12:45.0737 1788 tdx - ok
15:12:45.0753 1788 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:12:45.0768 1788 TermDD - ok
15:12:45.0768 1788 [ 052306FD76793D5D5AB5D9891FD1ADBB ] terminpt C:\Windows\system32\drivers\terminpt.sys
15:12:45.0815 1788 terminpt - ok
15:12:45.0831 1788 [ 382C804C92811BE57829D8E550A900E2 ] TermService C:\Windows\System32\termsrv.dll
15:12:45.0862 1788 TermService - ok
15:12:45.0878 1788 [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes C:\Windows\system32\themeservice.dll
15:12:45.0909 1788 Themes - ok
15:12:45.0924 1788 [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER C:\Windows\system32\mmcss.dll
15:12:45.0940 1788 THREADORDER - ok
15:12:45.0987 1788 [ 0407143F2BBC1A5DD5B518AC0704FCBF ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
15:12:46.0002 1788 TomTomHOMEService - ok
15:12:46.0018 1788 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks C:\Windows\System32\trkwks.dll
15:12:46.0065 1788 TrkWks - ok
15:12:46.0112 1788 [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:12:46.0158 1788 TrustedInstaller - ok
15:12:46.0190 1788 [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:12:46.0252 1788 tssecsrv - ok
15:12:46.0268 1788 [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:12:46.0314 1788 TsUsbFlt - ok
15:12:46.0330 1788 [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:12:46.0330 1788 TsUsbGD - ok
15:12:46.0346 1788 [ 045ACB987C650D8186C6B4A692223860 ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
15:12:46.0377 1788 tsusbhub - ok
15:12:46.0424 1788 [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:12:46.0439 1788 tunnel - ok
15:12:46.0455 1788 [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:12:46.0470 1788 uagp35 - ok
15:12:46.0486 1788 [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:12:46.0517 1788 udfs - ok
15:12:46.0548 1788 [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:12:46.0564 1788 UI0Detect - ok
15:12:46.0595 1788 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:12:46.0611 1788 uliagpkx - ok
15:12:46.0611 1788 [ D295BED4B898F0FD999FCFA9B32B071B ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:12:46.0626 1788 umbus - ok
15:12:46.0642 1788 [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass C:\Windows\system32\drivers\umpass.sys
15:12:46.0673 1788 UmPass - ok
15:12:46.0689 1788 [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService C:\Windows\System32\umrdp.dll
15:12:46.0736 1788 UmRdpService - ok
15:12:46.0751 1788 [ 833FBB672460EFCE8011D262175FAD33 ] upnphost C:\Windows\System32\upnphost.dll
15:12:46.0798 1788 upnphost - ok
15:12:46.0829 1788 [ 8BF5D980CDCE35FB26F05047144BB57E ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
15:12:46.0876 1788 USBAAPL - ok
15:12:46.0892 1788 [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp C:\Windows\system32\drivers\usbccgp.sys
15:12:46.0923 1788 usbccgp - ok
15:12:46.0923 1788 [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:12:46.0938 1788 usbcir - ok
15:12:46.0938 1788 [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:12:46.0970 1788 usbehci - ok
15:12:47.0001 1788 [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:12:47.0001 1788 usbhub - ok
15:12:47.0016 1788 [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:12:47.0048 1788 usbohci - ok
15:12:47.0063 1788 [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint C:\Windows\system32\drivers\usbprint.sys
15:12:47.0094 1788 usbprint - ok
15:12:47.0126 1788 [ F991AB9CC6B908DB552166768176896A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:12:47.0157 1788 USBSTOR - ok
15:12:47.0172 1788 [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:12:47.0204 1788 usbuhci - ok
15:12:47.0235 1788 [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:12:47.0266 1788 usbvideo - ok
15:12:47.0297 1788 [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms C:\Windows\System32\uxsms.dll
15:12:47.0328 1788 UxSms - ok
15:12:47.0360 1788 [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc C:\Windows\system32\lsass.exe
15:12:47.0360 1788 VaultSvc - ok
15:12:47.0391 1788 [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:12:47.0406 1788 vdrvroot - ok
15:12:47.0422 1788 [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds C:\Windows\System32\vds.exe
15:12:47.0469 1788 vds - ok
15:12:47.0484 1788 [ 17C408214EA61696CEC9C66E388B14F3 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:12:47.0500 1788 vga - ok
15:12:47.0500 1788 [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:12:47.0531 1788 VgaSave - ok
15:12:47.0531 1788 VGPU - ok
15:12:47.0531 1788 [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:12:47.0547 1788 vhdmp - ok
15:12:47.0578 1788 [ C829317A37B4BEA8F39735D4B076E923 ] viaagp C:\Windows\system32\drivers\viaagp.sys
15:12:47.0578 1788 viaagp - ok
15:12:47.0594 1788 [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
15:12:47.0625 1788 ViaC7 - ok
15:12:47.0640 1788 [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide C:\Windows\system32\drivers\viaide.sys
15:12:47.0656 1788 viaide - ok
15:12:47.0672 1788 [ C2F2911156FDC7817C52829C86DA494E ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:12:47.0687 1788 vmbus - ok
15:12:47.0703 1788 [ D4D77455211E204F370D08F4963063CE ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
15:12:47.0734 1788 VMBusHID - ok
15:12:47.0750 1788 [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:12:47.0765 1788 volmgr - ok
15:12:47.0781 1788 [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:12:47.0796 1788 volmgrx - ok
15:12:47.0812 1788 [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:12:47.0828 1788 volsnap - ok
15:12:47.0859 1788 [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:12:47.0874 1788 vsmraid - ok
15:12:47.0906 1788 [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS C:\Windows\system32\vssvc.exe
15:12:47.0968 1788 VSS - ok
15:12:47.0984 1788 [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:12:47.0999 1788 vwifibus - ok
15:12:48.0015 1788 [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:12:48.0046 1788 vwififlt - ok
15:12:48.0077 1788 [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time C:\Windows\system32\w32time.dll
15:12:48.0108 1788 W32Time - ok
15:12:48.0124 1788 [ DE3721E89C653AA281428C8A69745D90 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:12:48.0140 1788 WacomPen - ok
15:12:48.0171 1788 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:12:48.0202 1788 WANARP - ok
15:12:48.0202 1788 [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:12:48.0233 1788 Wanarpv6 - ok
15:12:48.0280 1788 [ 691E3285E53DCA558E1A84667F13E15A ] wbengine C:\Windows\system32\wbengine.exe
15:12:48.0311 1788 wbengine - ok
15:12:48.0327 1788 [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:12:48.0358 1788 WbioSrvc - ok
15:12:48.0374 1788 [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:12:48.0405 1788 wcncsvc - ok
15:12:48.0405 1788 [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:12:48.0452 1788 WcsPlugInService - ok
15:12:48.0483 1788 [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd C:\Windows\system32\drivers\wd.sys
15:12:48.0483 1788 Wd - ok
15:12:48.0530 1788 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:12:48.0561 1788 Wdf01000 - ok
15:12:48.0576 1788 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:12:48.0608 1788 WdiServiceHost - ok
15:12:48.0623 1788 [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:12:48.0623 1788 WdiSystemHost - ok
15:12:48.0639 1788 [ A9D880F97530D5B8FEE278923349929D ] WebClient C:\Windows\System32\webclnt.dll
15:12:48.0670 1788 WebClient - ok
15:12:48.0701 1788 [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:12:48.0732 1788 Wecsvc - ok
15:12:48.0748 1788 [ AC804569BB2364FB6017370258A4091B ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:12:48.0764 1788 wercplsupport - ok
15:12:48.0779 1788 [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc C:\Windows\System32\WerSvc.dll
15:12:48.0826 1788 WerSvc - ok
15:12:48.0857 1788 [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:12:48.0873 1788 WfpLwf - ok
15:12:48.0888 1788 [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:12:48.0904 1788 WIMMount - ok
15:12:48.0935 1788 [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:12:48.0966 1788 WinDefend - ok
15:12:48.0966 1788 WinHttpAutoProxySvc - ok
15:12:49.0013 1788 [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:12:49.0044 1788 Winmgmt - ok
15:12:49.0091 1788 [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM C:\Windows\system32\WsmSvc.dll
15:12:49.0154 1788 WinRM - ok
15:12:49.0200 1788 [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:12:49.0232 1788 WinUsb - ok
15:12:49.0263 1788 [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:12:49.0310 1788 Wlansvc - ok
15:12:49.0325 1788 [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
15:12:49.0356 1788 WmiAcpi - ok
15:12:49.0388 1788 [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:12:49.0419 1788 wmiApSrv - ok
15:12:49.0481 1788 [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:12:49.0544 1788 WMPNetworkSvc - ok
15:12:49.0544 1788 [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:12:49.0590 1788 WPCSvc - ok
15:12:49.0590 1788 [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:12:49.0653 1788 WPDBusEnum - ok
15:12:49.0653 1788 [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:12:49.0700 1788 ws2ifsl - ok
15:12:49.0731 1788 [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc C:\Windows\System32\wscsvc.dll
15:12:49.0746 1788 wscsvc - ok
15:12:49.0746 1788 WSearch - ok
15:12:49.0793 1788 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
15:12:49.0840 1788 wuauserv - ok
15:12:49.0887 1788 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:12:49.0902 1788 WudfPf - ok
15:12:49.0918 1788 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:12:49.0949 1788 WUDFRd - ok
15:12:49.0980 1788 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:12:49.0996 1788 wudfsvc - ok
15:12:50.0012 1788 [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:12:50.0043 1788 WwanSvc - ok
15:12:50.0043 1788 ================ Scan global ===============================
15:12:50.0074 1788 [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
15:12:50.0105 1788 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:12:50.0105 1788 [ D70FE45855CAD4C0C6B1C1426ABDEBA9 ] C:\Windows\system32\winsrv.dll
15:12:50.0136 1788 [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
15:12:50.0152 1788 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
15:12:50.0152 1788 [Global] - ok
15:12:50.0152 1788 ================ Scan MBR ==================================
15:12:50.0168 1788 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:12:50.0729 1788 \Device\Harddisk0\DR0 - ok
15:12:50.0760 1788 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:12:50.0854 1788 \Device\Harddisk1\DR1 - ok
15:12:50.0854 1788 ================ Scan VBR ==================================
15:12:50.0870 1788 [ 8832BEAF60B07F79C566A373B32E404C ] \Device\Harddisk0\DR0\Partition1
15:12:50.0870 1788 \Device\Harddisk0\DR0\Partition1 - ok
15:12:50.0885 1788 [ 82E872EDDE61F7112CDB9CE8B2671D0B ] \Device\Harddisk0\DR0\Partition2
15:12:50.0885 1788 \Device\Harddisk0\DR0\Partition2 - ok
15:12:50.0916 1788 [ E8D6018992C312C317DB1951DD8EF08A ] \Device\Harddisk1\DR1\Partition1
15:12:50.0916 1788 \Device\Harddisk1\DR1\Partition1 - ok
15:12:50.0916 1788 ============================================================
15:12:50.0916 1788 Scan finished
15:12:50.0916 1788 ============================================================
15:12:50.0932 1500 Detected object count: 3
15:12:50.0932 1500 Actual detected object count: 3
15:19:28.0092 1500 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:28.0092 1500 Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:28.0092 1500 LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:28.0092 1500 LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:19:28.0092 1500 PfModNT ( UnsignedFile.Multi.Generic ) - skipped by user
15:19:28.0092 1500 PfModNT ( UnsignedFile.Multi.Generic ) - User select action: Skip

Gruß
josuhasottie